Showing posts sorted by date for query social media. Sort by relevance Show all posts
Showing posts sorted by date for query social media. Sort by relevance Show all posts

VOGH Exclusive: URL Redirection Vulnerability Found In Facebook

Posted by Avik Sarkar On 1/02/2014 11:10:00 pm

VOGH Exclusive: URL Redirection Vulnerability Found In Facebook [The Vulnerability Still Active & Not Been Patched]
Facebook -the world's largest social networking site with registered users of more than one billion, is considered among one of the safest site of the cyber space. To maintain such reputation Facebook Inc has done all the required steps, that one could possibly take. Like other high profile and very popular websites, Facebook also stand as one of the hot target of almost every cyber criminals of the world. To get rid of this and make FB safe and secure, the company have introduced what it called 'Bug Bounty' offer; where you can submit vulnerabilities to FB and get rewarded. We have seen many security researchers and hackers across the globe has done this and get their award. But not every time, and today I will talk about that- few days ago a reader of VOGH, who also goes by the nick name of 'Dr41DeY' has figured out a URL redirection vulnerability in Facebook. One of the link in Facebook App which is apps.facebook.com is posing URL redirection vulnerability. The hacker has demonstrated how any one can use  the vulnerability  in order to manipulate millions of innocent Facebook users. Let see  

Before publishing this, one of our VOGH representative have talked with Facebook Security regarding this security vulnerability, but due to some reason FB might overlooked this issue. Finally after waiting for almost a week, we the Team VOGH decided to bring this in-front of our reader. Let briefly go through with the vulnerable link- 

https://apps.facebook.com/a.php?u=http://www.voiceofgreyhat.com&mac=AQLy7nyXi5NBt31j&__tn__=*B&eid=AQLpbizR7KEf3cyD0VTN7fNtv99fMZABDp2gdWhvL-MQocJIPy3w4hUG7_7hrmSMqDq7QLCI9k_0LbB95NEz_6GUDHGNgTDsGP_rX-VWRHxfg5a--VlnN1K9FdG3NAek8r2JPWENkb2Mu56EckbZCGXcPie27OnHxE-H7MBufQel0Pr-ZjpCWB6QF5xHeWsdKqyHzjK2woBGGrjk9Dlgnzcw3d9ZWPzrwbGpm6MSkpks3mqEphXnTP2Vd9UDQxIs68NnTaO35XIwKq5t3CSdb11iU_34gzjfLgvvDo_BYbgtrGe0Juc5CpRSwd5nImw9oPPvn6Za9rrxO_ivROtOGc2b2S3bYzNLWpbDwt3cFN2rJ3JElyIR0vjB4R859PpE9SrZx6AD3s_liikzPh30YLVb8XvPABk7r9MShk6OrVFPiAWZnEvPx49UzPDSF-nEl188rEPAi0KGJ4u1zb10hhzmHUCjH04SezDByUkyNituMb2lgiQz-Xlpgy_tkVYR-U7plDa38N9VzdAj_Bwefd7B85ykZCAy9ZQOt48Ql8KQeKfivk3sThZIkLwWPiju7R28Sw6bj09vS_Y28kFSqanGe9tYAPfKIe4zOzQt9-Q1CC_EwX3ypOlyQ2yXMiU3lwp7M9EriKHRFDsTgsuzzF-uvlpx3UrWh8M55-NX0ULjr4kxjAR5g_1wU-luUyn_Ot6Ly1_ZbBdahyb5uSmCDNvF5kMuIH8Gxvpql45dNffGzKau9oZGn6r1OmsG47JIGipznCVaZnWjXAakDnEMX6X8ZtI-M-db1olzbBpJdj5sZe-x2VM02S5XsXJWe_QLxFDOupjbz8I82HETHQ9PbzSIMsJboll4E3-f_JQFfdzwEguLa8SC_ImRahWBCwKNJeSlmRv91FqWpQaChe5-UyAoqcblvK4jPuRO3qC7o-qMTQ2jEJqqUW46koulOmgNJpMYXPgRxjNGcwjyTPS59Nr08zq6eCNd1aYLh2E4s5MYXBtVUTF8l0uhQ2wYSoR66xZsI2tK0DD1KiQHyTO1QieBwPtCN3eWgRzUTg3lM3ttkuwYKRPPLDvtUOPWmZhYUzUFcbfPM2kXdpqyGlrGx9-ErKGygYKATx2xzrTzktjgW4q0L5wfO3CSKAOCAoKfi_pfz-zIHSNE8ZAjZDtpbC_chgkvbHWJYYIs7pnE1riWJYORACjkkRr6nZoivC3z_g-8JBahghwy2C34kJYZJ6cBC8LKoB6KCTbj_F1tArQAzcSUij4vrJNUATzsdlO_ol6HwUQb8FjoWa38Bhtx81stxB328sgC9IGu1omPG0QeNJVhcJwh6HyEwtgycBLrlcdedaWbkwvnjv3F3BWuJIi763nBeYuAgNUaEUYHaXu_ZJzXW8fQ72nz_hddGT_GH50&sig=89099

