Showing posts sorted by date for query cyber theft. Sort by relevance Show all posts
Showing posts sorted by date for query cyber theft. Sort by relevance Show all posts

The U.S. Food & Drug Administration (FDA) Hack - What is Big Pharma Hiding From You?

Posted by Avik Sarkar On 2/10/2014 07:32:00 pm

The Food & Drug Administration (FDA) Hack - What is Big Pharma Hiding From You?
During the summer of last year, there was a growing controversy surrounding the FDA’s request to hackers to expose holes in medical devices security, such as insulin devices and other wireless and computer connected home and hospital devices. Understandably, many hackers and security experts were not particularly keen to attempt or test the security of these devices, for fear of incorrect perception, and potential outcry. In December last year, the FDA was itself the target of an hacking operation, in particular the system used by pharmaceutical companies to input data on drug tests, results, clinical trials, and so on. Whether this was an attack by cyber thieves, as the FDA claims, or hacktivists remains to be seen. 

Corporate Theft or Exposing the Truth?
The FDA of course, was quick to denounce the attack as a cyber theft. The information reported to have been accessed included medical trial data, marketing information and strategy, and information about drug manufacturing. While on the surface, we could very well accept that this could be a simple case of corporate espionage, it is worth remembering that any company that wants drug approval in the US has to go through the FDA first. Is running the risk of potentially alienating the very body that approves your products a strategy that a multi billion dollar pharmaceutical company would really undertake? While it can’t be rules out as a possibility, unless the hackers come forward, it does seem unlikely. It’s also important to remember that there is a large amount of controversy surrounding the pharmaceutical industry all over the world, but especially in the states. Could hacktivists have been responsible for the attack? If so, what could be the causes for such as attack? As we will see, there may be more than we might initially think.

Practice and Method - How Big Pharma Operates
In the US alone, it is estimated that around 70% of the population takes prescription drugs. Given the amount of people in the US is estimated to be over 300 million, that is a staggering number. With such a large amount of people taking these drugs, addiction rates are rising rapidly - so much so, that currently prescription addicts are more common than illegal drug addicts. It is a very real problem that continues to be skirted around by the US regulators and administration. In fact, where as knowing the signs of heroin or crack cocaine addiction were important pieces of information for people who suspected they may have an addict among friends or family, the same is now true for widely available prescription drugs, and many Americans are being encouraged to learn more about the potential causes and signs of prescription drug abuse, by drug charities and non profit institutions.
At the center of this problem lies the pharmaceutical industry. Adverts for medications are common, and standard practice for getting new drugs to market includes rigging clinical trials to get the desired results in clever ways that do not outright break the law, invasive marketing schemes on family doctors and consumers, where doctors will often be offered ‘sweeteners’ such as free lunches, travel to events, or even help building their reputation as speakers at industry funded conferences. The FDA is also, despite being an independent regulatory body, often effectively ‘bought out’ by companies looking to get drugs to market fast. There is the additional problem that all drug test data is not available for public consumption, meaning academics and doctors are unable to view results of tests or trials for themselves. This has led to a number of large law suits in the US, and around the world, as well as in extreme cases, deaths directly related to withheld side affects of new drugs.

Coincidence or Calculated?
We might then speculate on the nature of the accessed data once again. Bearing in mind the nature of how the industry operates, and the information that was accessed, we could quite easily draw a link between the two, and surmise that the hack may well have been the work of a hacktivist movement. Of course, there is no way to prove whether this was the case or not, but given the ambitious actions of a number of groups over the last few years, it certainly can’t be ruled out.

Disclaimer:- At perfection Team VOGH felicitate Eve Halton for sharing this luminous article with our readers. Eve is a very much passionate Fleet Street, she  has done her graduation in International Business and Journalism. Eve, this time also you have done eminent job, we love you :)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Cupid Media Network Breach Exposes 42 Million Passwords in Plain Text

Posted by Avik Sarkar On 11/30/2013 03:30:00 am

Cupid Media Network Breach Exposes 42 Million Passwords in Plain Text (Uunencrypted)

