Showing posts sorted by date for query Europe. Sort by relevance Show all posts
Showing posts sorted by date for query Europe. Sort by relevance Show all posts

Chinese Hackers Eavesdropping European Diplomats Before G20 Summit

Posted by Avik Sarkar On 12/13/2013 01:23:00 am

Researchers At FireEye Found -Chinese Hackers Snitching  Europeans Before G20 Summit 
Story of cyber espionage by Chinese hackers used to remain one of most highest pick of breakneck. Yet again another breathtaking issue of  eavesdropping by Chinese hackers get spot light, when  California-based renounced computer security firm FireEye Inc have figured out that a group of Chinese hackers eavesdropped on the computers of five European foreign ministries before last September's G20 Summit, which was dominated by the Syrian crisis. From the detailed analysis we came to know that the hackers have infiltrated the ministries' computer networks by sending emails to staff containing tainted files with titles such as "US_military_options_in_Syria," which sells virus fighting technology to companies. Whenever the targeted recipients opened those documents, they loaded malicious code on to their personal computers. Researchers of FireEye said that they were able to monitor the "inner workings" of the main computer server used by the hackers to conduct their reconnaissance and move across compromised systems for about a week in the late August. But suddenly they lost access to the hackers after they moved to another server shortly before the G20 Summit in St. Petersburg, Russia
Though the company has declined in open press to identify the nations whose ministries were hacked, although it said they were all members of the European Union. But FireEye informed the FBI about the whole issue in details. FireEye also confirmed that the hackers where from China, but they did not find evidence which may link those hackers to the Chinese government. Not surprisingly and obviously like earlier the Chinese government has distanced itself from any claim that it might have hacked foreign governments for data. FireEye also successfully monitor several dozen hacking groups operating in China, most of which they suspect of having ties to the government. The firms also suspect the hacking groups of stealing intellectual property for commercial gain. The researchers had been following the hackers behind the Syria-related attack for several years, but this is the first time the group's activities have been publicly documented. The company calls the group "Ke3chang," after the name of one of the files it uses in one of its pieces of malicious software"The theme of the attacks was U.S. military intervention in Syria," said FireEye researcher Nart Villeneuv. 
On reaction Chinese Foreign Ministry spokesman Hong Lei said- "U.S. internet companies are keen on hyping up the so-called hacker threat from China, but they never obtain irrefutable proof, and what so-called evidence they do get is widely doubted by experts. This is neither professional nor responsible," 
While talking in this story of Chinese eavesdropping, I also want to dig some points from decent parts where we all became very habituated of seeing Europe & U.S. countries blaming China for engaging cyber attacks; and China also do the same for accusing U.S. like vice versa. I am reviving your memories of last few years where If you look at the story of major cyber attacks of this year we will find that the name of China has been involved several times for engaging cyber attacks against several high profile websites and organization of U.S. including New York TimesTwitterNBC and so on. And if you refresh our memory then then we will find the scenario of big cyber attack and espionage by Chinese hackers have been spotted several times. In 2012 Chinese hackers had  breached Telvent's corporate network & gained control of US Power Grid. Also in the middle of last year, we have seen that Chinese hackers have broken into Indian Navy's Computer System & stolen sensitive data. Few months before this hack, Tokyo based computer security firm Trend Micro confirmed that Chinese hackers were responsible for biggest cyber-espionage in India, Japan & Tibet. Also the director of National Security Agency (NSA) General Keith Alexander confirmed that hackers from China was responsible for the serious attack on one of the leading IT security & cyber security company RSA. Also in 2011 China was responsible behind the attack on US Chamber of CommerceSatellite System of U.SNortel Network & so on.  But few days ago National Computer Network Emergency Response Coordination Center of China (CNCERT/CC), China's primary computer security monitoring network claimed that China fallen victim of one of biggest cyber attacks originated from US, Japan & South Korea. We must have to say that this statement is truly irrelevant. Cyber crime investigator have found that China was directly responsible for the hack into Japan's Biggest Defense Contractor MitsubishiJapan Aerospace Exploration Agency (JAXA) & Parliament of Japan. In case of South Korea  more than 13 Million of MapleStory players data has been stolen, there also hackers from China was responsible.  

Before I conclude, I request you to closely look at the above mentioned stories, you will find China majorly responsible for eavesdropping & security breach. On the same side China also been effected by the same way. So in conclusion, we cant put a full stop in this chain of cyber attacks, hackingeavesdropping, as it comes from both end. So this exciting episode will be continued like it does. If you want to stay updated then don't forget to stay tuned with VOGH



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Microsoft Along With FBI & EC3 Shattered The Notorious ZeroAccess Botnet

Posted by Avik Sarkar On 12/08/2013 01:14:00 am

Microsoft Along With FBI & EC3 Shattered The Notorious ZeroAccess Botnet Responsible For Infecting More Than 2 Million Computers
Redmond based software giant Microsoft yet again got a huge success against a big racket of cyber criminals while shattering one of the world's largest and most rampant botnets named 'ZeroAccess'. The Sirefef botnet, also known as ZeroAccess, is responsible for infecting more than 2 million computers, specifically targeting search results on Google, Bing and Yahoo search engines, and is estimated to cost online advertisers $2.7 million each month. Tech giant Microsoft working alongside the Federal Bureau of Investigation (FBI), Europol's European Cybercrime Centre (EC3) have successfully disrupted this notorious botnet. This is Microsoft’s first botnet action since the Nov. 14 unveiling of its new Cybercrime Center — a center of excellence for advancing the global fight against cyber crime — and marks the company’s eighth botnet operation in the past three years.

