Showing posts sorted by relevance for query RSA. Sort by date Show all posts
Showing posts sorted by relevance for query RSA. Sort by date Show all posts

China Claiming Their Defense & Military Sites are Serially Attacked By U.S. Hackers

Posted by Avik Sarkar On 3/04/2013 08:31:00 pm

China Claiming Their Defense & Military Sites are Serially Attacked By U.S. Hackers 

We all are very much familiar of hearing the story of cyber espionage and cyber attacks originated from China by Chinese hackers. Where many countries across the globe have fallen victim like U.S. India, JapanSouth Koreamany European countries and many more. But today a complete reverse story came under light where the Chinese government are claiming that several top secrete government sites like defense, army, military were targeted and hit by hackers from United States. According to some classified sources it came that Chinese government websites are routinely hacked from IP addresses originating within the United States. In a news conference, spokesman of Defense Ministry of China; Mr. Geng Yansheng said that - more than 144,000 hacking attempts per month are targeted at the China Military Online and Defense Ministry websites. According to Chinese defense ministry a close to two-thirds of those attacks (62.9 percent) originated in the United States. Geng said he had noted reports that the United States planned to expand its cyber-warfare capability but that they were unhelpful to increasing international cooperation towards fighting hacking.
"We hope that the U.S. side can explain and clarify this." The U.S. security company, Mandiant, identified the People's Liberation Army's Shanghai-based Unit 61398 as the most likely driving force behind the hacking. Mandiant said it believed the unit had carried out "sustained" attacks on a wide range of industries. Yansheng did not mention a direct link between the cyber attacks and the U.S. government only that the attacks originated in the United States. He did note, however, that China is concerned with reports that the United States is planning to expand its cyber warfare capabilities. 
In the last month China was blamed for engaging cyber attacks against several high profile websites and organization of U.S. including New York Times, Twitter, NBC and so on. And if you refresh our memory then then we will find the scenario of big cyber attack and espionage by Chinese hackers have been spotted several times. In 2012 Chinese hackers had  breached Telvent's corporate network & gained control of US Power GridAlso in the middle of last year, we have seen that Chinese hackers have broken into Indian Navy's Computer System & stolen sensitive data. Few months before this hack, Tokyo based computer security firm Trend Micro confirmed that Chinese hackers were responsible for biggest cyber-espionage in India, Japan & Tibet. Also the director of National Security Agency (NSA) General Keith Alexander confirmed that hackers from China was responsible for the serious attack on one of the leading IT security & cyber security company RSAAlso in 2011 China was responsible behind the attack on US Chamber of Commerce, Satellite System of U.S, Nortel Network & so on.  But few days ago National Computer Network Emergency Response Coordination Center of China (CNCERT/CC), China's primary computer security monitoring network claimed that China fallen victim of one of biggest cyber attacks originated from US, Japan & South Korea. We must have to say that this statement is truly irrelevant. Cyber crime investigator have found that China was directly responsible for the hack into Japan's Biggest Defense Contractor Mitsubishi, Japan Aerospace Exploration Agency (JAXA) & Parliament of Japan. In case of South Korea  more than 13 Million of MapleStory players data has been stolen, there also hackers from China was responsible. 
After keeping in mind all the above facts, we can not conclude the matter very easily, but what we can say that, whether China is responsible or not is neither been proved so far. In spite of looking at the situation we can only say, the entire matter is foggy; where the original truth has either been manipulated or been still untold. But it is sure that those untold or manipulated issues will some day came in front, till that time we have to keep patience and don't forget to stay tuned with VOGH for all kind of cyber related topics and expert reviews.



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

What Risk We are Posing! Everyone Can Become Target of the Latest Cyber Security Threats