Cupid Media one of the leading niche online dating network that have more than 35 large online dating website, faced a massive intrusion that effects more than 42 million of its registered users. From an exclusive report of Kerbs On Security we came to know that the breach was taken earlier in this year. Where the hackers managed to gain access into the crucial servers belongings to Cupid Media network. According to the managing director of Cupid Media, Mr Andrew Bolton - "In January we detected suspicious activity on our network and based upon the information that we had available at the time, we took what we believed to be appropriate actions to notify affected customers and reset passwords for a particular group of user accounts.” After a preliminary investigation it has been found that the purloined database of Australia-based niche dating service Cupid Media was found on the same server where hackers had amassed tens of millions of records stolen from AdobeMore than 42 million peoples' unencrypted names, dates of birth, email addresses and passwords have been found from the pinched database. I am very much wearied to see that a high value site like Cupid is unconcerned about the basic security counter measure. Even their confidential tables remained unencrypted which allows the hacker to gain the personal information in plain text. Like the Cupid Media security team, the registered users also found very much inadvertent and unaware of basic security measures. I am saying this because of the leaked passwords, almost two million picked "123456", and over 1.2 million chose "111111". "iloveyou" and "lovely" both beat out "password", and while 40,000 chose "qwerty", 20,000 chose the bottom row of the keyboard instead - yielding the password "zxcvbnm"
Jason Hart of famous data protection firm Safenet said "The true impact of the breach is likely to be huge. Yet, if this data had been encrypted in the first place then all hackers would have found is scrambled information, rendering the theft pointless."
This security breach of Cupid Media reminds us  the decent history of breach where we have seen a slew of attacks against the following sites: Drupal.org  Scribd, Guild Wars 2, Gamigo, Blizzard, Yahoo, LinkedIn, eHarmony, Formspring, Android Forums, Gamigo,  Nvidia,Blizzard, Philips, Zynga, VMWare, Adobe,  Twitter,  New York Times, Apple and so on. While covering this story on behalf of VOGH, I am warning our readers across the globe to use strong alphanumeric passwords to avoid such disaster. Also the webmasters and security administrator are highly recommended to use salted encryption in their database to prevent fortuitousness cyber attack


SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Stratfor Hacker Jeremy Hammond Sentenced to 120 Months in Prison

Posted by Avik Sarkar On 11/17/2013 06:30:00 pm

LulzSec Hacker Jeremy Hammond Sentenced to 120 Months in Prison For Stratfor Hack

Infamous hacker Jeremy Hammond convicted by the Judge for cyber-attacks on government agencies and businesses, including a global intelligence company. This 28 year old Chicago hacker who is also known as "Anarchaos" was arrested by the federal authorities and been charged for the  breach of the security analysis company Stratfor. In December last year the bail application of Hammond was also been rejected by the the U.S. District Judge Loretta Preska. On June this year Hammond pleaded guilty for his sin. In his statement he said "I have pleaded guilty, it is a relief to be able to say that I did work with Anonymous to hack Stratfor, among other websites." 
That guilty plea indeed worked out for him, as that time it was predicated that Hammond  might have to face 30 years in prison, but on Friday Judge Loretta Preska sentenced Hammond to 120 months in federal prison and three years of supervised release for illegally accessing computers systems of law enforcement agencies and government contractors. In an emotional proceeding that lasted more than 2 hours in a Manhattan federal court room on Friday, victims and relatives of Hammond railed against the FBI and shed tears on his behalf following the sentencing. One overwrought person claiming to be a victim was forcibly escorted from the court by officers. But Hammond likely knew the sentence was coming, his lawyer said. "When Jeremy took this plea with a 10-year maximum, I think he understood this was very likely the outcome," said Sarah Kunstler, Hammond's defense attorney outside of court house.
Chief U.S. District Judge Loretta A. Preska said Hammond's digital handiwork had compromised thousands of people's personal and financial data, including the unpublished phone numbers and addresses of law enforcement, who then received threats. Hammond tried unsuccessfully to argue that his actions were politically motivated, she said. Hammond pleaded guilty to a single charge with a 10-year maximum sentence. Still his lawyers are asking to reduce his punishment for a sentence of 20 months.
Hammond has been held without bail since his arrest in March on charges connected with last year's hacking of Strategic Forecasting, or Stratfor, an Austin, Texas-based international intelligence broker, by AntiSec, an offshoot of LulzSec, which is in turn an offshoot of the hacktivist collective AnonymousProsecutors say the hack of Austin, Texas-based Strategic Forecasting resulted in the theft of 60,000 credit-card numbers and records for 860,000 clients. The government alleges that he published some of that information online, and used some of the stolen credit card data to run up at least $700,000 in unauthorized charges. He is also accused of giving about five million internal emails to WikiLeaks, which were published under the name The Global Intelligence Files.


-Source (Fox News)



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

'The Secret Files'- Hackers Exposed Personal Details of Celebrities, Public Figure, FBI Director & National Leaders

Posted by Avik Sarkar On 3/18/2013 04:15:00 am

'The Secret Files'- Hackers Exposed Personal Details of Celebrities, Public Figure, FBI Director & National Leaders 

Yet again celebrities fallen victim to cyber attack, no this time not the nude photo but confidential personal information. Renowned public figure, national leaders, celebrities like Kim Kardashian, US Vice President Joe Biden, Hillary Clinton, Mel Gibson, Michelle Obama, Ashton Kutcher, Jay Z, Beyoncé, Paris Hilton, Britney Spears, Sarah Palin, Hulk Hogan, Donald Trump and Arnold Schwarzenegger together became prey. The list does not end here, the hacker catches two more big fishes in his net and they are head of the Los Angeles police force Charlie Beck and FBI Director Robert Mueller. Many of you might be astonished of how such big public figure, including Vice President, FBI Director became victim in single round of cyber attack! Let me tell you what exactly happened- the hacked data dubbed "The Secret Files" by the hackers contains personal information and credit reports (including social security numbers, details of their mortgages, addresses, and details of their credit card and banking details) was made public by those hackers on a new website, as shown in the picture below. 