“This operation marks an important step in coordinated actions that are initiated by private companies and, at the same time, enable law enforcement agencies around Europe to identify and investigate the criminal organizations and networks behind these dangerous botnets that use malicious software to gain illicit profits,” said Troels Oerting, head of the EC3. “EC3 added its expertise, information communications technology infrastructure and analytic capability, as well as provided the platform for high-level cooperation between cyber crime units in five European countries and Microsoft.”
Due to its botnet architecture, ZeroAccess is one of the most robust and durable botnets in operation today and was built to be resilient to disruption efforts, relying on a peer-to-peer infrastructure that allows cyber criminals to remotely control the botnet from tens of thousands of different computers. ZeroAccess is used to commit a slew of crimes, including search hijacking, which “hijacks” people’s search results and redirects people to sites they had not intended or requested to go to in order to steal the money generated by their ad clicks. ZeroAccess also commits click fraud, which occurs when advertisers pay for clicks that are not the result of legitimate, interested human users’ clicks, but are the result of automated Web traffic and other criminal activity. Research by the University of California, San Diego shows that as of October 2013, 1.9 million computers were infected with ZeroAccess, and Microsoft determined there were more than 800,000 ZeroAccess-infected computers active on the Internet on any given day.



How It Happened:- 
Last week, Microsoft filed a civil suit against the cyber criminals operating the ZeroAccess botnet and received authorization from the U.S. District Court for the Western District of Texas to simultaneously block incoming and outgoing communications between computers located in the U.S. and the 18 identified Internet Protocol (IP) addresses being used to commit the fraudulent schemes. In addition, Microsoft took over control of 49 domains associated with the ZeroAccess botnet. A10 Networks provided Microsoft with advanced technology to support the disruptive action.
As Microsoft executed the order filed in its civil case, Europol coordinated a multijurisdictional criminal action targeting the 18 IP addresses located in Europe. Specifically, Europol worked with Latvia, Luxembourg, Switzerland, the Netherlands and Germany to execute search warrants and seizures on computer servers associated with the fraudulent IP addresses located in Europe. This is the second time in six months that Microsoft and law enforcement have worked together to successfully disrupt a prevalent botnet. It demonstrates the value coordinated operations have against cyber criminal enterprises. For more information about this botnet operation click here

ZeroAccess is counted as a very sophisticated malware, blocking attempts to remove it, therefore recommended for every Microsoft user to click Here for detailed instructions on how to remove this threat. As Microsoft found that the ZeroAccess malware disables security features on infected computers, leaving the computer susceptible to secondary infections, it is critical that victims rid their computers of ZeroAccess by using malware removal or antivirus software as quickly as possible. 
In conversation with press David Finn, executive director and associate general counsel of the Microsoft Digital Crimes Unit said -“Microsoft is committed to working collaboratively — with our customers, partners, academic experts and law enforcement — to combat cybercrime. And we’ll do everything we can to protect computer users from the sinister activities and criminal networks that victimize innocent people and businesses around the world.” 

While talking about ZeroAccess botnet take down, I would like to remind you that in Match, last year Microsoft has successfully shutdown two command and control (C&C) server of world's of the most dangerous banking trojan Zeus.


SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Australia Joined 38 Other Nations as Part of an International Cybercrime Treaty

Posted by Avik Sarkar On 3/09/2013 03:55:00 am

Australia Joined 38 Other Nations as Part of an International Cybercrime Treaty

Sitting at the edge of the latest technology, today we can easily separate our world into two parts. One is the real world where we live and another is the virtual or cyber world, in which we all are tightly attached. As these two fields are the prime factor where we have to stay happily so the matter of safety, security is highly required on the both said areas. Being one of the leading cyber media, our main concern is the cyber domain,  so we are worried as well are responsible and committed to server our readers. In this period of time many of us feel terrified to engage themselves in the cyber space due to lack of security and privacy, and also keeping in mind the major disaster done by cyber criminals. But how long? To get rid of that not only we the media people but also the sincere government of several countries make themselves committed to prepare a safe cyber world for the people. Earlier we have seen several developed countries came under a shade, in order to make an united shield to protect this cyber domain and its people. Today that shield got a new member. Yes it is Australia who has now formally joined 38 other nations as a party to the world's first international treaty on crimes committed via the internet. This deceleration came from the Attorney-General Mark Dreyfus. In his speech he said "Australia becoming a party to the Council of Europe Convention on Cybercrime will help combat criminal offences relating to forgery, fraud, child pornography, and infringement of copyright and intellectual property" 
By joining the Convention, Australian law enforcement agencies will be able to rapidly obtain data about communications relevant to cybercrimes from partner agencies around the world. With the Convention now in effect, Australia's investigative agencies are able to use new powers contained in the Cybercrime Legislation Amendment Act 2012 to work with cybercrime investigators around the globe. The Act amended certain Commonwealth cybercrime offences and enabled domestic agencies to access and share information relating to international investigations. Dreyfus says the Act also created new privacy protections, safeguards and reporting requirements for the exercise of new and existing powers.
"A warrant is always required to access the content of a communication whether the information is in Australia, or accessed from overseas under the Cybercrime Convention. The Cybercrime Act and the Cybercrime Convention do not impact in any way on the need to have a warrant to access content from a telephone call, SMS or e-mail." -Dreyfus said in his statement.