Posted by Avik Sarkar On 2/10/2014 07:31:00 pm

What Risk We are Posing! Everyone Can Become a Target of the Latest Cyber Security Threats
According to a report by the Washington Post, hackers may soon be setting up a plan to unfold in 2013 that will target 30 different U.S. banking institutions. McAfee Labs, who has compiled a new cyber security report, says that banks should be on the lookout for software that creates false online transactions or targets transfers tied to large dollar amounts.
Sources say that these threats can all be tied back to “Project Blitzkrieg”, which is a program that has been around since 2008. Within the past four years, it has already stolen $5 million and plans to continue for as long as possible. During the past few months, between 300 and 500 victims located within the U.S. have fallen victim to Project Blitzkrieg’s schemes. By the spring of 2013, McAfee says that things could get even worse for U.S. banks and their customers.
Experts note that this scheme may be tied to reports from back in October by security company RSA that mentioned how a hacker out of Russia named “vorVzakone” has been openly discussing his plan to recruit a team to plan the largest Trojan attack tied to banking. McAfee warns that these threats should be taken extremely seriously as the beginning of 2013 is soon to unfold. The software can become extremely dangerous to those doing their banking online because it can replicate transactions and even delete e-mail notifications about certain transfers.
While U.S. banks will no doubt be increasing their security protocols to protect themselves from any unnecessary attacks, most already know that they are continually being cited as targets from hacking groups around the globe. Back in September, both JP Morgan Chase and Bank of America saw their sites crash because of DDoS attacks.

Samsung Smart TV Dangers
The Register has recently reported that Samsung’s newest Smart TV is completely open and vulnerable to hacking because it gives hackers the ability to steal data very quickly. According to security company ReVuln, this vulnerability most notably affects consumers who own and use their Samsung 3D TVs for internet purposes.
Those who use their Smart TVs can rent movies, browse the web for a cheap line rental, go on Facebook, and more. ReVuln claims that they have found an exploit which allows hackers to see everything the user is doing while they are using their TV, retrieve and access information like web history, and hook up an external thumb drive to the TV to conveniently steal all of this information for future use. While ReVuln noticed this exploit while using a Samsung 3D TV, the true problem is that it seems to affect all of the latest Samsung TVs with internet capabilities, which includes many different makes and models.
As these TVs continue to act more as larger PCs, it is only a matter of time until we see even more security vulnerabilities tied to them in the very near future.

Gas Station Bluetooth Skimming
News site KRCA out of Sacramento notes that crooks are using Bluetooth devices in order to steal credit card information from those who are paying for gas at the pump. The biggest issue the cyber security experts noticed is that these thieves do not even have to be near the gas station in order to steal information.
Crooks are using skimming devices that utilize Bluetooth and contain a variety of common security keys that can be used to access gas pumps for maintenance. They don’t simply pull out their device and begin swiping information for oblivious consumers. Thieves will start by installing skimmers on the pumps to collect information from those pumping gas and then pick them back up. Detectives say that these types of devices are impossible to detect.
According to experts, thieves can be up to 100 yards away and continually collect credit card information from unsuspecting users. Because of this, these crooks are impossible to detect, and the problem may only grow larger in the near future.

Troublesome QR Codes

QR codes seem to be everywhere these days. They’re typically on everything from advertisements to products that we purchase on a daily basis. In the Netherlands, hackers are posting QR codes in heavily trafficked areas like airports and major streets. When these QR codes are scanned in by a user’s smart phone, they are taken to a malicious website that may attempt to phish information from the user or possibly infect their smartphone with malware.

Disclaimer:- Before perfection, on behalf of Team VOGH, I would like to personally thank Eve Halton  for sharing this magnificent article with our readers. Eve is a very much passionate Fleet Street, she  has done her graduation in International Business and Journalism. She gained decent experience in writing articles on several fields like global politics, economics, sustainability issues, cyber security & many more.


SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

White House Unclassified Network Hacked By Chinese Hackers Using Spear Phishing

Posted by Avik Sarkar On 10/03/2012 04:37:00 am

White House Unclassified Network Hacked By Chinese Hackers Using Spear Phishing

Another cyber espionage generated from China targeted the White House. U.S. government computers reportedly including systems used by the military for nuclear commands were breached by Chinese hackers. The White House it self confirmed the breach, while saying that hackers indeed made an attempt to infiltrate its computer system, but says it thwarted the effort and that no classified networks were threatened. Also the security breach did not appear to have stolen any dataWhite House spokesman Jay Carney told reporters the White House is equipped with mitigation measures that identified the attack, isolated it and prevented its spread. He said there was no indication that any data was removed. “There are distinctions between those networks that contain classified information and those that don’t, and the attack was against an unclassified network,” Carney said. 
The hackers breached the network by using a technique known as spear phishing, in which they target victims who have access to sensitive computer networks by sending personalized emails that appear to come from trusted sources. Once the victims click on the bogus attachment or link, the hackers can install malicious software on the PCs to spy on users and steal data.  A law enforcement official who works with members of the White House Military Office confirmed the Chinese attack to press on Monday, but it remains unclear what information, if any, was taken or left behind. But still The White House officially did not say whether the recent attack was linked to China or not. 

