Thursday, December 11, 2008

MS Ireland blocks redirection 'hack' - eventually


Surfers attempting to visit Microsoft's Irish website via
Microsoft.ie on Tuesday morning were greeted with a defaced page
instead.



Hackers sprayed digital graffiti bragging that Microsoft Ireland had
been hacked by the previously unknown "Terrorist crew". The message,
which contains greetings to other hackers, as is the custom with
defaced websites, did not arise through a direct attack on Microsoft's
site itself.



MS Ireland redirection graffiti




Rather, the miscreants succeeded in somehow re-routing the redirection page from Microsoft.ie to the main site.



Microsoft fixed the issue, which existed for a few hours, this
morning. The software giant promised to improved its security to
prevent a repetition of the incident.



"There was no issue with the Microsoft Ireland website, however
there was a security incident with one of the re-directs from the
'Microsoft.ie' domain to 'Microsoft.com/Ireland' which is hosted by a
third party," a Microsoft Ireland spokesman explained.



"We resolved the re-direct issue very quickly and the Microsoft
Ireland site (and other Microsoft sites) were not affected by this
incident. We take these incidents very seriously and we are working
with the third party to ensure this issue isn't repeated. We have also
informed the relevant authorities," he added. ®

-abhiz


Powered by ScribeFire.

Monday, December 1, 2008

Information Security Blog by Abhishek Amralkar: Pakistan Says Cyber Terrorist will be hanged

Information Security Blog by Abhishek Amralkar: Pakistan Says Cyber Terrorist will be hanged

India v/s Pakistan - Just more than cyberwar ?

Indian and Pakistani Hackers having been playing this game from quite sometime now, hacking into the websites of the other country. Indian hackers hacked into Oil and Gas Regulatory Authority’s and Pakistan hackers replied back by hacking into ONGC and AndraPradesh CID website.

I am really very upset with what has happened in mumbai and there is a limit to everything. I recall even during the Kargil war while the army battled in kargil, hackers hacked the other countries website. I am not sure if the situation is same or not but I want the bastards to justify their acts and they should be punished even if India has to take drastic steps so be it.

When Genuine Company Spams - SatGuide GPS Navigation

SatGuide is a product based company that sells GPS solutions, including Personal Navigation systems, Navigation kits for Laptops and Cell Phones.
And now I have received lot of spam from them to buy their product and in the email they said I requested the brouchers of their products at some mall which I know I never did and I use different emails for different reason so that tells me from where they got that email address. (I would love to pursue the bastard company that sold my email address to this freaking people).

Now I request all the people around in India or abroad whereever this company is selling its products please don't buy their products as they might have some product but Spamming is bloody not allowed for any reason and even if you still want to buy go and search about their products which will tell you not to buy anything from them. one of the many bad experience can be found at team-bhp.com

Infact I would say go for MapMyIndia Navigator which is much better.
These are some of the links you might want to block at your company level
www.a-mantra.com
www.roadsofindia.com
www.satnavtechnologies.com
http://www.satguide.in
--

I understand the economic conditions are bad, companies are feeling the heat due to drop in sales and demand but this does not mean you can SPAM people. I requested to be removed from their email list 3 times but still nothing happened but now they are adding me to Yahoo Groups so that they can constantly spam me which is very irritating as I don't like their F**king product.


-Abhiz

Thursday, November 27, 2008

ATS Chief dies a Hero's Death

Mumbai, Nov 27 (PTI) He wore a helmet,
talked on his cellphone and finally put on a bullet-proof jacket before
he met his deathly fate in the country's biggest terror seize.

Maharashtra Anti-Terrorism Squad (ATS) chief Hemant Karkare, who was
probing the Malegaon blasts case, suffered three bullet injuries in his
chest as he was leading the offensive against the terrorists in one of
the places the ultras had holed out early this morning.


The last television visuals of the 54-year-old officer showed him
in a light blue shirt and dark trousers surrounded by uniformed
policemen armed with firearms and walkie-talkies.


Karkare, a 1982 batch IPS officer, became the head of ATS in
January this year following his return to the state cadre after serving
seven years in Research and Analysis Wing (RAW) in Austria.


One of the brightest officers, Karkare had solved the serial bomb
blasts in Thane, Vashi and Panvel and was also credited for the
stunning revelations in the investigation of the September 29 blast in
Malegaon. He is known for his discipline and fair investigation.


During the Malegaon investigation, Karkare had told his officers
not to create false evidence, saying, "We should do our job and it is
for the court to decide." Incidentally, the Pune ATS on November 26
reportedly received phone calls threatening to blow up the residence of
Karkare "within a couple of days".