The hacker left a message or in other word a satire while saying "The Secret Files - If you believe that God makes miracles, you have to wonder if Satan has a few up his sleeve." Such hack, is very rare, where numbers of big fish get caught. The nature of this hack can be categorized as a clear identity theft. But the question is how? Well the answer is some of the United States' top credit bureaus have come forward and acknowledged that fraudulent and unauthorized access to the records of well-known figures have taken place. Most of the reports were apparently obtained from one of the three major U.S. credit ratings agencies Equifax, TransUnion and Experian — via a special Internet portal they maintain for the public to check their own credit ratings. All three companies have said that some of their reports had been fraudulently accessed since Monday by someone using personal data about the victims. Security experts said that suggests the attack is a “social hack” rather than a classic cyber security data breach


-Source (Sophos & WT)




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

White House Calls China to Stop Hacking & Cyber Espionage Against U.S.

Posted by Avik Sarkar On 3/15/2013 12:49:00 am

White House Calls China to Stop Hacking & Cyber Espionage Against U.S.

The story of cyber espionage by Chinese hackers used to remain on the spot light due to its consistency, but now the situation get nasty and takes a new way as the national security adviser of U.S. President Obama directly pointed his finger to China. Many of our readers might take this issue lightly as earlier China has been blamed for engaging cyber attacks against different countries for many times. But this time there is a twist as the U.S. government vows to take the issue in a very serious manner. In his speech the national security advisory Tom Donilon said that "The international community cannot afford to tolerate such activity from any country," Like earlier China has denied any type of involvement and condemned the report for lack of hard evidence. But this time such reaction will not at all be entertained as the president said in the State of the Union, "we will take action to protect our economy against cyberthreats." The above two statements can be taken in both friendly warning or also in a serious threat. The White House already warned China to end the campaign of cyber espionage against U.S. companies, saying in its toughest language yet on the issue that the hacking activity threatens to derail efforts to build stronger ties between the two countries. 
Donilon did not directly accuse the Chinese government of launching the attacks on U.S. computer systems, only noting that the attacks are coming from inside the country. "Increasingly, U.S. businesses are speaking out about their serious concerns about sophisticated, targeted theft of confidential business information and proprietary technologies through cyber intrusions emanating from China on an unprecedented scale," he said. Another important message came from the Obama administration saying United States “will not accept North Korea as a nuclear state” and called on Chinese leaders to get serious about cracking down on cyber-related crimes. 
While covering this story we would like to remind you that couple of weeks ago Chinese officials issued a same complain against United States where they blamed U.S. for engaging massive cyber attacks against Chinese military and defense system. If you look at the story of major cyber attacks of last few days we will find that the name of China has been involved several times for engaging cyber attacks against several high profile websites and organization of U.S. including New York TimesTwitterNBC and so on. And if you refresh our memory then then we will find the scenario of big cyber attack and espionage by Chinese hackers have been spotted several times. In 2012 Chinese hackers had  breached Telvent's corporate network & gained control of US Power GridAlso in the middle of last year, we have seen that Chinese hackers have broken into Indian Navy's Computer System & stolen sensitive data. Few months before this hack, Tokyo based computer security firm Trend Micro confirmed that Chinese hackers were responsible for biggest cyber-espionage in India, Japan & Tibet. Also the director of National Security Agency (NSA) General Keith Alexander confirmed that hackers from China was responsible for the serious attack on one of the leading IT security & cyber security company RSAAlso in 2011 China was responsible behind the attack on US Chamber of Commerce, Satellite System of U.S, Nortel Network & so on.  But few days ago National Computer Network Emergency Response Coordination Center of China (CNCERT/CC), China's primary computer security monitoring network claimed that China fallen victim of one of biggest cyber attacks originated from US, Japan & South Korea. We must have to say that this statement is truly irrelevant. Cyber crime investigator have found that China was directly responsible for the hack into Japan's Biggest Defense Contractor Mitsubishi, Japan Aerospace Exploration Agency (JAXA) & Parliament of Japan. In case of South Korea  more than 13 Million of MapleStory players data has been stolen, there also hackers from China was responsible. 


