Australia Joined 38 Other Nations as Part of an International Cybercrime Treaty

Australia Joined 38 Other Nations as Part of an International Cybercrime Treaty

Sitting at the edge of the latest technology, today we can easily separate our world into two parts. One is the real world where we live and another is the virtual or cyber world, in which we all are tightly attached. As these two fields are the prime factor where we have to stay happily so the matter of safety, security is highly required on the both said areas. Being one of the leading cyber media, our main concern is the cyber domain,  so we are worried as well are responsible and committed to server our readers. In this period of time many of us feel terrified to engage themselves in the cyber space due to lack of security and privacy, and also keeping in mind the major disaster done by cyber criminals. But how long? To get rid of that not only we the media people but also the sincere government of several countries make themselves committed to prepare a safe cyber world for the people. Earlier we have seen several developed countries came under a shade, in order to make an united shield to protect this cyber domain and its people. Today that shield got a new member. Yes it is Australia who has now formally joined 38 other nations as a party to the world's first international treaty on crimes committed via the internet. This deceleration came from the Attorney-General Mark Dreyfus. In his speech he said "Australia becoming a party to the Council of Europe Convention on Cybercrime will help combat criminal offences relating to forgery, fraud, child pornography, and infringement of copyright and intellectual property" 

By joining the Convention, Australian law enforcement agencies will be able to rapidly obtain data about communications relevant to cybercrimes from partner agencies around the world. With the Convention now in effect, Australia's investigative agencies are able to use new powers contained in the Cybercrime Legislation Amendment Act 2012 to work with cybercrime investigators around the globe. The Act amended certain Commonwealth cybercrime offences and enabled domestic agencies to access and share information relating to international investigations. Dreyfus says the Act also created new privacy protections, safeguards and reporting requirements for the exercise of new and existing powers.
"A warrant is always required to access the content of a communication whether the information is in Australia, or accessed from overseas under the Cybercrime Convention. The Cybercrime Act and the Cybercrime Convention do not impact in any way on the need to have a warrant to access content from a telephone call, SMS or e-mail." -Dreyfus said in his statement.

-Source (ZDNet)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Australia Joined 38 Other Nations as Part of an International Cybercrime Treaty"https://www.voiceofgreyhat.com/2013/03/Australia-Joined-International-Cybercrime-Treaty.html</a>

Evernote Security Breached! Causing 50 Million Passwords Reset

Evernote Security Breached! Causing 50 Million Passwords Reset

World famous online information storage firm Evernote, allows millions of people to store and organised personal data on an external server from cross-platform have fallen victim to latest round of cyber attacks where hackers had managed to breach the company network which results a massive data breach effecting more than 50 million of its registered users. The breach on Evernote follows malicious activity at Twitter, NBC, New York Times, Facebook and others in recent weeks. In their blog release the firm has acknowledged the incident while saying "Evernote’s Operations & Security team has discovered and blocked suspicious activity on the Evernote network that appears to have been a coordinated attempt to access secure areas of the Evernote Service." But the matter of relief for the millions of its users are that, whether the hackers have gained access inside Evernote user information, which includes usernames, email addresses associated with Evernote accounts, but due to salted encryption; hackers fail to gain decrypt those  credentials. But to avoid further massacre Evernote did password reset of all it's registered users. Phil Libin, Evernote’s CEO and founder, told press that the services are running, although if you try to access the site things may not work as normal at the moment: “We just pushed out a password reset, so the servers are going to be saturated for a bit,” he wrote. “Everything is up, although response is choppy. There’s no threat to user data that we’re aware of” -said Phil. Evernote also claimed that also have no evidence of any payment information for Evernote Premium or Evernote Business customers was accessed during the hack. 