-Source (ZDNet)




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

3 Russian Cyber Criminal Who Was The Master Mind of Banking Trojan 'Gozi' Charged in New York

Posted by Avik Sarkar On 2/01/2013 08:53:00 pm

3 Russian Cyber Criminal Who Was The Master Mind of Banking Trojan 'Gozi' Charged in New York 

Yet again another serious issue of cyber crime get resolved when the FBI tracked and figured out the master mind of infamous 'Gozi banking Trojan' which effected more than millions of system world wide, including a handful at NASA, leading to tens of millions of dollars in lost banking funds and damages to computer systems and networks. Three alleged international cyber criminals from Russia, responsible for creating and distributing 'Gozi' that infected over one million computers and caused tens of millions of dollars in losses charged in Manhattan Federal Court. Mihai Ionut Paunescu aged 28, a Romanian, Deniss Calovskis, 27, a Latvian, and Nikita Vladimirovich Kuzmin, 25, of the Russian Federation, are charged with computer intrusion, conspiracy to commit bank and wire fraud and access device fraud. Federal authorities said the three were arrested last week; Kuzmin is being held in New York, while Paunescu is in custody in Romania and Calovskis in Latvia. 
According to the press release of FBI -Deniss Calovskis, a/k/a “Miami,” a Latvian national who allegedly wrote some of the computer code that made the Gozi virus so effective, was arrested in Latvia in November 2012. Mihai Ionut Paunescu, a/k/a “Virus,” a Romanian national who allegedly ran a “bulletproof hosting” service that enabled cyber criminals to distribute the Gozi virus, the Zeus trojan, and other notorious malware and to conduct other sophisticated cyber crimes, was arrested in Romania in December 2012. 

The cases are being handled by the Complex Frauds Unit of the United States Attorney’s Office. Assistant United States Attorneys Sarah Lai, Nicole Friedlander, and Thomas G.A. Brown, along with Trial Attorney Carol Sipperly of the Computer Crime and Intellectual Property Section of the Department of Justice on the Paunescu case, are in charge of the prosecution. The charges contained in the Indictments are merely accusations, and the defendants are presumed innocent unless and until proven guilty.

DefendantAge and ResidenceChargesMaximum Penalty
Nikita Kuzmin25; Moscow, RussiaConspiracy to commit bank fraud; bank fraud; conspiracy to commit access device fraud; access device fraud; conspiracy to commit computer intrusion; computer intrusion95 years in prison
Deniss Calovskis27; Riga, LatviaConspiracy to commit bank fraud; conspiracy to commit access device fraud; conspiracy to commit computer intrusion; conspiracy to commit wire fraud; conspiracy to commit aggravated identity theft67 years in prison
Mihai Ionut Paunescu28; Bucharest, RomaniaConspiracy to commit computer intrusion; conspiracy to commit bank fraud; conspiracy to commit wire fraud60 years in prison


Brief About Gozi:-
The Gozi virus is malicious computer code, or “malware,” that steals personal bank account information, including usernames and passwords, from the users of affected computers. It was named by private sector information security experts in the U.S. who, in 2007, discovered that previously unrecognized malware was stealing personal bank account information from computers across Europe on a vast scale, while remaining virtually undetectable in the computers it infected. To date, the Gozi virus has infected over one million victim computers worldwide, among them at least 40,000 computers in the U.S., including computers belonging to the National Aeronautics and Space Administration (NASA), as well as computers in Germany, Great Britain, Poland, France, Finland, Italy, Turkey, and elsewhere, and it has caused tens of millions of dollars in losses to the individuals, businesses, and government entities whose computers were infected.

The Gozi virus was distributed to victims’ computers in several different ways. In one method, the virus was disguised as an apparently benign .pdf document which, when opened, secretly installed the Gozi virus on the victim’s computer. Once installed, the Gozi virus—which was intentionally designed to be undetectable by anti-virus software—collected data from the infected computer in order to capture personal bank account information including usernames and passwords. That data was then transmitted to various computer servers controlled by the cyber criminals who used the Gozi virus. These cyber criminals then used the personal bank account information to transfer funds out of the victims’ bank accounts and ultimately into their own personal possession.


For Detailed Information Click Here


SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

EU Opens The Door of European Cybercrime Centre (EC3) To Protect Europe From Cyber Threat

Posted by Avik Sarkar On 1/13/2013 05:51:00 pm

EU Opens The Door of European Cybercrime Centre (EC3) To Protect Europe From Cyber Threat

We all are aware of FBI's Internet Crime Complaint Center also known as IC3, which is protecting U.S. citizen from cyber criminals and attacks. But the cyber world is not limited to U.S. so as cyber criminals, and to get rid of this and while protecting every countries digital fence safe and secure there need to be organizations like IC3. All the growing and developing countries across the globe are in rush to ensue maximum digital and cyber security. This same rush and impact also applies for Europe countries and the result is in front of us. As the fight against cyber crime in Europe has got a new home. The European Cybercrime Centre (EC3) officially open its doors from this January 11, at the European Police Office, Europol in the Hague. In the middle of last year European Commission declared that are preparing a cybercrime center to fight against cyber threats. And after an effort of six months they made it possible and live for the people of Europe. Such organization will surely enhance the cyber security of European countries.  In the official press release EUROPA said "EC3 will be up and running to help protect European citizens and businesses from cyber-crime." 