-Source (The Hill, Cnet & WT)




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

NBC.com Compromised, Hackers Exploited The Website to Spread Malware

Posted by Avik Sarkar On 2/25/2013 02:07:00 pm

NBC.com Compromised, Hackers Exploited The Website to Spread Malware

The month of February is still going from bad to worse for the cyber domain, in this very month cyber criminals swallowed the security system of many giant companies like Facebook, Twitter, Apple, New York Times and many more. But the game is not over yet, as we have just passed a few weeks, when the attack on NY Times took place, which stolen the employ database; yet again the cyber criminals have targeted another media giant National Broadcasting Company widely known as NBC. During the attack, hackers have successfully gain access inside the server of NBC and planted malware, in order to harm innocent readers. Famous security expert and blogger Brian Krebs said that the hackers inserted code into the NBC.com homepage. This caused visiting browsers to load pages from third-party sites that were compromised. While explaining the nature of the attacker, Krebs said; "The compromised sites tried to foist the Citadel Trojan, a variant of the Zeus Trojan." The Zeus is a "sophisticated data theft tool that steals passwords and allows attackers to control machines remotely" he added. Not only the NBC’s home page, also several others were affected, including the pages of late night talk show hosts Jay Leno and Jimmy Fallon. Well known security firm Sophos explained how roughly attack played out, and how NBC got sucked into the equation:
  • NBC's hacked pages were altered to add some malicious JavaScript that ran in your browser.
  • The JavaScript injected an additional HTML component known as an IFRAME (inline frame) into the web page.
  • The IFRAME sucked in further malicious content from websites infected with an exploit kit known as RedKit.
  • The exploit kit delivered one of two exploit files to try to take control over your browser via a Java vulnerability or a PDF bug.
  • If the exploit worked on your computer, financially-related crimeware from the Citadel or ZeroAccess families was installed.
This, of course, is an example of a dreaded drive-by download, where the crooks use a cascade of tricks to download, install and execute software without going through any of the warnings or confirmation dialog you might expect. This, in turn, means that even if you are a careful and well-informed user, you may end up in trouble, since there are no obvious signs that you are doing anything risky, or even unexpected.
As soon as this story get spotted the American commercial broadcasting television network, NBC News reported and confirmed that its site had been attacked. The broadcaster released the following statement regarding the website: "We've identified the problem and are working to resolve it. No user information has been compromised."
The emergency response team immediately take the situation under control and restored the website, and confirmed that the site is back again and completely safe for its visitors. But so far there is no evidence of attackers who were involved in this attack. For the safety of VOGH readers we would like to recommend you to update your operating systems and browser plugins. Also note that the attack on NBC was similar to many that have occurred in recent years in that the malicious sites tried to exploit vulnerabilities in Java. So it will better to disable Java, unless it is that much necessary. So stay tuned with VOGH and be safe in the cyber domain. 






SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

'Data Theft' A Serious Issue! Be Watch Full, Be Safe

Posted by Avik Sarkar On 2/20/2013 06:52:00 pm

Hidden Costs of 'Data Theft' A Serious Issue! What You Need to Know to Be Safe 

Sitting at the edge of technology, we the people of this century are blessed with all the required equipment  which makes our work so easy that one could have even imagined three hundred years ago. Along with these positive sides, we must have to keep in mind that, these technologies not only elaborating our effort  making life easier, but also posing  high level of threat. As the main concern of VOGH is cyber domain, so here w would like to share a fact which will make you think and even make your cyber life and your personal life too uncanny. Yes, I am talking about the rising cyber threats; the more we are shedding with technologies, the more we are involving our lives with some dangerous threats and challenges. Now a days cyber criminals are every where, you don't even know, what trap has already been set for you, that can ruin your happy life. One of the big example is "Data Theft" which becoming boomerang for us. In an age of fully digitized data, consumers and businesses can lose thousands of dollars in the blink of a hacker’s eye. The costs of data theft are well known to anyone who has ever found themselves victim to financial identity or medical record fraud. What few of us realize is that the procedures required to right a financial wrong are often costlier than the crimes themselves. Lets share some interesting statistic, which will surely put terror in your mind - the economy loses an average of $22,346 for every time an identity is stolen. And to fully recuperate losses, repair credit and prosecute fraudsters, consumers, accountants, lawyers and IRS officials can spend up to 5,000 hours, the equivalent of two years of full-time work on a single case. Even so, 60% of medical record fraud victims admit that they don’t monitor their medical statements for inconsistencies. 

Shocking!! Why not?

For one, most consumers don’t have time every month to file through complex medical or financial statements and check for accuracy. And secondly, the image of thousands of evil savants working around the clock to hack BOA databases sure makes a consumer feel helpless. Identity theft seems random and unpreventable–a stroke of bad luck like getting struck by lightning. If we are struck, we tell ourselves, banks, credit agencies and insurance companies are legally bound to recover our funds and correct our records. 

Now lets check out a fascinating video in our Hidden Costs Series to get a deeper look at how our high-cost, high-risk data management systems really work.