Replace voiceofgreyhat.com with any of your favorite site, and the the said vulnerability will allow you to get redirected to that very website you want to from Facebook. This loophole is still active, and any one can test that with the above url, we thought the impact of this loophole is very serious, as any malicious attacker can misuse the trust-hod of Facebook's url in order to harm regular internet users, while redirecting them to any junk or malfunctional websites.

Disclaimer:- Earlier I told that the issue has already brought into the notice of Facebook Security, but they overlooked the whole issue, so being a responsible cyber media, we VOGH are disclosing this to people. If any one misuse this vulnerability, then Voiceofgreyhat will not at all be responsible for any kind of mishap.

Update:- May be doing more that what we call late repent, but finally the above disclosed vulnerability has been patched by Facebook security team. 


SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

A Man From India Jailed For Posting "Communal & Inflammatory" Post on Facebook (#Censorship)

Posted by Avik Sarkar On 2/06/2013 07:12:00 pm

A Man From India Jailed For Posting "Communal & Inflammatory" Post on Facebook (#Censorship) 
Freedom of social media in India has been revoked, as the Indian govt has implemented several policy by which they made the social network completely censored. Though this step has been criticized randomly but the decisions has remain unchanged. And the result is in front of us; when a man from Agra get busted. The incident occurs immediately after he made a posts on social networking site Facebook targeting Prime Minister Manmohan Singh, union Communications Minister Kapil Sibal and Uttar Pradesh's ruling Samajwadi Party (SP) chief Mulayam Singh Yadav. According to police the post which the man from Agra made violated the policy of Indian govt and that's why it is taken as "communal and inflammatory." the man named Sanjay Chowdhary, a resident of the Dayalbagh suburb of Agra, was arrested late Monday and his laptop, sim card and data card impounded.
Police in Agra, about 360 km from here, said the arrest, which some see as an attempt to muzzle freedom of speech and expression on social networking sites, that the arrest was made on "specific information" about certain "communal and inflammatory" posts by Chowdhary. However, officials here admitted that the "case became hypersensitive after some remarks were made on the SP chief".
Senior Superintendent of Police (SSP) Agra, Subhash Chandra Dubey said police had acted "purely on law and order basis" in the matter.
"We are not involved in the political angle of the whole issue, our concern were the inflammatory comments and posts on the Facebook wall of this man and we acted to prevent any communal flare up," Dubey told the media. Some officials, however, said the case was "fast tracked" once cartoons lampooning the three leaders were posted on his Facebook wall.
Soon after his arrest, the inflammatory posts were deleted from his Facebook profile and later his account was deactivated. Chowdhury, a civil engineer and chairman of a public school, was booked under sections 153 A of the Indian Penal Code (IPC) and 66 A of the Information Technology (IT) Act.
"We have arrested him and he is being sent to jail under the due process of law," a police official said.



-Source (Yahoo News)





SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Twitter Hacked, More Than 250,000 User Data Compromised

Posted by Avik Sarkar On 2/03/2013 01:55:00 am

Twitter Hacked, More Than 250,000 User Data Compromised

The social networking giant and the world famous micro blogging site Twitter again fallen victim of cyber attack. Last year we have seen that the tight security system if twitter have been compromised many times. Yet again in this year the San Francisco based social media giant who have more than 500 million registered users failed to protect them selves from hackers. On last Friday Twitter acknowledged that it had become the latest victim in a number of cyber-attacks against media companies, saying hackers may have gained access to information on 250,000 of its more than 200 million active users. The micro blogging giant said in a blog posting that earlier this week it detected attempts to gain access to its user data. It shut down one attack moments after it was detected. According to reports usernames, email addresses, session tokens and encrypted/salted passwords for 250,000 users might have been accessed in what it described as a “sophisticated attack” 

"This attack was not the work of amateurs, and we do not believe it was an isolated incident,” said Bob Lord, Twitter’s director of information security. “The attackers were extremely sophisticated, and we believe other companies and organisations have also been recently similarly attacked” Bob added. 