"This [White House Communications Agency] guy opened an email he wasn't supposed to open," the source said. That email contained a spear phishing attack from a computer server in China, the law enforcement source told the press. The attack was first reported by the conservative blog Free Beacon. Spear phishing involves the use of messages disguised to appear as valid; in fact, they contain targeted, malicious attempts to access sensitive or confidential information. 

While talking about this breach, we would like to remind you that just few days ago Chinese hackers breached Telvent's corporate network & gained control of US Power GridCouple of months ago we have seen that Chinese hackers have broken into Indian Navy's Computer System & stolen sensitive data. Few months before this hack, Tokyo based computer security firm Trend Micro confirmed that Chinese hackers were responsible for biggest cyber-espionage in India, Japan & Tibet. Also the director of National Security Agency (NSA) General Keith Alexander confirmed that hackers from China was responsible for the serious attack on one of the leading IT security & cyber security company RSAAlso in 2011 China was responsible behind the attack on US Chamber of Commerce, Satellite System of U.S, Nortel Network & so on.  But few days ago National Computer Network Emergency Response Coordination Center of China (CNCERT/CC), China's primary computer security monitoring network claimed that China fallen victim of one of biggest cyber attacks originated from US, Japan & South Korea. We must have to say that this statement is truly irrelevant. Cyber crime investigator have found that China was directly responsible for the hack into Japan's Biggest Defense Contractor Mitsubishi, Japan Aerospace Exploration Agency (JAXA) & Parliament of Japan. In case of South Korea  more than 13 Million of MapleStory players data has been stolen, there also hackers from China was responsible. 








SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Chinese Hackers Were Responsible For Cyber-Espionage In India, Japan & Tibet

Posted by Avik Sarkar On 4/03/2012 02:02:00 pm

Chinese Hackers Were Responsible For Cyber-Espionage In India, Japan & Tibet  

Tokyo based computer security firm Trend Micro confirmed that a breach of computers belonging to companies in Japan and India and to Tibetan activists has been linked to a former graduate student at a Chinese university  putting a face on the persistent espionage by Chinese hackers against foreign companies and groups. Chinese hackers have been linked to a cyber-espionage campaign that planted data-gathering malware in a total of 233 computers of Tibetan activists and military and industrial entities in Japan and India. The so-called "Luckycat" campaign has been active since at least June 2011 and has been linked to 90 attacks that use malware tailored for each victim. The hackers targeted military research institutions and shipping companies in India; energy, engineering and aerospace entities in China and 30 computers of Tibetan activists. Trend Micro researchers traced the attacks to an e-mail address used to register a command-and-control server. They also mapped the address to a Chinese instant messaging screen name and from there to an online alias, "scuhkr." The espionage has been going on for at least 10 months and is continuing. The attacks are technically similar to a spy operation known as the Shadow Network, which since 2009 has targeted the Indian government and also pilfered a year's worth of the Dalai Lama's personal e-mails
Few days ago the director of National Security Agency (NSA) General Keith Alexander confirmed that hackers from China was responsible for the serious attack on one of the leading IT security & cyber security company RSAAlso in 2011 China was responsible behind the attack on US Chamber of Commerce, Satellite System of U.S, Nortel Network & so on.  But few days ago National Computer Network Emergency Response Coordination Center of China (CNCERT/CC), China's primary computer security monitoring network claimed that China fallen victim of one of biggest cyber attacks originated from US, Japan & South Korea. We must have to say that this statement is truly irrelevant. Cyber crime investigator have found that China was directly responsible for the hack into Japan's Biggest Defense Contractor Mitsubishi, Japan Aerospace Exploration Agency (JAXA) & Parliament of Japan. In case of South Korea  more than 13 Million of MapleStory players data has been stolen, there also hackers from China was responsible. Now this report Trend Micro again proves China has became one of the biggest cyber threat in front of the whole world. The past activities are clearly indicating that hackers from China was directly linked and responsible for all those biggest cyber espionage. Still it is not clear that whether these cyber criminals are supported by the Govt. or not!!