Hidden Costs of Data Theft (Statistic At a Glance):-


Data theft includes financial identity theft, identity cloning, and medical identity theft. The average cost per victim was $22,346 in 2012. And the total national cost of just medical identity fraud was $41 billion in 2012. The worst part – nearly 60% of reported victims say they don’t ever check their medical records for fraud. Depending on the severity of the case, it can take over 5,000 hours (the equivalent of working a full-time job for two years) to correct the damage.
Since 1935, over 435 million social security cards have been issued. That’s over 2,175 tons of paper issued as cards, or 52,200 trees and 5 million new cards are issued every year. 
Worldwide, digital warehouses storing private information, like banking and personal history, use about 30 billion watts of electricity, which equals roughly the output of 30 nuclear power plants. Data centers in the US make up almost a third of that usage, and waste 90% of the electricity they pull off the grid.
On average, 47% of victims encounter problems qualifying for a new loan and 70% have difficulty removing the negative information from their credit reports.
Over the next five years, the IRS stands to lose as much as $21 billion in revenue due to identity theft, and worldwide, businesses lose close to $221 billion a year with the US, UK, Canada and Australia ranking the highest in reported fraudulent activity.


After reading the above story carefully, many of you will feel insecure and panic. But I would like to inform you that the main purpose of sharing such important information, is to enhance carefulness, to rise cyber awareness. Many people became victim, not because of less knowledge, but of less information, less awareness. So from now onward before connecting your self into the digital world make sure that the significant & the emergent knowledge and information you have gathered from the article, should remain intact inside your brain. Trust me, if you became a bit cautious, you can easily get rid of all those cyber threats, and can enjoy the bless of technologies to make your life prosperous and happy. 

So stay tuned with VOGH and also be canny, be attentive and be safe inside the digital world. 

We the Team VOGH heartily thanks one of our invaluable reader and friend Emily Stewart of Insurance Quotes for the statistic and the awesome video. We love you Emily :) 




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

3 Russian Cyber Criminal Who Was The Master Mind of Banking Trojan 'Gozi' Charged in New York

Posted by Avik Sarkar On 2/01/2013 08:53:00 pm

3 Russian Cyber Criminal Who Was The Master Mind of Banking Trojan 'Gozi' Charged in New York 

Yet again another serious issue of cyber crime get resolved when the FBI tracked and figured out the master mind of infamous 'Gozi banking Trojan' which effected more than millions of system world wide, including a handful at NASA, leading to tens of millions of dollars in lost banking funds and damages to computer systems and networks. Three alleged international cyber criminals from Russia, responsible for creating and distributing 'Gozi' that infected over one million computers and caused tens of millions of dollars in losses charged in Manhattan Federal Court. Mihai Ionut Paunescu aged 28, a Romanian, Deniss Calovskis, 27, a Latvian, and Nikita Vladimirovich Kuzmin, 25, of the Russian Federation, are charged with computer intrusion, conspiracy to commit bank and wire fraud and access device fraud. Federal authorities said the three were arrested last week; Kuzmin is being held in New York, while Paunescu is in custody in Romania and Calovskis in Latvia. 
According to the press release of FBI -Deniss Calovskis, a/k/a “Miami,” a Latvian national who allegedly wrote some of the computer code that made the Gozi virus so effective, was arrested in Latvia in November 2012. Mihai Ionut Paunescu, a/k/a “Virus,” a Romanian national who allegedly ran a “bulletproof hosting” service that enabled cyber criminals to distribute the Gozi virus, the Zeus trojan, and other notorious malware and to conduct other sophisticated cyber crimes, was arrested in Romania in December 2012. 

The cases are being handled by the Complex Frauds Unit of the United States Attorney’s Office. Assistant United States Attorneys Sarah Lai, Nicole Friedlander, and Thomas G.A. Brown, along with Trial Attorney Carol Sipperly of the Computer Crime and Intellectual Property Section of the Department of Justice on the Paunescu case, are in charge of the prosecution. The charges contained in the Indictments are merely accusations, and the defendants are presumed innocent unless and until proven guilty.

DefendantAge and ResidenceChargesMaximum Penalty
Nikita Kuzmin25; Moscow, RussiaConspiracy to commit bank fraud; bank fraud; conspiracy to commit access device fraud; access device fraud; conspiracy to commit computer intrusion; computer intrusion95 years in prison
Deniss Calovskis27; Riga, LatviaConspiracy to commit bank fraud; conspiracy to commit access device fraud; conspiracy to commit computer intrusion; conspiracy to commit wire fraud; conspiracy to commit aggravated identity theft67 years in prison
Mihai Ionut Paunescu28; Bucharest, RomaniaConspiracy to commit computer intrusion; conspiracy to commit bank fraud; conspiracy to commit wire fraud60 years in prison


Brief About Gozi:-
The Gozi virus is malicious computer code, or “malware,” that steals personal bank account information, including usernames and passwords, from the users of affected computers. It was named by private sector information security experts in the U.S. who, in 2007, discovered that previously unrecognized malware was stealing personal bank account information from computers across Europe on a vast scale, while remaining virtually undetectable in the computers it infected. To date, the Gozi virus has infected over one million victim computers worldwide, among them at least 40,000 computers in the U.S., including computers belonging to the National Aeronautics and Space Administration (NASA), as well as computers in Germany, Great Britain, Poland, France, Finland, Italy, Turkey, and elsewhere, and it has caused tens of millions of dollars in losses to the individuals, businesses, and government entities whose computers were infected.