Jim Prosser, a Twitter spokesman, would not say how hackers infiltrated Twitter’s systems, but Twitter’s blog post said hackers had broken in through a well-publicized vulnerability in Oracle’s Java software. Last month, after a security researcher exposed a serious vulnerability in the software, though Oracle patched the security hole, but Homeland Security said the fix was not sufficient. The DHS issued a rare alert that warned users to disable Java on their computers. Prosser said Twitter was working with government and federal law enforcement to track down the source of the attacks. For now, he said the company had reset passwords for, and notified, every compromised user. The company encouraged users to practice good password hygiene, which typically means coming up with different passwords for different sites, and using long passwords that cannot be found in the dictionary.
Twitter said it “hashed” passwords — which involves mashing up users’ passwords with a mathematical algorithm — and “salted” those, meaning it appended random digits to the end of each hashed password to make it more difficult, but not impossible, for hackers to crack. Once cracked, passwords can be valuable on auction-like black market sites where a single password can fetch $20.

While talking about Twitter and cyber issues, I would like to remind you that in last year twitter faced several cyber attacks where more than 55,000 twitter account details was leaked, after this issue in the middle of last year the social networking giant faced massive denial of service which interrupted its services. Later a huge number of Twitter users across the globe received  emails warning that their account have been compromised and their passwords had been reset, and it was another security breach which affected twitter. Such big organization are not at all careless about security, so as twitter and it has been proved when they hired renowned white hat hacker Charlie Miller to boost up their security, but after this current massacre, it seems that twitter need to think more and emphasize a lot to make sure that their system is good enough to prevent cyber attacks. For all the hot cyber updates and reviews stay tuned with VOGH.


SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Help! I Think My Child Might Be a Cyberbully (Special Article)

Posted by Avik Sarkar On 12/08/2012 05:57:00 pm

Help! I Think My Child Might Be a Cyberbully (Special Article)

Our society grows more and more connected. We have smart phones, computers, tablets, social media sites and other tools constantly creating new connections between people. This is generally a good thing, but there is a negative side to this enhanced communication—cyberbullying. Although bullying in the playground or classroom has been around since we started putting kids in schools, cyberbullying brings a new aspect to bullying. It is more difficult to stop because, in many cases, the bully is anonymous.

Cyberbullying Can Lead to Suicide

Cyberbullying is using the internet, cell phones or other devices to post pictures, text, videos or other information intended to hurt or embarrass another person. According to the National Crime Prevention Association, cyberbullying affects almost half of all American teens. Although many feel cyberbullying is not a big deal, the consequences can be severe. As evidenced by the amount of suicides—particularly of gay teens—in the last few years, cyberbullying can have a devastating effect on the victim and their family. Because of the nature of cyberbullying, it is difficult to tell if your child is involved—either as a victim or an aggressor.

Prevent Your Child From Becoming a Cyberbully

There are some simple ways to prevent your child from becoming a cyberbully. Be a model for them. Don’t use abusive language when referencing workmates, other parents or kids. Make sure the language you use around your child does not lead them to believe it is alright for them to use abusive language. Children look to their parents as guides for how to operate in the world. Make sure, as a guide, you're pleasant, kind and non-aggressive.
Keep an eye on your child’s social networking profile. See if they are getting involved in harassing other children. This could be a precursor to them becoming the primary bully themselves. If you do find evidence they are harassing others, do not let it stand. Talk to them about it. Explain the better, healthier ways to deal with their aggression or anger towards their friends and classmates. Make sure they understand that harassment is not an acceptable type of behavior. There are ways to assure your child's social network site can't be hacked.

Keep Your Child's Social Network From Being Hacked

Cyberbullying is not exclusive to hateful or aggressive comments or messages. Many kids have their social networking site hacked, and the hacker shares embarrassing information or posts things the actual user would not post. There is software to track the sites that have been accessed on your computer and that can help you to protect your child against identity theft. Utilize the tools available to make sure your child has not stolen another kid’s identity.
The best way to stop cyberbullying is to prevent your child from ever becoming one in the first place. Have open conversations about bullying and its effects on others. Show through example the best way to solve problems is not through threats and anger but through calm and reasoned action.