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

IU experts find flaws in US web protection plan

Posted by Avik Sarkar On 5/16/2011 03:25:00 pm


The White House proposed new cybersecurity legislation Thursday that aimed to protect the country against threats to the national infrastructure and the economy, but it was too small a step, according to IU cybersecurity experts.
Fred Cate, a professor in the Maurer School of Law and the director of the Center for Applied Cybersecurity Research, said cybersecurity attacks are a huge problem in today’s society.
“We live in a data-driven society — almost everything we do generates or uses digital data,” Cate said. “Yet as the president and most everyone else recognizes, those data and the systems that transmit and store them are not secure.”
The proposal focuses on the protection of American citizens, critical infrastructure, government systems and privacy and civil liberties. The legislation includes harsher penalties for cybercriminals and requires the Department of Homeland Security to work with companies in the private sector to identify and address vulnerabilities.
Von Welch, the deputy director of the CACR, thinks the new legislation was a positive step, but not a big enough one.
“My concern is that it isn’t keeping up with advances we’re seeing in cybercrime,” he said.
The administration’s cybersecurity efforts have been focused on new technologies, rather than on creating legal and economic incentives for the private sector to invest in better security, Cate said. This approach hasn’t worked, he said.
“During the past two years we have witnessed massive security breaches involving hundreds of millions of Americans, involving Sony PlayStation, the online marketing firm Epsilon, even the security powerhouse RSA,” Cate said. “According to one study, more than 2,500 companies were victims of one sophisticated cyberattack that exfiltrated proprietary corporate data, and there are thousands of other successful attacks against companies and agencies.”
Cate said that U.S. counterintelligence officials report that 140 foreign intelligence organizations are actively engaged in trying to hack into U.S. government and business networks.
“Without appropriate incentives, industry won’t invest sufficiently in good security,” he said. “It is that simple.”
Welch agrees. Much of what the legislation does is formalize practices already happening, he said.
“For example, federalizing breach notification laws have already been put in place by many states, and explicitly allowing collaboration and information exchange that is already taking place by cybersecurity practitioners.”
Cate and Welch agree that there are some positive parts to the plan. Its focus on critical infrastructure, by mandating core critical infrastructure operators, creates a plan for addressing threats. Having those plans evaluated by third parties is a good step given the importance of critical infrastructure to national security, Welch said.
What’s missing from the plan, Welch said, is a similar push for other parts of the Internet.
“As recent high-profile cases such as Sony and Epsilon have shown, and what seem to be constant problems with privacy on social networking sites, there are other companies operating on the Internet that while perhaps not critical to our national security, still impact millions of people,” he said. “There is nothing in the proposed legislation to really incentivize these companies to improve their cybersecurity and, in turn, our privacy as their users.”
Cate explained how the plan could be improved.
“The plan could include legal requirements for good information security, tax incentives, safe harbor provisions for businesses that try to enhance security even if they fail, liability provisions to allow injured consumers to recover from harms caused by bad security and new enforcement powers and resources for the Federal Trade Commission,” he said.
In addition to calling for new privacy protections, he said the President should appoint the members of the Privacy and Civil Liberties Oversight Board, which Congress created, but the administration has yet to fill.
Cate also said the administration’s plan includes no effort to curtail risky behaviors by businesses themselves.
“The recent discoveries that Google and Apple are both collecting location data on smart phone users and storing that data, unencrypted, in unsecured files suggests that some regulation may be appropriate to protect individuals as well as industry,” he said.
The bottom line? Technology is very important in security, but the administration’s focus on it is only one step towards enhancing information security.
“Technologies are like magic bullets for the government — no matter what the problem, we want to believe that technology can solve it,” Cate said. “Technology alone just isn’t enough — for security or anything else.”

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

CITI Group Said that more than 36000 Citi cards was Hacked

Posted by Avik Sarkar On 6/17/2011 08:55:00 am





Citigroup Inc. has revealed the extent of the recent security breach it faced after hackers got access to hundreds of thousands of its credit card customers’ information in North America. Management affirmed that around 360,083 North America Citi-branded credit cards were hacked and only accounts issued in the U.S. were impacted.
Citi came to know about this unauthorized access during a routine check up. Customers' account information such as name, account number and contact information, including email addresses were leaked. However, chances of fraud are perhaps less as more critical data remained unscathed. Such data include customers' social security number, date of birth, card expiration date and card security code (CVV).
Yet, customers remain susceptible to other problems. The extent of client information that has been hacked could be used to procure further financial information through illicit ways.


