Friday, July 17, 2009

Quote of the Day...

Quote of the day

In school you get the lesson and then take the test;

In life you take the test and then get the lesson.

New IT Term of the day

New IT Term of the day


An Internet slang term that means "clueless newbie".

CYBER FIGHT : Hackers Increasingly Targeting Religion Sites

CYBER FIGHT : Hackers Increasingly Targeting Religion Sites

10 July 2009

By Paul Goble

The Moscow Times


Hacker attacks against sites maintained by political opponents of the Russian government have received a great deal of attention. One target of hackers that has received far less press is Runet sites operated by religious groups, which are increasingly coming under cyber attack, a trend that reflects the importance of the Internet in Russian religious life.

In an article in newspaper Novya Izvestiya, reporter Mikhail Pozdnyaev says that among those who have suffered from hacker attacks are “representatives of all confessions, official and independent information agencies that write about religious news, and popular missionaries."

Because of the diversity of sites and the difficulties involved in determining why a site may have failed and in tracking down those responsible, there are no reliable statistics available on just how widespread this trend is. Consequently, the Novaya Izvestiya journalist describes some of the more high-profile examples of this phenomenon.

Pozdnyaev begins with the hacker attack on the official site of the Maykop and Adygei eparchate of the Russian Orthodox Church this past Sunday. For several hours, he reports, visitors to the site found a page that had nothing to do with religious affairs, though the eparchate’s technical staff was able to restore the site rather quickly.

Officials in the eparchate told Pozdnyaev that they believe that this attack happened when it did because at least some of the faithful are unhappy that Archbishop Panteleimon has been replaced as head of the see by Bishop Tikhon. The hackers, these officials believe, were supporters of Panteleimon.

But exactly who carried out the cyber attack remains unknown in this case, as in others even when the hackers declare themselves — as happened earlier this year — to be representatives of the “ Free Radical Society of Atheists of Bobruisk” or the “Atheist from Shenkursk,” titles that are only user names that reveal little.

A much larger hacking scandal occurred during the controversy over now dethroned Bishop Diomid and his challenge to the Moscow Patriarchate. The “Orthodoxy in the Far East” portal that featured information on his case came under attack twice — once with those responsible posting pornographic pictures and another time with foul language.

The priest who oversees the portal said the hackers were people who supported Diomid and had enough resources to overcome the portal’s defenses. Since then, the Interior Ministry’s Bureau of Special Technical Measures has tracked down the individual involved: He is a citizen of one of the CIS countries, the ministry reported.

Russian prosecutors are seeking to bring this person to justice, the journalist says, but they have not had much luck. And that highlights a serious problem: As Pozdnyaev notes, “catching a hacker is harder that restoring a site that has been attacked.”

Other religious entities that have been targeted include the Estonian Orthodox Church of the Moscow Patriarchate, the official site of the Patriarchate itself following the death of Aleksii II, and Portal-Credo.ru, an independent religious news portal that is often highly critical of the Orthodox Church.

Hacker attacks against web sites maintained by the Russian Orthodox Church, its various subdivisions and even individual clerics, such as Archdeacon Andrey Kurayev, are a relatively new phenomenon, but such attacks have been taking place against Islamic sites on a regular basis for a decade.

At the end of June, hackers took offline for a brief period two of the most important Russian-language Islamic news sites, Islam.ru and IslamNews.ru, both of which have been subject to similar attacks in the past. Pozdnyaev says that it is possible that the hackers are people who “do not share the loyal attitude” of these sites to the government.

BEWARE : Social-networking Site Tagged to Be Sued for deception

BEWARE : Social-networking Site Tagged to Be Sued for deception

Jeremy Kirk,

IDG News Service

July 10, 2009


The state of New York plans to sue the social-networking site Tagged.com for allegedly using deceptive e-mails in order to gain new users, the Office of the Attorney General said Thursday.

From April through June, Tagged sent 60 million e-mails to people saying that members of the site had tagged them in photos but the photos did not exist, according to a news release from the office, lead by Attorney General Andrew M. Cuomo.

The e-mails that people received appeared to come from their friends but did not, which constitutes spam. The recipients were forced to become members of Tagged if they wanted to access the purported photos, the office alleges.

Tagged, which has been around for five years, would then illegally get access to those new users' e-mail address books and send out more messages without those users' knowledge. Tagged will be sued for deceptive e-mail marketing practices and invasion of privacy, the office said.

Tagged CEO Greg Tseng wrote on a company blog that the site did not access peoples' address books without their consent. But Tseng wrote the company realized that the language used to guide users during registration was confusing.

"The registration drive generated some complaints," Tseng wrote. "We immediately stopped using this registration process before being contacted by the Attorney General's office."