Special Article By 
Jennifer Stone
Guest Editor VOGH



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Security Breach: Twitter Unintentionally Resets More Passwords Than Accounts Hacked

Posted by Avik Sarkar On 11/10/2012 12:57:00 am

Security Breach: Twitter Unintentionally Resets More Passwords Than Accounts Hacked

Yet again the famous micro blogging site Twitter faced security challenge. Tuesday a huge number of Twitter users across the globe received  emails warning that their account may have been compromised and their passwords had been reset as a precautionary measure to prevent unauthorized access. In the e-mail, the microblogging company noted: "Twitter believes that your account may have been compromised by a Web site or service not associated with Twitter. We've reset your password to prevent others from accessing your account."

It remains unclear how many have been affected by the password reset e-mail or what's caused the mass e-mailing of its users. A post by TweetSmarter on Wednesday noted that in some cases when "large numbers of Twitter accounts have been hijacked," the company sends out these e-mails en masse, even sending messages to accounts that may not have been affected by any hack or hijack to err on the side of caution. The emails are apparently legitimate, though they were sent to more than victims of compromised accounts. The mass email coincided with incidents involving several high-profile accounts, including at least one account belonging to the BBC. Other media organisations, such as the TechCrunch blog, reported being warned. 
"We’re committed to keeping Twitter a safe and open community," reads a notice the company issued earlier Thursday. "As part of that commitment, in instances when we believe an account may have been compromised, we reset the password and send an email letting the account owner know this has happened along with information about creating a new password. This is a routine part of our processes to protect our users. "In this case, we unintentionally reset passwords of a larger number of accounts, beyond those that we believed to have been compromised. We apologize for any inconvenience or confusion this may have caused."
Twitter officials have not disclosed how many uncompromised accounts had passwords reset, nor any more on the attack that led to those actions. The social media site currently has 140 million active usersSome victims reported having select tweets deleted, while others started sending out spam.

-Source (CNET)



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

McAfee Reveals Emma Watson as 2012’s Most Dangerous Cyber Celebrity & For India its Sunny Leone

Posted by Avik Sarkar On 11/09/2012 04:30:00 am

McAfee Reveals Emma Watson as 2012’s Most Dangerous Cyber Celebrity & For India its Sunny Leone

In a research security software company McAfee figure out Sunny Leone as the most dangerous celebrity in the Indian cyber space for this year, followed by Katrina Kaif and Kareena Kapoor. For the sixth year in a row, McAfee researched popular culture’s most famous people to reveal riskiest celebrity sportsmen, actors and politicians across the Web to reveal the 2012 rendition of ‘Most Dangerous Celebrity’ research. In the India ranking this year, Sunny Leone displaced Katrina Kaif, who owned this title in the 2011 edition of this annual research. Lubna Markar, Sr. Marketing Manager India and South Asia, McAfee, said, “Cyber criminals continue to leverage top celebrities to lure people to websites with malicious software. This year too, we saw cyber crooks leveraging Bollywood stars whereby the maximum number of malicious software laden sites pertained to Sunny Leone. This testifies her top position as the most dangerous celebrity in Indian cyberspace in 2012.” 
The study for ‘Most Dangerous Celebrity’ used the McAfee SiteAdvisor site rating which indicates the sites that are risky to search for celebrity names on the Web and calculate an overall risk percentage. The top 10 celebrities in India from this year’s study with the highest risk percentages are: 

  1. Sunny Leone: This sexy Canadian model/actress who made headlines with her presence in the celebrity reality show BigBoss, ranks first with 9.95% chances of luring people into clicking on malicious links.
  2. Katrina Kaif: India’s ‘chikni chameli’ was the most dangerous Indian celebrity of 2011, but has slipped down to the 2nd position this year with a risk percentile of 8.25%.
  3. Kareena Kapoor: The 3rd Most Dangerous Celebrity and winner of six film fare awards has a 6.67% possibility of making users fall into a trap of malware laden Web sites.
  4. Priyanka Chopra: This former Miss World who has been the reigning queen of Bollywood occupies the 4th position on the Most Dangerous Celebrities list with a risk percentile of 6.5%.
  5. Bipasha Basu: With Raaz 3, this Bengali bombshell has moved up the ranking from 8th in 2011 to the 5th position in 2012. She has a 5.58% percentile of leading users to a malicious site.
  6. Vidya Balan: After her ‘Dirty Picture’, Vidya Balan has a 5.33 % chance of leading users to malicious sites. The versatile Indian actress has marked her presence even in the cyber space.
  7. Deepika Padukone: This sultry actress of ‘Cocktail’ fame, was the 2nd most dangerous celebrity in the year 2011, but has plummeted to 7th position this year, with a 4.92% chance of being led to a malicious Web site.
  8. Salman Khan: One of the most sought after stars in Bollywood, Salman Khan has redefined the trends of the Hindi film industry with his roles in movies such as Dabangg and Ek Tha Tiger. With a risk percentile of 4.83%, he is on the eighth position in our Most Dangerous Celebrities ranking.
  9. Aishwarya Rai Bachchan: Touted as ‘the most beautiful woman in the world’, Aishwarya Rai Bachchan, is the ninth most dangerous celebrity in India with a risk percentile of 4.58%.
  10. Poonam Pandey: The Kingfisher calendar girl who was also amongst the top 8 contestants in ‘Gladrags 2010′, has a risk percentile of 4.25% and is the tenth most dangerous celebrity.