EC3 officially commenced its activities on 1 January 2013 with a mandate to tackle the following areas of cybercrime: 
  • That committed by organised groups to generate large criminal profits such as online fraud
  • That which causes serious harm to the victim such as online child sexual exploitation
  • That which affects critical infrastructure and information systems in the European Union

According to the press release of European Commission - "The Cybercrime Centre will give a strong boost to the EU's capacity to fight cybercrime and defend an internet that is free, open and secure. Cybercriminals are smart and quick in using new technologies for criminal purposes; the EC3 will help us become even smarter and quicker to help prevent and fight their crimes", said Commissioner Malmström.
"In combatting cybercrime, with its borderless nature and huge ability for the criminals to hide, we need a flexible and adequate response. The European Cybercrime Centre is designed to deliver this expertise as a fusion centre, as a centre for operational investigative and forensic support, but also through its ability to mobilise all relevant resources in EU Member States to mitigate and reduce the threat from cybercriminals wherever they operate from", said Troels Oerting, Head of the European Cybercrime Centre
Investigations into online fraud, child abuse online and other cybercrimes regularly involve hundreds of victims at a time, and suspects in many different parts of the world. Operations of this magnitude cannot be successfully concluded by national police forces alone.
The opening of the European Cybercrime Centre (EC3) marks a significant shift in how the EU has been addressing cybercrime so far. Above all, the approach of the EC3 will be more forward-thinking and inclusive. It will pool expertise and information, support criminal investigations and promote EU-wide solutions.
The EC3 will focus on illegal online activities carried out by organised crime groups, especially attacks targeting e-banking and other online financial activities, online child sexual exploitation and those crimes that affect the critical infrastructure and information systems in the EU.
The Centre will also facilitate research and development and ensure capacity building among law enforcement, judges and prosecutors and will produce threat assessments, including trend analyses, forecasts and early warnings. In order to dismantle more cybercrime networks and prosecute more suspects, the EC3 will gather and process cybercrime related data and will provide a Cybercrime Help desk for EU countries' law enforcement units. It will offer operational support to EU countries (e.g. against intrusion, fraud, online child sexual abuse, etc.) and deliver high-level technical, analytical and forensic expertise in EU joint investigations. 

For Detailed Information Please Visit The Official Website of Europol's EC3 



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

WikiLeaks Releases 'Detainee Policies' The Dark History of U.S. Post-9/11 Military Prisoners

Posted by Avik Sarkar On 10/26/2012 05:59:00 am

WikiLeaks Releases 'Detainee Policies' The Dark History of U.S. Post-9/11 Military Prisoners 