Measures by Citi:-
The affected customers are being contacted by the company and measures have been taken to avoid any such event again in the future. Around 217,657 accounts were reissued credit cards along with a notification letter by Citi.
Other customers were not re-issued credit cards because either their accounts were closed or they already received new credit cards as a result of other card replacement practices. Citi is significantly monitoring these accounts for suspicious activity.


Companies Under Attack:-
Besides Citi, the other companies that suffered cyber attacks in recent times include some big names like Google Inc. (GOOG -Analyst Report), Lockheed Martin Corp. (LMT - Analyst Report), and Sony Corp. (SNE - Snapshot Report). The most notable was that of the security breach at EMC Corp.’s (EMC - Analyst Report) RSA unit, which makes SecurID used by banks for corporate networks’ to secure log in. Such a situation raises concern about the level of protection these companies are providing to their customers.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

The International Monetary Fund get Hacked.

Posted by Avik Sarkar On 6/12/2011 12:00:00 am


The International Monetary Fund, which manages the money of many a nation around the world, was recently the victim of what has been described as a "large and sophisticated" attack on its systems. It isn't yet clear how bad the damage is.
The breach certainly comes at a bad time, as the fund was only just rocked by the sexual assault charges against its former director Dominique Strauss-Kahn last month. However, the attack might have taken place even before said charges, though an official statement has yet to be made. The hackers responsible could, then, have had access to very serious information for some time:-
Because the fund has been at the center of economic bailout programs for Portugal, Greece and Ireland - and possesses sensitive data on other countries that may be on the brink of crisis - its database contains potentially market-moving information. It also includes communications with national leaders as they negotiate, often behind the scenes, on the terms of international bailouts. Those agreements are, in the words of one fund official, "political dynamite in many countries." It was unclear what information the attackers were able to access.
The attack was apparently so serious that the World Bank cut the connection that allows the two organizations to share data.
The IMF is only the most recent example of a large corporate entity being made vulnerable by cyber mischief. Both Sony and Lockheed Martin have fallen victim to wayward hackers in recent months. The fund has denied, however, any connection to the RSA SecurID break-in that compromised Lockheed back in March.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Chinese Hackers Breached New York Times & Stolen Employee's Password

Posted by Avik Sarkar On 2/03/2013 01:54:00 am

Chinese Hackers Breached New York Times & Stolen Employee's Password 

Yet again the story of cyber espionage by Chinese hackers spotted in the wild, when the famous and one of the most popular American news daily reported that their system has been compromised by a round of sophisticated cyber attack generated from China. After the hack of White House unclassified network, it is the second time in last six month; when Chinese hackers have targeted the American cyber spaceThe New York Times has reported that for the last four months Chinese hackers have been infiltrating its networks, broken into the email accounts of senior staff, stolen the corporate passwords for every Times employee and used those to gain access to the personal computers of  more than 50 employees
According to a blog post of NYT - The timing of the attacks coincided with the reporting for a Times investigation, published online on Oct. 25, that found that the relatives of Wen Jiabao, China’s prime minister, had accumulated a fortune worth several billion dollars through business dealings. Security experts hired by The Times to detect and block the computer attacks gathered digital evidence that Chinese hackers, using methods that some consultants have associated with the Chinese military in the past, breached The Times’s network. They broke into the e-mail accounts of its Shanghai bureau chief, David Barboza, who wrote the reports on Mr. Wen’s relatives, and Jim Yardley, The Times’s South Asia bureau chief in India, who previously worked as bureau chief in Beijing. 
“Computer security experts found no evidence that sensitive e-mails or files from the reporting of our articles about the Wen family were accessed, downloaded or copied,” said Jill Abramson, executive editor of The Times. The hackers tried to cloak the source of the attacks on The Times by first penetrating computers at United States universities and routing the attacks through them, said computer security experts at Mandiant, the company hired by The Times. This matches the subterfuge used in many other attacks that Mandiant has tracked to China.