The Gozi virus was distributed to victims’ computers in several different ways. In one method, the virus was disguised as an apparently benign .pdf document which, when opened, secretly installed the Gozi virus on the victim’s computer. Once installed, the Gozi virus—which was intentionally designed to be undetectable by anti-virus software—collected data from the infected computer in order to capture personal bank account information including usernames and passwords. That data was then transmitted to various computer servers controlled by the cyber criminals who used the Gozi virus. These cyber criminals then used the personal bank account information to transfer funds out of the victims’ bank accounts and ultimately into their own personal possession.


For Detailed Information Click Here


SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Anonymous Hacked MIT Website & Left Tribute Message For Aaron Swartz

Posted by Avik Sarkar On 1/16/2013 06:57:00 pm

Anonymous Hacked MIT Website & Left Tribute Message For Aaron Swartz

We have just passed a few days when the shocking news of Aaron Swartz's suicide take down the entire Internet and specially the cyber world. Swartz, a political activist and computer programmer, reportedly hanged himself last week in his Brooklyn apartment as he awaited trial on 13 felony counts for downloading and publishing roughly 4 million academic journal articles from the database JSTOR. Hours after the Massachusetts Institute of Technology posted a pledge to investigate its involvement in events associated with the suicide of Aaron Swartz. But this step of MIT was not enough as the hacktivist group Anonymous taken this issue very seriously and started a campaign in which they targeted several websites of MIT. From 4 p.m. to 7:50 p.m. PT on Sunday evening, M.I.T.'s network lost access to most websites, including mit.edu, where Anonymous posted a red-lettered tribute message in Swartz's honor saying -

“Whether or not the government contributed to his suicide, the government’s prosecution of Swartz was a grotesque miscarriage of justice, a distorted and perverse shadow of the justice that Aaron died fighting for — freeing the publicly-funded scientific literature from a publishing system that makes it inaccessible to most of those who paid for it — enabling the collective betterment of the world through the facilitation of sharing — an ideal that we should all support,” 

Kimberly Allen, the media relations manager at M.I.T., did not immediately respond to a call from TheWrap requesting comment.
M.I.T. President Rafael Reif asked computer science professor Hal Abelson on Sunday to "lead a thorough analysis of M.I.T.'s involvement from" in Swartz's case. According to sources The Department of Justice dropped charges against Swartz on Monday, standard policy for when a defendant dies. JSTOR, which said it settled its claims against Swartz in June 2011, said it was "saddened" to hear of his death.
"We extend our heartfelt condolences to Aaron’s family, friends, and everyone who loved, knew, and admired him," it said in a post on its website. "He was a truly gifted person who made important contributions to the development of the internet and the web from which we all benefit."