The WikiLeaks website began publishing the 'Detainee Policies' on Thursday what it said more than 100 classified or otherwise restricted files from the United States Department of Defense covering the rules and procedures for detainees in U.S. military custody. “The Detainee Policies,” a collection of more than a hundred once-secret files outlining America’s military detainee practices from Guantanamo to Iraq since 2002. WikiLeaks says it plans to release the files in chronological order to paint a picture of the evolution of America’s military detainee practices since September 11th in prisons from Guantanamo to Iraq to Europe. Unlike other recent releases, with the Detainee Policies WikiLeaks seems to be focusing on history more than news: Its first release is the 2002 Guantanamo Camp Delta standard operating procedure manual, a kind of prequel to the 2003 and 2004 manuals from camp it’s already published in past years. Other documents in the collection, WikiLeaks says, will show American attempts to “disappear” detainees by delaying the process of entering them into the detainment system’s records, or detail psychological torture methods. According to WikiLeaks official site - "Over the next month, WikiLeaks will release in chronological order the United States’ military detention policies followed for more than a decade. The documents include the Standard Operating Procedures (SOPs) of detention camps in Iraq and Cuba, interrogation manuals and Fragmentary Orders (FRAGOs) of changes to detainee policies and procedures. A number of the ’Detainee Policies’ relate to Camp Bucca in Iraq, but there are also Department of Defense-wide policies and documents relating to Abu Ghraib, Guantanamo Bay and European U.S. Army Prison facilities." 
According to the press release of WikiLeaks :-  The previously unpublished 2002 manual went on to shape successive years in the Guantanamo Bay prison complex and other U.S. military prisons around the world, such as Abu Ghraib. "This document is of significant historical importance. Guantanamo Bay has become the symbol for systematised human rights abuse in the West with good reason," said WikiLeaks founder Julian Assange. "But how is it that WikiLeaks has now published three years of Guantanamo Bay operating procedures, but the rest of the world’s press combined has published none?"
In relation to Iraq, the release includes Operation Orders (OPORD) regarding policies for screening and interrogating detainees. The documents also include routine instructions relating to staffing, scheduling of legal visitation, procedures for administering medical treatment, how medical records and daily staff journals are to be kept, cigarette rationing and what items are "authorised for detainee possession".
A number of what can only be described as ’policies of unaccountability’ will also be released. One such document is the 2005 document ’Policy on Assigning Detainee Internment Serial Numbers’. This document is concerned with discreetly ’disappearing’ detainees into the custody of other U.S. government agencies while keeping their names out of U.S. military central records – by systematically holding off from assigning a prisoner record number (ISN). Even references to this document are classified "SECRET//NOFORN". Detainees may be disposed of in this manner without leaving a significant paper trail.
Another formal policy of unaccountability is a 2008 Fragmentary Order that minimises the record-keeping surrounding interrogations. Following revelations of torture tapes and pictures from Abu Ghraib and the political scandal over the destruction of Central Intelligence Agency interrogation tapes, the FRAGO eliminates "the requirement to record interrogation sessions at Theatre Internment Facilities". Although the FRAGO goes on to state that interrogations that take place at Division Internment Facilities and Brigade Internment Facilities must be recorded, it then states that these should be "purged within 30 days". This policy was subsequently reversed by the new Obama administration.
WikiLeaks founder Julian Assange said: "The ’Detainee Policies’ show the anatomy of the beast that is post-9/11 detention, the carving out of a dark space where law and rights do not apply, where persons can be detained without a trace at the convenience of the U.S. Department of Defense. It shows the excesses of the early days of war against an unknown ’enemy’ and how these policies matured and evolved, ultimately deriving into the permanent state of exception that the United States now finds itself in, a decade later."
A number of documents relate to the policies surrounding the interrogation of detainees (2004, 2005, 2008). Direct physical violence is prohibited, in writing, but a formal policy of terrorising detainees during interrogations, combined with a policy of destroying interrogation recordings, has led to abuse and impunity. We learn of policies that apply to international forces: a 13-page interrogation policy document from 2005 relates to all personnel in the Multi-National Force–Iraq (MNF–I). It details "approved" "interrogation approaches". The documents detail the promotion of exploitative techniques such as the "Emotional Love Approach: Playing on the love a detained person has for family, homeland or comrades". In the "Fear Up (Harsh)" approach, by contrast, "the interrogator behaves in an overpowering manner with a loud and threatening voice in order to convince the source he does indeed have something to fear; that he has no option but to co-operate".
The ’Detainee Policies’ provide a more complete understanding of the instructions given to captors as well as the ’rights’ afforded to detainees. We call upon lawyers, NGOs, human rights activists and the public to mine the ’Detainee Policies’ and investigate important issues such as the denial of access to the ICRC (International Committee of the Red Cross) to detainee facilities, as well as to research and compare the different generations of SOPs and FRAGOs to help us better understand the evolution in these policies and why they have occurred. Publicise your findings using the hashtag #WLfindDP
Here we want to give you reminder that earlier in this year we got several leaks from WikiLeaks, among them -SpyFilesGI Files (Global Intelligence Files & Five Million E-mails From Stratfor) & The Syria Files Containing 2.5 Million Emails of Syrian Politicians, Govt, Ministries & Companies.  


For detailed information & to download to latest release by WikiLeaks on 'Detainee Policies' Click Here



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Facebook Outage in Many European Countries Not Caused By Anonymous But DNS Problem

Posted by Avik Sarkar On 10/14/2012 06:26:00 pm

Facebook Outage in Many European Countries Not Caused By Anonymous But DNS Problem 

World's most popular and largest social network Facebook faced another downtime. This time the outage effected millions of users in European countries including Denmark, France, NorwayGermany and Italy. After June this is the second outage which effected large number of Facebook users. Last time Facebook users faced disturbance while using their favorite social network. Facebook users across the globe experienced log-in difficulties for several hour. But this time, the social networking giant remain down for a decent time. The outage may have caused Facebook’s share price to go down. For a site with 900 million users worldwide, even a minor outage has a huge effect. Like the June issue, here also hacker collective came first and took credit of the outage. According to a twitter account of the hacktivist group named  Anonymous Own3r, took responsibility of the outage, In his tweet he claimed to figure out several vulnerabilities in Facebook, which causes the outage. In a pastebin note, the hacker publishes those so called vulnerabilities. Also in his tweet the hacker claimed to have control in many servers owned by Facebook. 

But Facebook completely denies the hacker attack & said the cause of the outage was nothing but DNS issue, neither hacker attack nor DDoS.  Here we want yo give you reminder that i2011 Anonymous openly declared to take down Facebook. The operation was dubbed #Op-Facebook and Anonymous told that they will hit FB on the 5th of November last year. But in reality it was just a threat and as expected Anonymous failed to execute Operation Facebook. Later in June this year, Anonymous took credit for a couple of hours outage of Facebook, and here again Anonymous affiliated member repeated the same story, which again proves completely baseless, and in short it was nothing but a publicity stunt. 