If you go thorugh the report of McAfee's 2012’s Most Dangerous Cyber Celebrity then you will come to know that Emma Watson has replaced Heidi Klum as McAfee's 2012 most dangerous celebrity to search for online. For the sixth times in a row, McAfee researched popular culture’s most famous people to reveal the riskiest Hollywood actors, athletes, musicians, politicians, designers, and comedians on the Web.  The McAfee Most Dangerous Celebrities™ study found that women are more dangerous than men with Jessica Biel taking the number two spot and Eva Mendes coming in third. Latina women have proven that they are on fire and make up five of the top ten spots. After Mendes, Selena Gomez, Shakira and Salma Hayek take the fourth, seventh and ninth spot and Sofia Vergara rounds out the top 10 list. Funnyman Jimmy Kimmel is the only male to make the top 20 list this year. 

The top 10 celebrities from this year’s study with the highest percentages of risk are:-

  1. Emma Watson – Best known for her role as Hermione Granger in the “Harry Potter” franchise, the British actress tops the list as the 2012 Most Dangerous Celebrity. Watson continues to star in feature films including “My Week with Marilyn” and “The Perks of Being a Wallflower” and is an ambassador for Lancôme.
  2. Jessica Biel – The 2009 Most Dangerous Celebrity rose two spots this year from coming in at number 4 in 2011. Biel continues to be in the spotlight with fiancée Justin Timberlake and her role in 2012’s “Total Recall.”
  3. Eva Mendes – A new addition to the list,Mendes has starred in films including “2 Fast 2 Furious” and “Hitch.” She is currently in the news for her fling with Ryan Gosling.
  4. Selena Gomez – The tween musician and actress is best known for her role as Alex Russo on Disney’s “Wizards of Waverly Place” and for dating teen heartthrob Justin Bieber. She has been cast in the upcoming film “Parental Guidance Suggested” and was recently named one of Forbes’ Top 10 Best Social Media Superstars.
  5. Halle Berry – The Academy Award winning actress is famous for her stand out roles in action and horror films including “Catwoman” and “Gothika”. Berry is in the spotlight for her custody battle with baby daddy Gabriel Aubry.
  6. Megan Fox – The sexy actress rose 9 spots compared to her number 15 spot last year. She is currently in the news for her pregnancy with husband Brian Austin Green and will be seen in the upcoming film “This is 40”.
  7. Shakira – The belly-dancing singer/songwriter best known for her songs “Hips Don’t Lie” and “Whenever, Wherever” comes in at number 7. She was recently named one of Forbes’ World’s Most Powerful Women and was ranked number 6 on Forbes’ Top 10 Best Social Media Superstars.
  8. Cameron Diaz – 2010’s Most Dangerous Celebrity fell to eighth place, with searches resulting in slightly fewer risky sites this year. She was most recently in the spotlight for allegedly dating Alex Rodriguez. She is rumored to star in “Expendables 3.”
  9. Salma Hayek – The actress, producer and director received an Academy Award for her role as Frida Kahlo in “Frida” and recently starred in “Savages.” She is currently in the news for her controversial remarks about her Mexican heritage in a Vogue interview. She is married to billionaire François-Henri Pinault.
  10. Sofia Vergara – The Columbian actress and model best known for her comedic role as Gloria Delgado-Pritchett on ABC’s Emmy Award winning “Modern Family” rounds out the top 10 list. She also starred in the “The Three Stooges” film this year and was recently named one of Forbes’ World’s Most Powerful Women and highest paid TV actress. She recently announced her engagement to businessman Nick Loeb.