Here is the full Message of Anonymous posted on MIT's website:-


"In Memoriam, Aaron Swartz, November 8, 1986 – January 11, 2013, Requiescat in pace.
A brief message from Anonymous.
Whether or not the government contributed to his suicide, the government’s prosecution of Swartz was a grotesque miscarriage of justice, a distorted and perverse shadow of the justice that Aaron died fighting for — freeing the publicly-funded scientific literature from a publishing system that makes it inaccessible to most of those who paid for it — enabling the collective betterment of the world through the facilitation of sharing — an ideal that we should all support.
Moreover, the situation Aaron found himself in highlights the injustice of U.S. computer crime laws, particularly their punishment regimes, and the highly-questionable justice of pre-trial bargaining. Aaron’s act was undoubtedly political activism; it had tragic consequences.
Our wishes
  • We call for this tragedy to be a basis for reform of computer crime laws, and the overzealous prosecutors who use them.
  • We call for this tragedy to be a basis for reform of copyright and intellectual property law, returning it to the proper principles of common good to the many, rather than private gain to the few.
  • We call for this tragedy to be a basis for greater recognition of the oppression and injustices heaped daily by certain persons and institutions of authority upon anyone who dares to stand up and be counted for their beliefs, and for greater solidarity and mutual aid in response.
  • We call for this tragedy to be a basis for a renewed and unwavering commitment to a free and unfettered internet, spared from censorship with equality of access and franchise for all.
For in the end, we will not be judged according to what we give, but according to what we keep to ourselves.
Aaron, we will sorely miss your friendship, and your help in building a better world. May you read in peace.
—-
Who was Aaron Swartz? A hero in the SOPA/PIPA campaign, Reddit cofounder, RSS, Demand Progress, Avaaz, etc…:
—-
Guerilla Open Access Manifesto
Information is power. But like all power, there are those who want to keep it for themselves. The world’s entire scientific and cultural heritage, published over centuries in books and journals, is increasingly being digitized and locked up by a handful of private corporations. Want to read the papers featuring the most famous results of the sciences? You’ll need to send enormous amounts to publishers like Reed Elsevier.
There are those struggling to change this. The Open Access Movement has fought valiantly to ensure that scientists do not sign their copyrights away but instead ensure their work is published on the Internet, under terms that allow anyone to access it. But even under the best scenarios, their work will only apply to things published in the future. Everything up until now will have been lost.
That is too high a price to pay. Forcing academics to pay money to read the work of their colleagues? Scanning entire libraries but only allowing the folks at Google to read them? Providing scientific articles to those at elite universities in the First World, but not to children in the Global South? It’s outrageous and unacceptable.
“I agree,” many say, “but what can we do? The companies hold the copyrights, they make enormous amounts of money by charging for access, and it’s perfectly legal — there’s nothing we can do to stop them.” But there is something we can, something that’s already being done: we can fight back.
Those with access to these resources — students, librarians, scientists — you have been given a privilege. You get to feed at this banquet of knowledge while the rest of the world is locked out. But you need not — indeed, morally, you cannot — keep this privilege for yourselves. You have a duty to share it with the world. And you have: trading passwords with colleagues, filling download requests for friends.
Meanwhile, those who have been locked out are not standing idly by. You have been sneaking through holes and climbing over fences, liberating the information locked up by the publishers and sharing them with your friends.
But all of this action goes on in the dark, hidden underground. It’s called stealing or piracy, as if sharing a wealth of knowledge were the moral equivalent of plundering a ship and murdering its crew. But sharing isn’t immoral — it’s a moral imperative. Only those blinded by greed would refuse to let a friend make a copy.
Large corporations, of course, are blinded by greed. The laws under which they operate require it — their shareholders would revolt at anything less. And the politicians they have bought off back them, passing laws giving them the exclusive power to decide who can make copies.
There is no justice in following unjust laws. It’s time to come into the light and, in the grand tradition of civil disobedience, declare our opposition to this private theft of public culture.
We need to take information, wherever it is stored, make our copies and share them with the world. We need to take stuff that’s out of copyright and add it to the archive. We need to buy secret databases and put them on the Web. We need to download scientific journals and upload them to file sharing networks. We need to fight for Guerilla Open Access.
With enough of us, around the world, we’ll not just send a strong message opposing the privatization of knowledge — we’ll make it a thing of the past. Will you join us?
Aaron Swartz
July 2008, Eremo, Italy
—–
You were the best of us; may you yet bring out the best in us.
-Anonymous, Jan 13, 2013.
—-
(Postscript: We tender apologies to the administrators at MIT for this temporary use of their websites. We understand that it is a time of soul-searching for all those within this great institution as much — perhaps for some involved even more so — than it is for the greater internet community. We do not consign blame or responsibility upon MIT for what has happened, but call for all those feel heavy-hearted in their proximity to this awful loss to acknowledge instead the responsibility they have — that we all have — to build and safeguard a future that would make Aaron proud, and honour the ideals and dedication that burnt so brightly within him by embodying them in thought and word and action..."


VOGH Reaction:- There is nothing much to say, we are speechless after what happened. Swartz suicide is surely a defeat of freedom. Last but not least VOGH team along with the whole cyber world will miss Aaron Swartz, RIP!


-Source (TC & Wired)






SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Hacker Steals 3.6 Million South Carolina Social Security No & Also Exposed 387,000 Card Details

Posted by Avik Sarkar On 10/29/2012 04:36:00 am

Hacker Steals 3.6 Million South Carolina Social Security Number & Also Exposed 387,000 Card Details

The year 2012 is going from bad to worse for the cyber space, as yet another big data breach happened which effected more than 4.7 million residents of South Carolina at risk of identity theft. Anyone who filed a South Carolina tax return in the past 14 years may have had their Social Security number stolen and has been urged by the state government to immediately enroll in consumer protection services. The U.S. Secret Service detected a security breach at the S.C. Department of Revenue on Oct. 10, but it took state officials 10 days to close the attacker’s access and another six days to inform the public that 3.6 million Social Security numbers had been compromised. The attack also exposed 387,000 credit and debit card numbers. The stolen data included other information people file with their tax returns such as names and addresses. Businesses’ taxpayer identification numbers also potentially have been comprised in the attack that is being described as one of the nation’s largest against a state agency. The hacker began accessing the Department of Revenue’s computer system in August, but wasn’t noticed by the Secret Service until October, giving him about two months to gather the data in what is one of the largest computer breaches in the US. Most of the data had not been encrypted, meaning the hacker would not need a key to a secret code to read the stolen data. Revenue director James Etter said none of the Social Security numbers were encrypted and about 16,000 credit card numbers were not encrypted.
“The number of records breached requires an unprecedented, large-scale response by the Department of Revenue, the State of South Carolina and all our citizens,” South Carolina Gov. Nikki Haley said during a news conference. “We are taking immediate steps to protect the taxpayers of South Carolina, including providing one year of credit monitoring and identity protection to those affected.” 
S.C. Inspector General Patrick Maley said nine agencies had been evaluated thus far, and some corrective action had been taken. There was no overarching security policy within state government, he said. No one at the Revenue Department or within the state’s information technology division has been disciplined over the latest attack.  
While this case of hacking was the largest in US history, it wasn’t the first. On March 30, 2012, officials in Utah discovered that one of their health department servers had been hacked. That time also a large number of Social Security numbers were stolen from the serverincluding those of children. Here we would like to give you reminder that in the last few months we have been a slew of attacks against the following sites: AdobeGuild Wars 2GamigoBlizzardYahooLinkedIneHarmonyFormspringAndroid ForumsGamigo,  NvidiaBlizzard and  Philips. And after this breach Adobe also enlisted its name among those who was fallen victim to cyber criminals in this year. For all the latest on cyber security and hacking related stories; stay tuned with VOGH