In his last interview to a television channel yesterday, he
referred to getting the custody of Malegaon blast accused Sadhvi Pragya
Singh Thakur, and said "police custody would have helped investigations
to proceed faster but still we will see how best to deal with it in a
legal way".

My Salute to the great man

-Abhiz

Powered by ScribeFire.

Monday, November 10, 2008

Bank Of America Phishing Website

Have noticed some phishing websites hosting Bank Of America Website Pages with a Login page that captures User's login and Password details.

The following websites ask you which city your account is located then your customer ID and then on the next page it asks you for password which it captures and sends it to the phishers.
The following websites are standalone phishing website and don't host any exploits or malware in our tests.

The IP Addresses hosting the Phishing websites are :
194.154.164.82
78.110.173.52
78.110.166.195
77.92.83.1
194.154.164.82

The Urls of the Phishing Website(Don't enter any details on these sites):

hxxp://updtserv.com/d/www.bankofamerica.com/BankofAmerica%20OnlineID/cgi-bin/ssl.login.controller/SignIn
hxxp://kiasalar.com/newsite/mambots/onlineid.1.bankofamerica.com/cgi-bin/sso.login.controller/bankofamerica/index.html
hxxp://www.onlinemafya.com/avatar/help/2/www.BankofAmerica.Com/BankofAmerica.Com/BankofAmerica.Com/bankofamerica/signon.php?section=signinpage&update=&cookiecheck=yes&destination=nba/signin
hxxp://baymetalsinc.co.uk/admin/bankofamerica.com/index.htm
hxxp://updtserv.com/d/www.bankofamerica.com/BankofAmerica%20OnlineID/cgi

-Abhi

Powered by ScribeFire.

Sunday, November 9, 2008

Pakistan Says Cyber Terrorist will be hanged

"Pakistani president Asif Ali Zardari
signed a law making cyber terror a crime "punishable with death."
Executions will only be allowed if the hack attack "causes [the] death
of any person," the Prevention of Electronic Crimes law states."


Cybercriminals
are always in news over new malware, vulnerabilities, ID Theft or
Credit Card Theft. We have enough proof that even terrorists use
internet a lot because they can hide anywhere in the world and
communicate whatever they want to with each other. For. eq. recent bomb
blasts in ahmedabad terrorists sent an email from an Open Wifi
connection in mumbai and dared the indian government to stop them and
there is very little government can do about in such scenario. But the
best way is to react back and hit so hard at such bastards that nobody
ever dares to do something like this, government should make sure that
they are scared to death even in the dreams. Pakistan got a law in
place as now that anybody who causes death by electronic means will be
punishable by death, the maximum punishment in India for a Hacker is 3
years and in United States around 20 years and I am not aware of
anybody staying behind the bars for that long.

This move from Pakistan
was a real shocker but it is welcome as we have seen lot of cyber
fights happening and the recent increase in terrorists activity.

-Abhiz

Powered by ScribeFire.

Friday, November 7, 2008

Best way to recover Encryption keys or Passwords from Suspects during Digital Forensics Investigation

This is a bit unusual but a very effective way to recover encryption keys or password from a suspect. Does not matter what crime the person has done, Child Porn, Credit Card Theft, Financial Fraud or virtually anything online.The fraudsters are becoming smart and use multiple ways to hide data and conceal tracks and sometimes it becomes difficult the recover encryption keys from the hard drive or RAM then what do you do ? Beat the shit out of the suspect and let him spit out the Encryption keys and Passwords. This method is very popular in India but not in other coutries like USA, UK,etc.

But it is a very effective solution, This was recently done by Turkish Police and they got all the details from the suspect like encryption keys and passwords, Now the next step is just to get the data out and submit in the court of law.

Friday, October 31, 2008

Piratebay talk - How to dismantle a multi-billion dollar industry

I was at HackInTheBox 2008 Conference and attended the talk from Piratebay guys and they talked about their experience about going to prison, fighting with cops, getting into legal problems and how people supported them so well.. I suggest you see this full video, it was awesome because they said screw you to everybody who came to bother them and they are up, running and growing so fast.



Piratebay rocks!!!

-Abhiz

Sunday, October 19, 2008

Seminar on privacy and data protection in Cyber Space

I attended the Seminar on Privacy Rights and Data protection in Cyber
Space yesterday at KLE Law College in Bangalore, The seminar was
organized by KILPAR and DSFI in association with KLE Society, Law
College, Bangalore.

The Seminar was about the new bill that is
going to be debated in the Indian Parliament about Privacy Rights and
Protection of Data. There were some really cool presentations on the
topic both technical as well as Law side. I gave a small presentation
about Privacy Incidents happening around in the real life and How
important it is to have a law that governs the rights of Indians. My
Presentation will be up at their website soon.