For more information about this topic click Here


SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

American Actress & Model Lindsay Lohan's Twitter Account Hacked

Posted by Avik Sarkar On 11/02/2012 03:29:00 am

American Actress & Model Lindsay Lohan's Twitter Account Hacked

Now a days hacking of celebrities, singer, Media, high profile personalities' twitter has became a natural phenomena. Here again another twitter hacking, also known as #twithackery occurs. After John Cena, Justin BieberTeyana Taylor,American pop singer Keshanow it was time for popular  American actress, fashion designer, model and recording artist Lindsay Morgan Lohan. A fake tweet was posted to the 26-year-old star's feed on the social-media site, leaving all of Lohan's 4.5 million followers a bit confused. According to sources Lindsay Lohan’s Twitter account was hacked on Tuesday with the tweet, 
“How does Hitler tie his shoes?” including a link to the answer on @oatmeal's blog. 
As soon as this tweet was spotted on the wild, immediate step has been taken from the side of Lindsay Lohan, and as expected that fake tweet has been deleted. So far the actress hasn’t expressed much concern for this slight security breach. 


But after regaining access on the twitter page Lindsay Lohan confirmed that her page indeed hacked while tweeting "my twitter was hacked, please ignore the last tweet."  as shown on the above picture. While talking  Lindsay Lohan twitter hacking, we also want to include the name of those celebrities  who have fallen victim to these nonstop #twithackery : NBC NewsFox News PoliticsUSAToday, Lady Gaga’s Twitter AccountAnders Breivik’s twitterMahesh Bhatt, Huffington Post & many more. 











SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

DHS & Public Safety Canada Started Joint Cybersecurity Action Plan

Posted by Avik Sarkar On 10/31/2012 06:08:00 am

DHS Public Safety Canada Started Joint Cybersecurity Action Plan

A joint venture Cyber Security plan has been announced by US Department of Homeland Security and Canada. According to the official website of Public Safety Canada - PS Canada along with the Department of Homeland Security (DHS) are pursuing a coordinated approach to enhance the resiliency of our cyber infrastructure. The Cybersecurity Action Plan (the Action Plan) between PS and DHS seeks to enhance the cybersecurity of our nations through increased integration of PS' and DHS' respective national cybersecurity activities and improved collaboration with the private sector. This Action Plan represents just one of many important efforts between Canada and the United States to deepen our already strong bilateral cybersecurity cooperation.
As the Internet knows no borders, all countries have a responsibility to prevent, respond to, and recover from cyber disruptions and to make cyberspace safer for all citizens across the globe. Due to a shared physical border, Canada and the United States have an additional mutual interest in partnering to protect our shared infrastructure. This Action Plan aims to articulate a shared approach to fulfill PS' and DHS' vision of working together to defend and protect our use of cyberspace and to strengthen the resiliency of our nations. These efforts, combined, advance the objectives articulated by President Obama and Prime Minister Harper in the February 2011 declaration, Beyond the Border: A Vision for Perimeter Security and Economic Competitiveness.
This Action Plan outlines three goals for improved engagement, collaboration, and information sharing at the operational and strategic levels, with the private sector, and in public awareness activities, for activities conducted by PS and DHS. The Action Plan establishes lines of communication and areas for collaborative work critical to enhancing the cybersecurity preparedness of both nations. The Action Plan's goals and objectives are to be conducted in accordance with the June 2012 Statement of Privacy Principles by the United States and Canada. This Action Plan is intended to remain a living document to be reviewed on a regular basis and updated as needed to support new requirements that align to the Plan's key goals and objectives. It intends to support and inform current and future efforts to advance the goals of Beyond the Border, which ultimately seeks to enhance broad bilateral cooperation on cybersecurity efforts across both governments.

Goals and Objectives:-

1. Enhanced Cyber Incident Management Collaboration between National Cybersecurity Operations Centers

PS' Canadian Cyber Incident Response Centre intends to work jointly with DHS' United States Computer Emergency Readiness Team and Industrial Control Systems Cyber Emergency Response Team towards the following objectives:
  • 1.1 Increase real-time collaboration between analysts by improving existing channels for remote communication and arranging in-person visits;
  • 1.2 Enhance information sharing at all classification levels and collaborate on training opportunities, while promoting inter-agency coordination, as appropriate, as well as the proper protections for information, as outlined in the Statement of Privacy Principles;
  • 1.3 Coordinate on cybersecurity incident response management, relating to defense, mitigation, and remediation activities and products, including with other public and private entities consistent with each country's laws and policies;
  • 1.4 Align and standardize cyber incident management processes and escalation procedures; and
  • 1.5 Enhance technical and operational information sharing in the area of industrial control systems security.