In case of large social network like Facebook, such kind of DNS issues can be happened. Whatever immediately after this outage Facebook released a statement saying -
"There has not been a hack of Facebook. We have investigated these claims, and they are not valid. The evidence cited was produced by an automated vulnerability scanner that alerts developers of potential vulnerability, and we have found these all to be false alerts.
We expect Anonymous just like we expect any other attack on any other day. Due to our size, we face the same threats as seen everywhere else on the Web, but we have developed partnerships, back-end systems, and protocols to confront the full range of security challenges we face. Facebook has always been committed to protecting our users’ information, and we will continue to innovate and work tirelessly to defend this data.
Earlier (Thursday), we made a change to DNS as part of a traffic-optimization test, and that change resulted in some users being temporarily misrouted. We detected and resolved the issue immediately, but a small number of users located primarily in Western Europe experienced issues accessing the site while the DNS addresses repopulated. We are now back to 100 percent, and we apologize for any inconvenience..."



-Source (All Facebook)




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

LinuxCon & Embedded Linux Conference Europe 2012 Schedule Announced

Posted by Avik Sarkar On 9/15/2012 03:47:00 pm

LinuxCon & Embedded Linux Conference Europe 2012 Schedule Announced 

The Linux Foundation declared the schedule of for the second LinuxCon Europe event, which will take place from 5 to 7 November in Barcelona, in Hotel Fira Palace, has been posted on the conference's web site. LinuxCon Europe will bring together the best and brightest that the Linux community has to offer, including community developers, system administrators, business executives and operations experts. LinuxCon Europe will deliver attendees top notch speaking talent (from across Europe and around the globe), innovative and abundant program content, and a wide variety of opportunities to connect with peers. Keynote speakers include Canonical founder Mark Shuttleworth and Eucalyptus CEO MÃ¥rten Mickos. The conference will also feature a discussion of the latest technical advancements in the Linux kernel between Linus Torvalds and Intel's Chief of Linux and Open Source Technologies Dirk Hondel. Scheduled talks include Google's Theodore Ts'o speaking on "Optimizing File System Performance When Memory is Tight" and a talk by Intel developer Marcel Holtmann on new challenges for network support in embedded and consumer applications of Linux. Red Hat employee Ric Wheeler is heading a panel of developers from several SSD caching projects who will discuss how SSDs can be used in Linux as caches for more traditional storage media. Projects that are covered in the schedule include LibreOffice, OpenStack, oVirt, LXC, systemd and Qt. 
Also the schedule for the co-located Embedded Linux Conference Europe has also been posted by Linux Foundation. Last year Embedded Linux Conference Europe (ELCE) took place at October in Prague. 


-Source (The-H & Linux Foundation)






SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Hackers Shutdown Several Swedish Government Websites (#OpFreeAssange)

Posted by Avik Sarkar On 9/04/2012 03:34:00 pm

Hackers Shutdown Several Swedish Government Websites (#OpFreeAssange)

Operation Free Assange dubbed '#OpFreeAssange' continues. After British Home Office, Ministry of Justice and Hertfordshire Police now the supporter of  WikiLeaks have targeted several Swedish government websites. As expected here also the attacker follows the same mechanism and that is massive denial of service (DDoS), which effected the websites of the Swedish government portal, Armed Forces and the Swedish Institute. Niklas Englund, head of digital media at the Swedish Armed Forces, said it was unclear who was behind the so-called denial-of-service attacks, in which websites are overwhelmed with bogus traffic. But he noted that an unidentified group urging Sweden to take its ‘‘hands off Assange’’ claimed responsibility on Twitter. So far it is not clear whether the hacker is linked with infamous hacker collective group Anonymous. But we all know that not only Anon, but also hackers from different part of the world has already joined  #OpFreeAssange. This protest has becoming wilder day by day as activist are hitting hundreds & thousands of websites based on Europe, mainly UK everyday. 
Wikileaks founder Julian Assange has been sheltering at Ecuador’s Embassy in Britain since June 19 in an effort to avoid extradition to Sweden, where prosecutors want to question the founder of the secret-spilling WikiLeaks site over alleged sex crimes.





SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Outage Day -Google Talk & Twitter Knocked Offline For Hours

Posted by Avik Sarkar On 7/27/2012 12:05:00 am

Outage Day -Google Talk & Twitter Knocked Offline For Hours 

Yet again social networking giant Twitter faced massive cyber attacks which interrupts its normal service. Millions of people across the planet were having problems while accessing Twitter on Thursday, a day before the 2012 Olympic Games are expected to cause a spike in use of the micro-blogging site. The San Francisco-based company acknowledged the problem, saying "Users may be experiencing issues accessing Twitter. Our engineers are currently working to resolve the issue". Visitors to the site were greeted with a half-formed message partially in code saying that "Twitter is currently down."
At the time of outage, VOGH team took the above screen shot which clearly indicating that twitter was indeed down. Sluggishness or outages were reported from countries in North America, Europe, Asia, Latin America, the Middle East, and Africa. Some users were apparently able to post updates known as 'tweets' through their phones or third-party  applications. About an hour after issues were first spotted, service appeared to be restored in parts of the U.S. and Asia, but users elsewhere continued to report problems. So far Twitter did not confirmed the reason of this disturbance. But its predictable that the cause of this outage was either cyber attack or some kind of technical issues. We also like to remind you that, this is not the first time; last month a hacker collective group named UG Nazi performed massive denial of service attack which send Twitter offline for a certain peroid. 