The security response team of Evernote apologized for the annoyance of having to change your password, but, ultimately, they believed that; this simple step will result in a more secure Evernote experience.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Evernote Security Breached! Causing 50 Million Passwords Reset"https://www.voiceofgreyhat.com/2013/03/Evernote-Security-Breached.html</a>

China Claiming Their Defense & Military Sites are Serially Attacked By U.S. Hackers

China Claiming Their Defense & Military Sites are Serially Attacked By U.S. Hackers 

We all are very much familiar of hearing the story of cyber espionage and cyber attacks originated from China by Chinese hackers. Where many countries across the globe have fallen victim like U.S. India, Japan, South Korea, many European countries and many more. But today a complete reverse story came under light where the Chinese government are claiming that several top secrete government sites like defense, army, military were targeted and hit by hackers from United States. According to some classified sources it came that Chinese government websites are routinely hacked from IP addresses originating within the United States. In a news conference, spokesman of Defense Ministry of China; Mr. Geng Yansheng said that - more than 144,000 hacking attempts per month are targeted at the China Military Online and Defense Ministry websites. According to Chinese defense ministry a close to two-thirds of those attacks (62.9 percent) originated in the United States. Geng said he had noted reports that the United States planned to expand its cyber-warfare capability but that they were unhelpful to increasing international cooperation towards fighting hacking.

"We hope that the U.S. side can explain and clarify this." The U.S. security company, Mandiant, identified the People's Liberation Army's Shanghai-based Unit 61398 as the most likely driving force behind the hacking. Mandiant said it believed the unit had carried out "sustained" attacks on a wide range of industries. Yansheng did not mention a direct link between the cyber attacks and the U.S. government only that the attacks originated in the United States. He did note, however, that China is concerned with reports that the United States is planning to expand its cyber warfare capabilities. 

In the last month China was blamed for engaging cyber attacks against several high profile websites and organization of U.S. including New York Times, Twitter, NBC and so on. And if you refresh our memory then then we will find the scenario of big cyber attack and espionage by Chinese hackers have been spotted several times. In 2012 Chinese hackers had  breached Telvent's corporate network & gained control of US Power Grid. Also in the middle of last year, we have seen that Chinese hackers have broken into Indian Navy's Computer System & stolen sensitive data. Few months before this hack, Tokyo based computer security firm Trend Micro confirmed that Chinese hackers were responsible for biggest cyber-espionage in India, Japan & Tibet. Also the director of National Security Agency (NSA) General Keith Alexander confirmed that hackers from China was responsible for the serious attack on one of the leading IT security & cyber security company RSA. Also in 2011 China was responsible behind the attack on US Chamber of Commerce, Satellite System of U.S, Nortel Network & so on.  But few days ago National Computer Network Emergency Response Coordination Center of China (CNCERT/CC), China's primary computer security monitoring network claimed that China fallen victim of one of biggest cyber attacks originated from US, Japan & South Korea. We must have to say that this statement is truly irrelevant. Cyber crime investigator have found that China was directly responsible for the hack into Japan's Biggest Defense Contractor Mitsubishi, Japan Aerospace Exploration Agency (JAXA) & Parliament of Japan. In case of South Korea  more than 13 Million of MapleStory players data has been stolen, there also hackers from China was responsible. 

After keeping in mind all the above facts, we can not conclude the matter very easily, but what we can say that, whether China is responsible or not is neither been proved so far. In spite of looking at the situation we can only say, the entire matter is foggy; where the original truth has either been manipulated or been still untold. But it is sure that those untold or manipulated issues will some day came in front, till that time we have to keep patience and don't forget to stay tuned with VOGH for all kind of cyber related topics and expert reviews.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">China Claiming Their Defense & Military Sites are Serially Attacked By U.S. Hackers"https://www.voiceofgreyhat.com/2013/03/Chinese-defnese-attacked-by-us-hackers.html</a>