2. Joint Engagement and Information Sharing with the Private Sector on Cybersecurity

Due to the shared nature of critical infrastructure between Canada and the United States, PS and DHS intend to collaborate on cybersecurity-focused private-sector engagement for cybersecurity activities for which they are responsible through the following objectives:
  • 2.1 Share engagement approaches for private sector;
  • 2.2 Exchange and collaborate on the development of briefing materials for the private sector;
  • 2.3 Jointly conduct private sector briefings;
  • 2.4 Review approaches and align processes for private sector engagement through requests for technical assistance and non-disclosure agreements; and
  • 2.5 Standardize protocols for sharing information.

3. Continued Cooperation on Ongoing Cybersecurity Public Awareness Efforts

Cybersecurity is a shared responsibility and everyone, including our citizens, has a role to play. With increased media attention devoted to cybersecurity incidents and with the continuing growth of electronic commerce and social media, it is imperative that citizens receive clear and trustworthy information on how to manage cyber threats to themselves and their families. Ensuring that government's cybersecurity awareness messages are consistent across our border helps to deliver that information effectively and consistently. PS Communications, the DHS Office of Public Affairs, and the National Protection and Program Directorate's Office of Cybersecurity and Communications (CS&C) intend to continue to work together as they:
  • 3.1 Collaborate on public awareness campaigns (websites, social media activities, education material, etc.);
  • 3.2 Collaborate on Cybersecurity Awareness Month (October); and
  • 3.3 Share and coordinate messaging on issues of common interest.

Governance of the Joint Action Plan:-

Senior officials within PS and CS&C intend to review and provide additional guidance in order to update this Action Plan on a quarterly basis. This Action Plan is intended to be a part of broader inter-governmental coordination across government agencies in both the United States and Canada.


To Download The Full Cybersecurity Action Plan Between Public Safety Canada and the Department of Homeland Security Click Here



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

NASSCOM-Data Security Council of India Announces Annual Information Security Summit 2012

Posted by Avik Sarkar On 10/28/2012 04:38:00 am

NASSCOM-Data Security Council of India Announces Annual Information Security Summit 2012

NASSCOM-Data Security Council of India (DSCI) announced that the Annual Information Security Summit 2012 will be held on 11-12 December at Taj Lands End, Mumbai. The NASSCOM-DSCI Annual Information Security Summit this year will focus on the national cyber security elements- Framework, Machinery, Responsibility & Operations for all the critical information sectors like power, energy and finance where deliberation will take place on operating technologies like smart grid and industrial control system; the security and privacy imperatives of eCommerce, mCommerce and eGovernance application and platforms. The Summit will provide an opportunity to have focused discussions with government leaders along with global experts who will talk about the security ramifications at the global level. Special features such as celebrating the success of women leaders in the field of security, Workshop on IT Act and release of DSCI assessment frameworks will also be part of the annual summit. The addition of DSCIExcellence Awards 2012 to Corporate and LEAs this year along with Annual summit will truly make this as a platform where India Meets for Security. 

Who Should Attend:-

Organizations:
  • User Organization – Banks, Finance, Telecom, Manufacturing, Energy
  • Government & PSUs
  • Technology & Service Providers
  • Security Product/ Services Companies
  • Academia
Individuals:
  • Business Leaders
  • IT Leadership
  • Security & Privacy Leadership
  • Security Professionals
  • Security Implementer | Administrator | Officer

Participation benefits:
  • Learn about new challenges, threats and vulnerabilities
  • Gain Strategic direction & practical guidance
  • Explore new approaches, practices, technologies and services
  • Discover market developments and get a feel of technology products
  • Discuss on public policies for cyber security and privacy
  • Interact with national, government and global leadership
Agenda:- 
 