On June 16, Tseng wrote in another blog post that the registration drive resulted in 3 million new users for Tagged, but also resulted in 2,000 complaints "from people who invited all the contacts in their e-mail address books but didn't intend to."

"Simply put, it was too easy for people to quickly go through the registration process and unintentionally invited all their contacts," Tseng wrote. Tagged halted the new registration scheme on June 7. It also e-mailed new members telling them how to quit Tagged.

The Attorney General's office said it would seek to stop Tagged from engaging in fraudulent practices and pursue fining the company.

RISK : Poor IT job market may fuel online crime

RISK : Poor IT job market may fuel online crime

by Diane Bartz and Richard Chang

Jul 14, 2009


WASHINGTON (Reuters) - The ever-weakening job market could well lead to an increase in online crime as laid-off workers, especially those with computer skills, turn to scams to support themselves, Cisco Systems Inc said in a mid-year security report to be released on Tuesday.

Disgruntled employees may target their former employers, and Cisco warned that insiders "can be especially damaging for an organization because insiders know security weaknesses."

A former information technology analyst at the Federal Reserve Bank of New York was arrested in April along with his brother on suspicions of taking out loans using false identities. FBI investigators found a flash drive attached to the bank employee's computer with applications for $73,000 in loans in the names of stolen identities, the report said.

Cisco warned companies which use short-term IT consultants or who contract out the tasks to "be particularly vigilant about the level and term of their access to sensitive data."

The report included snippets of a conversation with a botmaster, or someone who remotely takes over computers without users' knowledge and often sells the resulting access to spammers.

The hacker declined to say how much he earned but said "'a guy I know'" can earn $5-10K weekly, by phising (sic) bank accounts." Phishing is the practice of convincing a victim to give up valuable information -- like a password to a bank account. The account can then be emptied.

UNPREPARED : Korea Ill-Prepared for Online Attacks

UNPREPARED : Korea Ill-Prepared for Online Attacks

By Kim Tong-hyung


13 July 2009


South Korea has so big a hole in its cyber security that another wave of online attacks will prove to be as devastating as those of last week.

First, virtually anybody can mount such attacks. Although government officials suspect North Korea may have been orchestrating these virtual attacks, a gang of teenagers could possibly organize and bring the same amount of damage as a nation can, and with a program purchased online for the same price as a song.

When the country was pummeled by a massive distributed denial of service (DDoS) attack over four days until last weekend, it was a handful of private firms that came to the rescue.

In addition, systemic flaws such as over-reliance on Microsoft's Active-X program need to be addressed. Without them, all Korea can do appears to be nothing but pray that no such attacks recur.

The Korea Communications Commission (KCC) admits that more DDoS attacks are a possibility, considering that the types of malicious software that infected scores of Korean computers at homes and offices are programmed to update automatically. Whether the country would be better prepared for another powerful Internet attack is a totally different matter.

``We have been analyzing the malicious codes, and found that the programs were designed to self-destruct after initiating three attacks. We have yet to find a mutated version of the codes,'' said Hwang Cheol-joong, a KCC official.

As of Saturday, more than 97 percent of 77,875 infected computers had been cleared of the malicious programs, the KCC said. The state-run Korea Information Security Agency (KISA) is currently analyzing 22 sample types of the malicious codes.

``It is encouraging that the number of infected computers was fewer than first thought, even when considering the devices that remain unreported. However, considering that these DDoS bots are not controlled by command and control (C&C) operational software, but programmed for automated updates and self-destruction, we need to stay alert. There also might be types of codes that we have yet to discover,'' Hwang said.

The National Intelligence Service (NIS), the country's spy agency, is responsible for protecting public Internet infrastructure from Internet attacks, while KCC and KISA handle the private side.

However, the Ministry of Public Administration and Security deals with breaches within government networks, while the National Police Agency combats ``cyber crimes.''

The complicated relations between these agencies make it difficult for the government to muster a quick and coordinated approach when crisis hits, according to critics, who call for the establishment of a ``control tower.''

``We agree that there should be a more simplified chain of command. The current system has problems,'' Choi See-joong, the KCC chairman, told reporters last week.

It could also be said that Korea was behind for its Microsoft monoculture for Web browsers. In Korea, all encrypted transactions on the Internet are required to be done through Microsoft's ``Active-X'' controls, which work only on Internet Explorer browsers. As a result, the market share of Internet Explorer remains in the high 90s.

However, Active-X is also linked with security concerns, as the controls require full access to the Windows operating system on computers. This means that malicious programs can direct the browser to download files that compromise the user's control of the computer.