Cyber Espionage of China (2011-2012) at a Glance:-
While talking about this cyber attack, we would like to refresh your memory last two years, where the scenario of big cyber attack and espionage by Chinese hackers have been spotted several times. In 2012 Chinese hackers had  breached Telvent's corporate network & gained control of US Power GridAlso in the middle of last year, we have seen that Chinese hackers have broken into Indian Navy's Computer System & stolen sensitive data. Few months before this hack, Tokyo based computer security firm Trend Micro confirmed that Chinese hackers were responsible for biggest cyber-espionage in India, Japan & Tibet. Also the director of National Security Agency (NSA) General Keith Alexander confirmed that hackers from China was responsible for the serious attack on one of the leading IT security & cyber security company RSAAlso in 2011 China was responsible behind the attack on US Chamber of Commerce, Satellite System of U.S, Nortel Network & so on.  But few days ago National Computer Network Emergency Response Coordination Center of China (CNCERT/CC), China's primary computer security monitoring network claimed that China fallen victim of one of biggest cyber attacks originated from US, Japan & South Korea. We must have to say that this statement is truly irrelevant. Cyber crime investigator have found that China was directly responsible for the hack into Japan's Biggest Defense Contractor Mitsubishi, Japan Aerospace Exploration Agency (JAXA) & Parliament of Japan. In case of South Korea  more than 13 Million of MapleStory players data has been stolen, there also hackers from China was responsible. 
All those above stories it has been clearly identified that China was the point of those said attacks, but it doesn't necessarily prove that it the operation is backed by the Chinese government or intelligence services. It could just as easily be a patriotic group of skilled, independent Chinese hackers upset with how the Western media is portraying their country's rulers. For all kind of cyber related topics and expert reviews on those matters just stay tuned  with only VOGH




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Chinese Hackers Broke Into Indian Navy's Computer System & Stolen Sensitive Data (VOGH Exclusive)

Posted by Avik Sarkar On 7/06/2012 07:07:00 pm

VOGH Exclusive:- Chinese Hackers Broke Into Indian Navy's Computer System & Stolen Sensitive Data

Again cyber criminals from China targeted Indian cyber fence. This time Indian Navy have fallen victim of this cyber espionage. According to sources hackers have broken into sensitive naval computer systems in and around Visakhapatnam, the headquarters of the Eastern Naval Command, and planted malware that relayed confidential data to IP addresses in China.  There is, to date, nothing known about the data thieves. 
Primary investigation revealed that the classified data has been leaked and that the breach may have occurred as a result of the use of USB flash storage on important systems. The Navy and other armed forces store sensitive data on standalone systems, unconnected to the internet and supposedly with no free USB ports where a flash drive could be plugged in.
The malware is reported to have created a hidden folder on the USB flash drives. When the drive was plugged into a Navy system, the malware searched for files based on particular key words it had been configured to look for. These files were then copied to the flash drive where they would remain hidden. When the drive was plugged into a system which was connected to the internet, the malware would then begin to transfer the files to a specific IP address. The extent of the loss is still being ascertained, and officials said it was “premature at this stage” to comment on the sensitivity of the compromised data. But the Navy has completed a Board of Inquiry (BoI) which is believed to have indicted at least six mid-level officers for procedural lapses that led to the security breach. Navy official also said: “An inquiry has been convened and findings of the report are awaited. It needs to be mentioned that there is a constant threat in the cyber domain from inimical hack ers worldwide.”
Couple of months ago Tokyo based computer security firm Trend Micro confirmed that Chinese hackers were responsible for biggest cyber-espionage in India, Japan & Tibet. Also the director of National Security Agency (NSA) General Keith Alexander confirmed that hackers from China was responsible for the serious attack on one of the leading IT security & cyber security company RSAAlso in 2011 China was responsible behind the attack on US Chamber of Commerce, Satellite System of U.S, Nortel Network & so on.  But few days ago National Computer Network Emergency Response Coordination Center of China (CNCERT/CC), China's primary computer security monitoring network claimed that China fallen victim of one of biggest cyber attacks originated from US, Japan & South Korea. We must have to say that this statement is truly irrelevant. Cyber crime investigator have found that China was directly responsible for the hack into Japan's Biggest Defense Contractor Mitsubishi, Japan Aerospace Exploration Agency (JAXA) & Parliament of Japan. In case of South Korea  more than 13 Million of MapleStory players data has been stolen, there also hackers from China was responsible. 
The above phenomena are clearly indicating that hackers from China was directly linked and responsible for all those biggest cyber espionage. Still it is not clear that whether these cyber criminals are supported by the Govt. or not!!