_________

Not only Twitter, Google Talk the popular instant messaging service used by millions across the world, suffered a massive outage lasting over four hours. The outage, which started around 4PM India time, affected users across the world. Millions of Google Talk users around the globe reported that they could log into the service, saw their contacts with the respective status but failed to send messages to them. Some other users could not log in. Google immediately acknowledged that Google Talk service was having some issues at 4.10pm, saying, "We're investigating reports of an issue with Google Talk."
The service is not only used by people to keep in touch with friends but has also become a popular way to interact with co-workers in offices.
According to Google, the service was restored around 8.25pm. "Google Talk service has already been restored for some users, and we expect a resolution for all users in the near future. Please note this time frame is an estimate and may change," said the company. Nearly 40 minutes after this message, the company declared that Google Talk service was fully restored. "The problem with Google Talk should be resolved. We apologize for the inconvenience and thank you for your patience and continued support. Please rest assured that system reliability is a top priority at Google, and we are making continuous improvements to make our systems better," it said. Earlier, Google responded fast to the problem. 
"We're aware of a problem with Google Talk affecting a majority of users. The affected users are able to access Google Talk, but are seeing error messages and/or other unexpected behavior. We will provide an update by 7/26/12 5.20pm detailing when we expect to resolve the problem. Please note that this resolution time is an estimate and may change," the company said on the status page of Google Talk app. After that the company provided hourly report on the outage.
However, like Twitter Google also did not explain what caused the outage and how many users were affected by it.


-Source (TOI)



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

DDoS Attack Send Twitter Offline, Lady Hacker Named 'Cosmo' From 'UGNazi' Took Responsibility

Posted by Avik Sarkar On 6/24/2012 05:41:00 pm

DDoS Attack Send Twitter Offline, Lady Hacker Named 'Cosmo' From 'UGNazi' Took Responsibility

One of the world famous and widely used social network Twitter again faced cyber attack. This time the site was unavailable for over 30 minutes in countries all over the world from Europe through to Asia. As expected the reason behind this outage is massive denial of service attack. According to the report of Telegraph an infamous hacker group named Underground Nazi also known as UG Nazi affiliated with hacktivist LulzSec, immediately, claimed responsibility for the downage attributing it to a prolonged DDoS attack. A lady hacker codenamed Cosmo, claimed taking down the site had been 'surprisingly simple'. "It wasn't really difficult at all, I myself honestly thought Twitter would be more protected from a DDoS Attack, but I guess not," she added. 
Meanwhile twitter completely denied the whole phenomena. A spokesman for Twitter said the issue was caused by 'a cascaded bug in one of our infrastructure components'. He declined to say whether it was a technical failure or a malicious attack.




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Microsoft Introduced Dedicated Windows Phone Store (Waha Store) in UAE

Posted by Avik Sarkar On 4/18/2012 10:50:00 pm

Microsoft Introduced Dedicated Windows Phone Store (Waha Store) in UAE 
Software giant Microsoft in collaboration with global wireless distributor Brightpoint Middle East has launched a dedicated Windows Phone E-commerce store in the United Arab Emirates. The site, named the Waha Store (after oasis) will provide a convenient, reliable and centralized destination for consumers across the country to purchase the latest Windows Phones from a variety of OEMs. Shoppers will have the opportunity to compare various models, read reviews, and watch demo videos. The Waha user interface mirrors the Windows Phone experience, enabling shoppers to immediately familiarize with the operating system and ‘Metro’ design style. Shoppers will also have the opportunity to compare various models, read reviews, and watch demo videos, to get a good understanding of the product range and features. The site’s integrated social media platform will bring people together, by allowing them to make recommendations and share their activities with friends, family and colleagues.
The newly-designed user navigation reflects how people work, play and communicate: so-called hubs (such as contacts, photos, and games), bundle applications and the internet are organised into useful topic areas and help users to efficiently manage their work and private life.
Anurag Gupta, president of Brightpoint Europe, Middle East and Africa, said: “Our expertise in offering e-commerce and supply chain solutions will make Waha the go-to place for all UAE customers who have been awaiting a well-functioning channel to access Windows Phones. We look forward to supporting Waha’s launch in other countries in the Middle East and Africa, as we continue to expand our presence in the region.”
“We are very pleased to bring Windows Phones to early-adopter smartphone consumers in the UAE, where there has been growing excitement about the launch,” said Samer Ramez Abu-Ltaif, regional general manager, Microsoft Gulf Region. “Customers need a dependable way to obtain accurate information on, and securely purchase, the latest mobile handsets; and Waha Store provides exactly that – your Windows Phone oasis.” Unfortunately the store precedes the availability of the Windows Phone Marketplace in the region, but this will become available in the UAE “in the next few months.”