``Active-X happens to be one of the ideal tools for malicious codes to be distributed. Even Microsoft is phasing Active-X out due to security worries, but Korea has been a step behind,'' said an official from KTB Solutions, a computer software company.

(Why single out Korea? Most of the countries are ill-prepared for Cyber Security. In fact, in some countries, the concept of Cyber Security exist on paper only - Editor)

Wednesday, July 15, 2009

Quote of the day

Quote of the day

The period of greatest gain in knowledge and experience is the most difficult period in one’s life.

Dalai Lama

New IT Term of the day

New IT Term of the day


A slang term used to describe any image that has been digitally manipulated or altered.

EXTRADITED : Indian Hacker Extradited to US

EXTRADITED : Indian Hacker Extradited to US

Three men allegedly made millions manipulating prices of several stocks, including Google

By Robert McMillan

IDG News Service

July 08, 2009

An Indian man has pleaded not guilty to charges that he hacked into online brokerage accounts in order to manipulate stock prices.

Jaisankar Marimuthu, 34, of Chennai, was extradited to the US from Hong Kong on June 20, making him the latest to face charges in what authorities described as an international "hack, pump and dump" scheme. He entered a not guilty plea in US District Court for the District of Nebraska on June 25, according to court records.

Marimuthu had already been arrested by Hong Kong police on similar charges, the US Department of Justice (DoJ) said.

Another man, Thirugnanam Ramanathan, pleaded guilty to fraud charges stemming from the scheme and was sentenced to two years in prison in September. However, he was deported on Jan. 29, before serving his full sentence, according to Ian McCaleb, a DoJ spokesman.

A third man, Chockalingam Ramanathan, has been charged in the US but is still at large, McCaleb said.

The three were charged two years ago for a 2006 scheme in which they allegedly hacked into online brokerages or created new accounts using stolen identities, then bought and sold stocks in order to manipulate prices to their benefit.

They hacked into more than 60 accounts in nine brokerage firms, including ETrade and TD Ameritrade, according to authorities. One firm lost more than US$2 million because of the scam.

The men allegedly drove up prices of low-volume stocks they owned, such as Acordia Therapeutics, Pacel and IGI, by buying shares with the hacked accounts, then dumping the stocks before the price dropped, authorities said. In October 2006, they also manipulated the price of near-worthless "put" options for Google, which gave buyers the option of selling Google stock for $240 (about half its value at the time), authorities said.

How Marimuthu and his associates allegedly gained access to the brokerage accounts is unclear, but court filings suggest that he may have obtained them from Internet cafés used by American and European visitors to Bangkok. Marimuthu and the others stayed at the Raja Hotel in Bangkok in 2006, prosecutors said.

Wireless networks at hotels and Internet cafés can be a security risk, especially if they are unencrypted or use the cracked Wired Equivalent Privacy (WEP) system to secure network traffic.

BOOKED : Pakistani Lady MPA booked for credit card theft

BOOKED : Pakistani Lady MPA booked for credit card theft

July 13, 2009


LAHORE: Ghalib Market Police on Sunday registered a theft case against a Pakistan Muslim League-N MPA, Shumaila Anjum Rana, for allegedly stealing two credit cards from a woman’s purse, doing shopping and paying Rs 80,000 through the stolen cards.

An FIR No 551/09 has been registered against the MPA under Section 379 of the Pakistan Penal Code on the complaint of Muqeet Salam, the brother-in-law of Zaira Malik of Canal Bank, the owner of the credit cards.

Investigation Officer Sub-Inspector Maqsood told The News he tried to contact the accused MPA by telephone several times, but she was not available. He said Muqeet alleged in the application that his sister-in-law, Zaira Malik, was present in a fitness club on July 7 when she found her credit cards, issued by the United Bank Limited and Bank Alfalah Limited, missing from her purse. He said Zaira contacted the banks concerned and was informed that transactions worth Rs 80,000 had been made through her credit cards. He alleged that the banks also informed her that the ‘thief’ had purchased goods from a shop at the Siddique Trade Centre.

The police quoted the complainant as saying that the shop owner also showed the CCTV footage to them and finally Zaira recognised MPA Shumaila, who was not a member of the fitness club. He said they had also got records of transactions from the shopkeeper in which the use of Zaira Malik’s credit cards was mentioned.

A police official said that raids would be conducted to arrest the accused if she didn’t surrender to the police. On Saturday, the Ghalib Market police had denied receiving any application against the said MPA. However, after it was proven from witnesses and evidence, a case was registered with the consent of senior police officials.

Meanwhile, Punjab Chief Minister Shahbaz Sharif has said legal action will be taken against MPA Shumaila Anjum Rana.He was talking to media persons at the Ittefaq Hospital here on Sunday. Answering a question regarding MPA Shumaila Anjum Rana, he said law has started taking its course and all legal requirements will be fulfilled in this regard.