This was a
wonderful experience as even top lawyers were present to debate and
discuss their issues and points of conflicts in the current bill which
needs to be addressed. The great thing about this seminar was the
points of concerns being discussed will be forwarded to the government
which will help them to make appropriate amendments.

Oh yes, 17th October 2008 is also the Digital Society Day :)

-Abhiz

Powered by ScribeFire.

Wireless Security still lacking in mumbai, Survey Report

Deloitte has done a survey of Wireless devices
in Mumbai and wow the results are still alarming for the law
enforcement agencies even after the shocking terror activities. People
are just not willing to secure their wireless devices with WEP or WPA.

The key findings for the survey are:
1) Of the 6729 wireless networks seen, 36% appeared to be unprotected i.e. without any encryption,
2) 52% were using low level of protection i.e. Wired Equivalent Privacy (WEP) encryption.
3) Balance 12% were using the more secure Wi-Fi Protected Access (WPA).
4) This makes 88 % of the observed wireless networks relatively easy to compromise.

There
is a lot more to be done in mumbai because I remember going wardriving
around the city a few years back and got so many open wireless
connections that there was no need to buy internet connection at home
just sit in the car and do your stuff.

This is surely a
challenge for the law enforcement agencies, The ISP's should educate
users to secure their Wifi connections and there has to be a regular
audit from the ISP side to make sure the wireless devices in their
networks are using some sort of authentication. We can always argue
that even WEP can be cracked in a few hours and the same holds true for
WPA and WPA/2 which was recently cracked up to the speed boost of
10,000 times with the use of Nvidia Graphics card.

It is a
challenge to make all the wifi owners to fix their wireless devices but
with the proper help from ISP it should become easier but it is a task
government needs to take up.

-Abhiz

Powered by ScribeFire.

AntiVirus, IDS's all are prone to False Positives - AVG, Dragon and Snort

Today one of my machine with AVG Antivirus started to flash some popups
in quick succession and it was telling me that a few threats were
detected while they are trying to execute. it was Zone Alarm firewall
starting up during windows boot.

I knew there should be an
update to fix it and updated my AVG signatures immediately and those
popups stopped and Zone Alarm started, so that machine was again
protected. But I didn't like a few things that happened, AVG completely
stopped zonealarm from running so during the time updated AV signatures
were downloaded and installed my machine was unprotected. Again ideally
Firewall should have a priority over antivirus but the other way is
happening and very important when AVG is not allowing zonealarm to
start it should stop internet but thats an overkill.

More False Positives in IDS's

Writing
about AntiVirus false positives reminds me of IDS's which are one
biggest source of false positives. There is a larger problem with IDS
regarding False Positives, I have worked on multiple IDS's and SIM
products and it all the same.. everything is full of false positive.
for eq. Dragon IDS detects "uname" as a potential attack even when it
is running against a windows machine. Infact at one instace one of the
user was visiting wayn.com and orkut.com and just for the reason that
the developers of these websites used "uname" as username parameter in
the HTML that used to download when a user visits these two websites
and wow Dragon started to flash attack all over the place but it was
just a browsing activity.

I have worked on Multiple ID's and
Dragon is one IDS which I never want to work with, there is so much
tweaking to be done to supress false positives. Enterasys Dragon needs
to improve alot. Maybe till then you can try opensource snort or better
off SourceFire which has cool RNA and Defense Centre.

-Abhiz

Powered by ScribeFire.

PAPER on Threat Modeling

Adam Shostack from Microsoft has written a very good paper on threat modeling.

This paper is written in context of the Security Development Lifecycle used and developed by microsoft

-Abhiz

Powered by ScribeFire.

Saturday, October 11, 2008

Malware protection over the Cloud by McAfee

Over the Cloud Malware scanning is first from a security company, the credit goes to McAfee, They have been pushing quite hard to get to the top position in the security space and I am pretty much sure they are the first ones to get malware detection over the cloud.

They talked about the over the cloud malware detection a few months back but wow they have delivered it, its out there now.

The Project is named Artemis.

“One of the things Artemis provides to researchers is very clear telemetry on active malware campaigns, and I want to share a few interesting examples. All the “measles maps” below show a one-day period and were all taken at the same time earlier today.”
Some other trivia details about Artemis:

* Queries are not sent for every file, just the suspicious ones.
* It will probably be invisible in the consumer products. (It’s a special driver.)
* A query and a response is around 340 bytes.
* It’s checksum/fingerprint independent, too.
* Actionable responses are cryptographically strong.
* Telemetry can be used to prioritize sample processing.
* Today Artemis should gain about 1.5 million new users.

You can find the blog posting McAfee Security Insights blog and Project Artemis can be found here.