Shahrukh.com -The Official Fan Site of Shahrukh Khan Hacked

Shahrukh.com -The Official Fan Site of Shahrukh Khan Hacked

Last week we covered the hack of several Yamaha motor's official website, where a newly formed hacker group named 'Dark Snipper' took responsibility of that attack. Yet again that group strikes while setting a new target and that is the official website of famous Indian actor Shahrukh Khan's fan. Shahrukh Khan widely known as SRK, one of the most famous actor in Indian industry called "Bollywood". The attack took place couple of days ago, where this Pakistani hackers community have gained access into the server where shahrukh.com was hosted and thus the defaced the index page. After the matter get spotted, the webmaster took action and recovered the website. But the hacker did not forget to create a deface mirror on Zone-H, to justify the hack. Though such kind of cyber attack against Bollywood celebrities is a very normal phenomenon, infarct earlier we have seen the official website of Shahrukh Khan's movie named 'Ra.One' Also the twitter account of srk once became the hot target of hackers. If we define the nature of the attack, then we must have to say no such big object or cause driven the hackers, so the main purpose of engaging the hack can be defined as fun purpose. While talking about relation between hackers and Bollywood we would like to remind you that earlier we have seen several instances where celebrities like Mahesh Bhatt, Kangna Ranaut, Mallika Sherawat, Arbaaz Khan, Vishal and Shekhar and so on have fallen victim to cyber criminals. 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Shahrukh.com -The Official Fan Site of Shahrukh Khan Hacked"https://www.voiceofgreyhat.com/2013/02/Shahrukh.com-Hacked.html</a>

Hackers Hit Microsoft Windows Azure Causing 12 Hour Outage, Affecting Xbox & 52 Other Services

Hackers Hit Microsoft Windows Azure Causing 12 Hour Outage, Affecting Xbox & 52 Other Services 

Windows Azure the cloud computing platform of Microsoft for building, deploying and managing applications and services through a global network of Microsoft-managed datacenters  faced an unwanted disaster due to organized cyber attack which interrupted its service world wide. While looking at the scenario the Redmond based software giant sincerely apologize for the interruption and any issues it has caused and declared that they will  refund Windows Azure customers impacted by the said outage last week caused by an expired SSL certificate. The Windows Azure Storage outage affected at least 52 services, including Xbox Live on Thursday night and Friday. 

In a blog post while describing the situation Microsoft said - "HTTP traffic was unaffected but the event impacted a number of Windows Azure services that are dependent on Storage.  We executed the repair steps to update the SSL certificate on the impacted clusters and availability was restored to >99% worldwide by 1:00 AM PST on February 23.  At 8:00 PM PST on February 23, we completed the restoration effort and confirmed full availability worldwide. Given the scope of the outage, we will proactively provide credits to impacted customers in accordance with our SLA. The credit will be reflected on a subsequent invoice.  Our teams are also working hard on a full root cause analysis (RCA), including steps to help prevent any future reoccurrence."

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Hackers Hit Microsoft Windows Azure Causing 12 Hour Outage, Affecting Xbox & 52 Other Services"https://www.voiceofgreyhat.com/2013/02/Hackers-Hit-Windows-Azure-Caused-12-Hour-Outage.html</a>

NBC.com Compromised, Hackers Exploited The Website to Spread Malware

NBC.com Compromised, Hackers Exploited The Website to Spread Malware

The month of February is still going from bad to worse for the cyber domain, in this very month cyber criminals swallowed the security system of many giant companies like Facebook, Twitter, Apple, New York Times and many more. But the game is not over yet, as we have just passed a few weeks, when the attack on NY Times took place, which stolen the employ database; yet again the cyber criminals have targeted another media giant National Broadcasting Company widely known as NBC. During the attack, hackers have successfully gain access inside the server of NBC and planted malware, in order to harm innocent readers. Famous security expert and blogger Brian Krebs said that the hackers inserted code into the NBC.com homepage. This caused visiting browsers to load pages from third-party sites that were compromised. While explaining the nature of the attacker, Krebs said; "The compromised sites tried to foist the Citadel Trojan, a variant of the Zeus Trojan." The Zeus is a "sophisticated data theft tool that steals passwords and allows attackers to control machines remotely" he added. Not only the NBC’s home page, also several others were affected, including the pages of late night talk show hosts Jay Leno and Jimmy Fallon. Well known security firm Sophos explained how roughly attack played out, and how NBC got sucked into the equation:

• NBC's hacked pages were altered to add some malicious JavaScript that ran in your browser.
• The JavaScript injected an additional HTML component known as an IFRAME (inline frame) into the web page.
• The IFRAME sucked in further malicious content from websites infected with an exploit kit known as RedKit.
• The exploit kit delivered one of two exploit files to try to take control over your browser via a Java vulnerability or a PDF bug.
• If the exploit worked on your computer, financially-related crimeware from the Citadel or ZeroAccess families was installed.

This, of course, is an example of a dreaded drive-by download, where the crooks use a cascade of tricks to download, install and execute software without going through any of the warnings or confirmation dialog you might expect. This, in turn, means that even if you are a careful and well-informed user, you may end up in trouble, since there are no obvious signs that you are doing anything risky, or even unexpected.

As soon as this story get spotted the American commercial broadcasting television network, NBC News reported and confirmed that its site had been attacked. The broadcaster released the following statement regarding the website: "We've identified the problem and are working to resolve it. No user information has been compromised."

The emergency response team immediately take the situation under control and restored the website, and confirmed that the site is back again and completely safe for its visitors. But so far there is no evidence of attackers who were involved in this attack. For the safety of VOGH readers we would like to recommend you to update your operating systems and browser plugins. Also note that the attack on NBC was similar to many that have occurred in recent years in that the malicious sites tried to exploit vulnerabilities in Java. So it will better to disable Java, unless it is that much necessary. So stay tuned with VOGH and be safe in the cyber domain. 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">NBC.com Compromised, Hackers Exploited The Website to Spread Malware"https://www.voiceofgreyhat.com/2013/02/NBC.com-Compromised.html</a>

Twitter Account of Hacktivist Group Anonymous Hacked By 'Rustle League'

Twitter Account of Hacktivist Group Anonymous Hacked By 'Rustle League'

The scenario of hackers targeting another hacker has became a very common matter, in last two years we have seen many instances of the above matter where a hacker hit another hacker's site, community, blog, forums and so on. Today the story which I will about to discuss is the same matter where infamous hacker community named 'Anonymous' fallen victim. A newly formed hacker group calling them selves "Rustle League" targeted one of the officially recognized twitter account (@Anon_Central) belongs to hacktivist group which have more than 160,000 followers. According to security experts  "the reason Anonymous fell victim is probably human weakness." Or in other word many of twitter accounts get hacked due to choosing week passwords. "Chances are that they followed poor password practices, like using the same password in multiple places or choosing a password that was easy to crack. Everyone should learn better password security from incidents like this - if it can happen to an account run by Anonymous supporters, it could happen to you" said another expert of security firm Sophos. The hack on Anonymous twitter account placed Thursday morning and three hours later, those running the feed tweeted that they had gained back control of their account. 

While talking about attack on Twitter, we would like to remind you that, in this month a sophisticated cyber attack compromised the security system of the social networking giant twitter, where more than 250,000 twitter users have fallen victim. Though the hack of Anonymous twitter account does not resembles to the said matter, but the hack can be considered in the list of twitter hacking, widely known as #twithackery; where hackers gain temporary access of celebrity and famous twitter accounts. If you did the history we will find the following names, WWE champion John Cena, Star Rita Ora, Justin Bieber, Teyana Taylor,American pop singer Kesha, NBC News, Fox News Politics, USAToday, Lady Gaga’s Twitter Account, Anders Breivik, Mahesh Bhatt, Huffington Post; these are the famous names who have fallen victim to twithackery. 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Twitter Account of Hacktivist Group Anonymous Hacked By 'Rustle League'"https://www.voiceofgreyhat.com/2013/02/Twitter-Account-of-Anonymous-Hacked.html</a>