REPORT : 73 Percent of U.S. Businesses Breached

REPORT : 73 Percent of U.S. Businesses Breached

The report has a recommendation for organizations that fear a breach and the reporting requirements that go with it.

July 13, 2009

By Alex Goldman


The fourth annual U.S. Encryption Trends Study was released today by The Ponemon Institute. The study says that 73 percent of surveyed businesses have experienced a data breach in the past year, up from 60 percent in the 2008 study. The report was sponsored by encryption supplier PGP Corp.

"A data breach is defined as the loss or theft of confidential or sensitive data including information about people and households," said Dr. Larry Ponemon, chairman and founder of The Ponemon Institute, in an e-mail to InternetNews.com.

The numbers are comparable to a similar study released last week concerning UK businesses. There, the Ponemon Institute found that 70 percent had been breached in the last year.

The report was based on surveys with nearly a thousand (997) U.S.-based executives.

Organizations need to have a holistic data encryption strategy, according to the report.

"For the second year in a row, organizations with no encryption strategy accounted for all the organizations that suffered five or more data breaches (13 percent)," the report said.

Organizations are adopting encryption to comply with industry regulations and state and federal laws, the report explained.

A flood of data breaches

The news comes as reporting requirements are becoming more burdensome. For example, a recent change to reporting requirements for healthcare organizations in California has resulted in a flood of data breach reports there.

Businesses can expect closer scrutiny of security issues -- and failures -- as the government ponders new privacy laws.

The report touts the platform approach to encryption. The use of "encryption applications managed via a platform continues to be a best practice approach to an overall data protection strategy in 2009," said Dr. Ponemon in a statement.

Also today, PGP Corporation released two new products. PGP Portable is designed to help encrypt removable storage devices, while PGP Mobile helps organizations encrypt data on mobile devices. Pricing for the new products was not disclosed.

According to the report, organizations see a need to protect mobile devices. "More than 59 percent of respondents say it is very important or important to encrypt employees' mobile devices -- a sign that organizations recognize that valuable data is more mobile than ever," the report said

Companies are right to be concerned about breaches, the report said, referring to an earlier study by The Ponemon Institute that found that breaches cost businesses, on average, $202 per record and, in total, an average of $6.6 million.

FALSE POSITIVE : Glitch in antivirus software troubles PC users

FALSE POSITIVE : Glitch in antivirus software troubles PC users


AP Technology Writer

Jul 10, 2009


Antivirus software cuts two ways. It's great at blocking known viruses, but it can sometimes misfire, mistakenly flagging clean files as malicious. That sends a computer into a tailspin trying to clean up stuff that's supposed to be on there.

The problem can crash a computer, and fixing it can be a bear.

An example emerged this week when users of antivirus software made by Islandia, N.Y.-based CA Inc. watched as their machines warned of an infection and started quarantining files that turned out to be legitimate.

Lee Jay Mandell, a 60-year-old retired computer consultant and patent attorney from the Los Angeles area, said the problem popped up on his computer Wednesday night. He knew something was wrong because he recognized the types of files that were being quarantined were parts of Microsoft Corp.'s Windows operating system.

He drew on his technical experience to restore the machine, but says less adept users might stumble.

"I'm back, but it took me about six hours to get back," he said Friday.

Every antivirus company deals with false positives, and it's an embarrassment for companies whose job is to protect people's machines from sabotage. It happens because legitimate files sometimes have programming code or behaviors that are identical to those of viruses. The antivirus software spots files it believes are malicious and starts plucking them out.

The results can range from annoyance to outright meltdown of the machine if critical files are targeted. Last week some people using McAfee Inc.'s antivirus software said their computers crashed because of a false positive.

McAfee said the false positive only happened on older versions of its software that are no longer supported by the company. Newer versions won't have the problem.

CA apologized for the problem Mandell and others encountered and said its last major false positive was three years ago.

"Minor false positives happen periodically, but CA has historically maintained an industry low rate of false positives," the company said in a statement.

Cleaning up a false positive detection isn't always easy. The program might do it for you. But sometimes a user might need to go into the list of quarantined files and manually rename them, or call the company to request software to do the task automatically.

CA emphasized that the files that its software wrongly spotted as viruses this week were quarantined or renamed, not deleted, and "are recoverable."

The lesson: Pay close attention to your computer if it's telling you it's found a virus and is cleaning it up. You might need to call your antivirus vendor's customer support to help you make sure your machine is totally clean — or to help you recover files if the cleanup was a false alarm.

This Day in History

Thanks for your Visit