Tentative Agenda Topics for Annual Information Security Summit’12 : Day 1
Time
Session
0930 to 1015
Inaugural + Key Note
1015 to 1115
National Imperatives of Securing Operational Technologies … Smart Grids, Oil & Gas, & Public Utilities
1115 to 1140
Tea Break
1140 to 1200
Platinum Session 1 by Verizon
1200 to 1250
Protecting Key Economic Assets, Securing Financial Backbone
…. Stock Exchange, Payment Infrastructures & Financial Switches
1250 to 1310
Platinum Session 2 by TCG
1310 to 1415
Lunch Break
1415 to 1430
Special feature
1430 to 1520
Architecting Security for New Age Banking
… Business Models, Technology Transformations & Channel Revolutions in the midst of Organized, Focused, Advanced & Persistent Cyber Threats
1520 to 1540
Special feature by HP
1540 to 1640
Revolution named Clobile, Nightmare for Security? … Enterprise Mobility, Mobile Apps and Cloud Enablement Data driven Businesses
1640 to 1700
Tea Break
1700 to 1800
Data driven Businesses – Data reason for Empowerment and Concern
… Big Data, Context Computing & Social Media Computing
1800 to 1900
Networking and Exhibition
1900 to 2030
DSCI Excellence Awards 2012
  • Corporate
  • Law Enforcement
2030 Onwards
Cocktail Dinner
Day 2
Time
Session
0930 to 1030
Cyber Security, from National Responsibility to Global Accountability
… Cyber diplomacy, converging national and international interests
1030 to 1100
Special Feature by CISCO
1100 to 1130
Tea Break
1130 to 1230
Securing Technology Transformation of Governance … eGovernance projects, Security Challenges & Solutions
1230 to 1315
Rendezvous with Women Security Leaders: Special Interaction …. Security, Challenges and Opportunities for Women
1315 to 1415
Lunch Break
1415 to 1515
Security Enablement of Growing Electronic & Mobile Commerce
… Rising Volume & Growth of Commerce, Security as Enabler
1515 to 1600
Securing core, edge, access & connect: reappearance of network on agenda of security
… Finding the role of network security: Infrastructure Core, Hyer-extensive organizations, Access complexities, Mobility & External exposures
1600 to 1630
Tea Break
1630 to 1730
Consumer Behaviors and Business Responsibilities In the Information Age … Responsible Behaviors, Fair Business Practices & Enabling Technologies

To Get Yourself Registrar For the Event Click Here


SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Facebook Donates $250,000 to University of Alabama at CIA|JFR to Fight Against Cybercrime

Posted by Avik Sarkar On 10/27/2012 02:49:00 am

Facebook Donates $250,000 to University of Alabama at CIA|JFR to Fight Against Cybercrime 

All of us, who are associated or directly involved in this cyber domain know very well that its almost impossible to stand against the rising cyber crime & cyber criminals. Then the very first question will arise and that is, what is the solution? The answer will be tie-up collaboration, unity in diversity. That means if we stand together and help each other, then definitely we can control cyber crime, not only that but also we can have a safe and secure cyber space. While talking about co-operation and collaboration then a live instance is here for you. It is your favorite social network, Facebook who stand against cyber criminals and donate $250,000 to help fight cyber crime. According to UAB NewsThe Center for Information Assurance and Joint Forensics Research at the University of Alabama at Birmingham has received a $250,000 donation from Facebook in recognition of the center’s role in tracking international criminals behind social-media botnet Koobface as well as other spammers. The donation, which comes from money Facebook has recovered from spammers located around the world, will be used to expand the new CIA|JFR headquarters. 
“As a result of numerous collaborations over the years, Facebook recognizes the center as both a partner in fighting Internet abuse, and as a critical player in developing future experts who will become dedicated cybersecurity professionals,” says Joe Sullivan, chief security officer at Facebook. “The center has earned this gift for their successes in fighting cybercrime and because of the need for formal cybersecurity education to better secure everyone’s data across the world.”  
Here we want to remind our readers that 'Koobface' was the most dangerous malware ever made to infiltrate Facebook made by few Russian hacker. The hackers, known as the Koobface gang, sent Facebook users attractive invitations to watch a funny or sexy video. When the unsuspecting users clicked the link, the message appeared saying that their computer’s Flash software needed updating. The “update” was in fact malware that hijacked the user’s clicks and delivered them to advertisers, making the hackers money -to the tune of over $2 million annually. According to Kaspersky Labs the network of infected computers included between 400,000 and 800,000 PC. Earlier in this year the entire Koobface gang was exposed and the C&C server of Koobface has been stopped prenatally by few German Researchers. 

With this story here we, the entire VOGH Team would like to congratulate the team at the University of Alabama at Birmingham on the donation from Facebook. More power to them and similar experts around the world, helping investigate cybercrime and making the online world a safer place! 




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Related Posts Plugin for WordPress, Blogger...

Site search