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Greater Manchester Police Fined £150,000 By ICO For Using Unencrypted USB Sticks

Posted by Avik Sarkar On 10/17/2012 05:13:00 pm

Greater Manchester Police Fined £150,000 By ICO For Using Unencrypted USB Sticks 

To fight against major security breaches, data loss, cyber theft, and many other cyber challenges, both Government and higher authorities are becoming as tight and strict as they can. While sitting at edge of cyber security, not even a single mistake or carelessness will be negotiated. So either you have to deliver your very best, or you have to penalty, exactly the same thing happened to Greater Manchester Police. Yesterday, I mean 16th of October The UK Information Commissioner's Office (ICO) in the UK recently fined the Greater Manchester Police £150,000 for a data breach. In their press release ICO said - Greater Manchester Police force is being fined for failing to take appropriate measures against the loss of personal data. The action was prompted by the theft of a memory stick containing sensitive personal data from an officer’s home. The device, which had no password protection, contained details of more than a thousand people with links to serious crime investigations. The ICO found that a number of officers across the force regularly used unencrypted memory sticks, which may also have been used to copy data from police computers to access away from the office. Despite a similar security breach in September 2010, the force had not put restrictions on downloading information, and staff were not sufficiently trained in data protection.
The findings prompted the Information Commissioner to use his powers under the Data Protection Act to impose a Civil Monetary Penalty of £150,000. Greater Manchester Police paid that penalty yesterday, taking advantage of a 20 per cent early payment discount (£120,000). 

David Smith, ICO Director of Data Protection, said: -“This was truly sensitive personal data, left in the hands of a burglar by poor data security. The consequences of this type of breach really do send a shiver down the spine. “It should have been obvious to the force that the type of information stored on its computers meant proper data security was needed. Instead, it has taken a serious data breach to prompt it into action.
“This is a substantial monetary penalty, reflecting the significant failings the force demonstrated. We hope it will discourage others from making the same data protection mistakes.” 
The monetary penalty is paid into the Treasury’s Consolidated Fund and is not kept by the Commissioner.   






SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Hacker Stolen 300K Student Information From Florida College Computer

Posted by Avik Sarkar On 10/14/2012 06:25:00 pm

Hacker Stolen 300K Student Information From Florida College Computer 

While fighting against the rising amount of cyber threats, the cyber security domain is getting stronger and developed everyday. But till today its not as up-to dated as it should be, and that is why every day the news of security breaches are being spotted in the wild. In the last few months we have been a slew of attacks against the following sites: Guild Wars 2GamigoBlizzardYahooLinkedIneHarmonyFormspringAndroid ForumsGamigo,  NvidiaBlizzardPhilips and Adobe. And it was the turn for Florida Panhandle College. According to sources, a massive security breach hit the main system of Florida Panhandle college, which effected the records of more than 300,000 students, faculty & other employeesEducation officials said that the computer hackers accessed confidential information of staff and students in a massive security breach. A breach that at first involved employees at Northwest Florida State College was much larger than suspected and now potentially involves student records from across the state, state and college officials said. The Department of Education said hackers stole 200,000 records including names, Social Security numbers and birth dates for any student statewide who was eligible for Florida’s popular Bright Futures scholarships for the 2005-06 and 2006-07 school years. 

The hackers also stole more than 3,000 employee records, including some that contained confidential financial information. Some 76,000 records containing personal identification information from students who attended the college was also hacked. “We speculate this was a professional, coordinated attack by one or more hackers,” said Northwest Florida State College President, Ty Handy, in a memo that went out to employees in this week. According to Florida College System Chancellor Randy Hanna in a statement. “While some of the contact information is dated, we will be trying to reach every student whose records may have been captured.” Because of the scope of the breach, Federal Authorities have joined the local and state investigation that got under way last week, confirmed the authority.
The breach occurred sometime between late May and late September. College officials said in a news release that 50 employees to date have reported issues with identity theft, including the college president, faculty and staff. The information has been used to either obtain personal loans or to take out a Home Depot credit card. 


-Source (CBS)





SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Related Posts Plugin for WordPress, Blogger...

Site search