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Utah Department of Health Hacked- Over 181,000 Records & 25,000 SSNs Stolen

Posted by Avik Sarkar On 4/09/2012 12:56:00 pm

Utah Department of Health Hacked- Over 181,000 Records & 25,000 SSN Stolen
Friday Utah Department of Health officials confirms that hackers who broke into state computers last weekend stole far more medical records than originally thought, and the data likely includes Social Security numbers of children who have received public assistance. It has been found that 181,604 Medicaid/CHIP recipients have had their personal information stolen & also 25,096 have had their Social Security numbers (SSNs) compromised. The information was stolen from a new server at the Health Department, Weiss said. Although the state has multiple layers of security on every server, a technician installed a password that wasn't as secure as needed. The agency is cooperating with law enforcement in a criminal investigation. The hackers, who are believed to be located in Eastern Europe, breached the server in question on March 30, 2012. DTS had recently moved the claims records to a new server, which had a configuration error at the authentication level, allowing hackers to circumvent the security system. DTS says it shut down the affected server, implemented new security measures, is reviewed every server in the state to ensure proper security measures are in place, identified where the breakdown occurred, and has implemented new processes to ensure this type of breach will not happen again.
“We understand clients are worried about who may have accessed their personal information, and that many of them feel violated by having their information compromised,” UDOH Deputy Director Michael Hales said in a statement. “But we also hope they understand we are doing everything we can to protect them from further harm.” Clients whose information was stolen will be alerted, with the first priority being those whose Social Security numbers were taken, Health Department spokesman Tom Hudachko said. The department is offering free credit monitoring for a year to anyone who information was stolen and has established a hotline for concerned clients to call.



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

DuckDuckGo Trying To Beat Google With Simplicity & Strict Privacy Protections Features

Posted by Avik Sarkar On 4/03/2012 01:53:00 pm

DuckDuckGo Trying To Beat Google With Simplicity & Strict Privacy Protections Features 

Nowadays Google is facing massive criticism  for changes Google made in the way it displays search results, putting content from Google’s social network, Google Plus, up front and center, even when it doesn’t seem to make sense. Add to that concerns from users and regulators over Google’s new privacy policy, and Google search has had a difficult 2012 so far, to say the least. In contrast, the fortunes of a relatively unknown search engine focused on privacy, called DuckDuckGo, have never been better. DuckDuckGo, which promotes its simplicity and strict privacy protections over competitors, has experienced a record surge in traffic over the past three months, up 227 percent to nearly 1.5 million unique searches daily. DuckDuckGo’s founder Gabriel Weinberg said that he knew the tide was turning when his four-year-old search engine saw a million searches per day on February 14. In terms of U.S. search market, DuckDuckGo only accounts for an estimated 0.1 percent of all search traffic, according to results from tracking firm comScore. But it’s worth pointing out that fully half of DuckDuckGo’s traffic comes from overseas, mostly Europe, according to Weinberg. Another big change coming: DuckDuckGo plans to launch redesigned mobile apps for iOS (iPhone/iPad) and Android devices within the next 5 months. DuckDuckGo was launched in 2008, when Google’s stranglehold on the global search was reaching its current plateau.




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

European Parliament Proposed Strict Punishment For Hackers

Posted by Avik Sarkar On 4/02/2012 03:18:00 am

European Parliament Proposed Strict Punishment For Hackers 

Europe countries are now taking cyber crimes more seriously. Recently The Civil Liberties Committee of the European Parliament has backed a draft law which immediately increases punishment for cyber criminals for attacks on IT systems within EU member states to at least two years of prison. Possessing or distributing hacking software and tools would also be regarded as an offense, and companies would be liable for cyber attacks committed for their benefit. If an attacker engaged a Denial of Service attack (DoS) or an attack through botnet, then immediately he will be sent behind bar for at-least five years
The proposal, which would update existing EU legislation on cyber attacks, was approved with by 50 votes in favour, 1 against and 3 abstentions. "We are dealing here with serious criminal attacks, some of which are even conducted by criminal organizations. The financial damage caused for companies, private users and the public side amounts to several billions each year" said rapporteur Monika Hohlmeier (EPP, DE). "No car manufacturer may send a car without a seatbelt into the streets. And if this happens, the company will be held liable for any damage. These rules must also apply in the virtual world" she added. 
  • Other Punishable Offenses :- 
IP spoofing-
Using another person's electronic identity (e.g. by "spoofing" their IP address), to commit an attack, and causing prejudice to the rightful identity owner would also be an aggravating circumstance - for which MEPs say Member States must set a maximum penalty of at least three years. MEPs also propose tougher penalties if the attack is committed by a criminal organisation and/or if it targets critical infrastructure such as the IT systems of power plants or transport networks. However, no criminal sanctions should apply to "minor cases", i.e. when the damage caused by the offence is insignificant.
Cyber-attack tools -
The proposal also targets tools used to commit offences: the production or sale of devices such as computer programs designed for cyber-attacks, or which find a computer password by which an information system can be accessed, would constitute criminal offences. Liability of legal persons Legal persons would be liable for offences committed for their benefit (e.g. a company would be liable for hiring a hacker to get access to a competitor's database), whether deliberately or through a lack of supervision. They would also face penalties such as exclusion for entitlement to public benefits or judicial winding-up. To resist cross-border cyber-attacks, Member States need to ensure that their networks of national contact points are available round the clock, and can respond to urgent requests within a maximum of eight hours, says the text.
Background -
Large-scale cyber-attacks took place in Estonia in 2007 and Lithuania in 2008. In March 2009, public and private sector IT systems in more than 103 countries were attacked using a "zombie" network of compromised, infected computers.
Next steps -
The Rapporteur aims for a political agreement between Parliament and Council on this Directive by the summer.


-Source (European Parliament / News)



 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Related Posts Plugin for WordPress, Blogger...

Site search