 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

XML Encryption Cracked By Researchers Of Ruhr University

Posted by Avik Sarkar On 10/30/2011 04:26:00 pm



Researchers at the Ruhr University of Bochum (RUB) say they have succeeded in cracking parts of the XML encryption used in web services, thus making it possible to decrypt encrypted data. The official W3C XML encryption specification is designed to allow the secure transmission of information between different e-commerce and financial systems. The attack is limited to where AES is used for encryption in the cipher-block chaining (CBC) mode; other techniques, such as using an RSA key and X.509 certificates, are not susceptible.
According to the researchers, IBM, Microsoft and Red Hat Linux use the standard solution in web service applications for a number of large customers. The researchers say that, based on their findings, the standard should now be considered insecure. They plan to publish details about the problem at the upcoming ACM Conference in Chicago (ACM CCS 2011).



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Chinese Hackers Breached Telvent's Corporate Network & Gained Control of US Power Grid

Posted by Avik Sarkar On 9/30/2012 03:12:00 am

Chinese Hackers Breached Telvent's Corporate Network & Gained Control of US Power Grid

Telvent - the maker of power-grid control systems and smart meters and whose software and services remotely administers and monitor large sections of the US energy industry has began warning its customers about a sophisticated hacker attack originated from China. Telvent, a division of Schneider Electric, has admitted hackers breached its corporate network, implanted malicious software and lifted sensitive project files. The raid spanned Telvent systems in the US, Canada and Spain, according to a letter sent to the company's customers this month. Criminals can now study the documents for vulnerabilities in the systems, and potentially devise attacks to sabotage nations' electricity distribution networks. It looks like the hackers managed to get past the company firewall and security systems. In letters sent to customers last week, Telvent Canada said the attack happened on September the 10th.
The attackers installed malicious software and stole project files related to one of its core offerings — OASyS SCADA — a product that helps energy firms mesh older IT assets with more advanced “smart grid” technologies. The company said it was disconnecting the usual data links between clients and affected portions of its internal networks. Meanwhile it is looking for virus or malware files. Telvent has cut data links between at-risk portions of its internal network and clients' systems as a precaution while it probes the breach. Police have been called in to investigate the attack. 
In a report The Register said -Dale Peterson, founder and chief of industrial control security specialist Digital Bond, spelled out the kinds of information present in the lifted documents. "Some project files contain the 'recipe' for the operations of a customer, describing calculations and frequencies at which systems run or when they should be turned on or off," He told press. "If you're going to do a sophisticated attack, you get the project file and study it and decide how you want to modify the pieces of the operation. Then you modify the project file and load it [onto a company's control system], and they're not running what they think they're running." 

While talking about US power grid, we would like to remind you that, earlier researcher have warned about several security holes in power which could even allow an attacker to shutdown the entire system. Soon after  this story made public, National Security Agency (NSA) suspected that hacktivist Anonymous may target the Entire U.S. Power Grid. What ever such massacre did not happen, and Anon said they are not interested to hit power industry. 

 Chinese Hackers Behind Some Biggest Cyber Espionage:- 
Couple of months ago we have seen that Chinese hackers have broken into Indian Navy's Computer System & stolen sensitive data. Few months before this hack, Tokyo based computer security firm Trend Micro confirmed that Chinese hackers were responsible for biggest cyber-espionage in India, Japan & Tibet. Also the director of National Security Agency (NSA) General Keith Alexander confirmed that hackers from China was responsible for the serious attack on one of the leading IT security & cyber security company RSAAlso in 2011 China was responsible behind the attack on US Chamber of Commerce, Satellite System of U.S, Nortel Network & so on.  But few days ago National Computer Network Emergency Response Coordination Center of China (CNCERT/CC), China's primary computer security monitoring network claimed that China fallen victim of one of biggest cyber attacks originated from US, Japan & South Korea. We must have to say that this statement is truly irrelevant. Cyber crime investigator have found that China was directly responsible for the hack into Japan's Biggest Defense Contractor Mitsubishi, Japan Aerospace Exploration Agency (JAXA) & Parliament of Japan. In case of South Korea  more than 13 Million of MapleStory players data has been stolen, there also hackers from China was responsible. 

The above phenomena are clearly indicating that hackers from China was directly linked and responsible for all those biggest cyber espionage. Still it is not clear that whether these cyber criminals are supported by the Govt. or not!!









SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Related Posts Plugin for WordPress, Blogger...

Site search