-Abhiz

Malware protection over the Cloud by McAfee

Over the Cloud Malware scanning is first from a security company, the credit goes to McAfee, They have been pushing quite hard to get to the top position in the security space and I am pretty much sure they are the first ones to get malware detection over the cloud.

They talked about the over the cloud malware detection a few months back but wow they have delivered it, its out there now.

The Project is named Artemis.

“One of the things Artemis provides to researchers is very clear telemetry on active malware campaigns, and I want to share a few interesting examples. All the “measles maps” below show a one-day period and were all taken at the same time earlier today.”
Some other trivia details about Artemis:

* Queries are not sent for every file, just the suspicious ones.
* It will probably be invisible in the consumer products. (It’s a special driver.)
* A query and a response is around 340 bytes.
* It’s checksum/fingerprint independent, too.
* Actionable responses are cryptographically strong.
* Telemetry can be used to prioritize sample processing.
* Today Artemis should gain about 1.5 million new users.

You can find the blog posting McAfee Security Insights blog and Project Artemis can be found here.

-Abhiz

Malware protection over the Cloud by McAfee

Over the Cloud Malware scanning is first from a security company, the credit goes to McAfee, They have been pushing quite hard to get to the top position in the security space and I am pretty much sure they are the first ones to get malware detection over the cloud.

They talked about the over the cloud malware detection a few months back but wow they have delivered it, its out there now.

The Project is named Artemis.

“One of the things Artemis provides to researchers is very clear telemetry on active malware campaigns, and I want to share a few interesting examples. All the “measles maps” below show a one-day period and were all taken at the same time earlier today.”
Some other trivia details about Artemis:

* Queries are not sent for every file, just the suspicious ones.
* It will probably be invisible in the consumer products. (It’s a special driver.)
* A query and a response is around 340 bytes.
* It’s checksum/fingerprint independent, too.
* Actionable responses are cryptographically strong.
* Telemetry can be used to prioritize sample processing.
* Today Artemis should gain about 1.5 million new users.

You can find the blog posting McAfee Security Insights blog and Project Artemis can be found here.

-Abhiz

Malware protection over the Cloud by McAfee

Over the Cloud Malware scanning is first from a security company, the credit goes to McAfee, They have been pushing quite hard to get to the top position in the security space and I am pretty much sure they are the first ones to get malware detection over the cloud.

They talked about the over the cloud malware detection a few months back but wow they have delivered it, its out there now.

The Project is named Artemis.

“One of the things Artemis provides to researchers is very clear telemetry on active malware campaigns, and I want to share a few interesting examples. All the “measles maps” below show a one-day period and were all taken at the same time earlier today.”
Some other trivia details about Artemis:

* Queries are not sent for every file, just the suspicious ones.
* It will probably be invisible in the consumer products. (It’s a special driver.)
* A query and a response is around 340 bytes.
* It’s checksum/fingerprint independent, too.
* Actionable responses are cryptographically strong.
* Telemetry can be used to prioritize sample processing.
* Today Artemis should gain about 1.5 million new users.

You can find the blog posting McAfee Security Insights blog and Project Artemis can be found here.

-Abhiz

Malware protection over the Cloud by McAfee

Over the Cloud Malware scanning is first from a security company, the credit goes to McAfee, They have been pushing quite hard to get to the top position in the security space and I am pretty much sure they are the first ones to get malware detection over the cloud.

They talked about the over the cloud malware detection a few months back but wow they have delivered it, its out there now.

The Project is named Artemis.

“One of the things Artemis provides to researchers is very clear telemetry on active malware campaigns, and I want to share a few interesting examples. All the “measles maps” below show a one-day period and were all taken at the same time earlier today.”
Some other trivia details about Artemis:

* Queries are not sent for every file, just the suspicious ones.
* It will probably be invisible in the consumer products. (It’s a special driver.)
* A query and a response is around 340 bytes.
* It’s checksum/fingerprint independent, too.
* Actionable responses are cryptographically strong.
* Telemetry can be used to prioritize sample processing.
* Today Artemis should gain about 1.5 million new users.

You can find the blog posting McAfee Security Insights blog and Project Artemis can be found here.

-Abhiz

Malware protection over the Cloud by McAfee

Over the Cloud Malware scanning is first from a security company, the credit goes to McAfee, They have been pushing quite hard to get to the top position in the security space and I am pretty much sure they are the first ones to get malware detection over the cloud.

They talked about the over the cloud malware detection a few months back but wow they have delivered it, its out there now.

The Project is named Artemis.

“One of the things Artemis provides to researchers is very clear telemetry on active malware campaigns, and I want to share a few interesting examples. All the “measles maps” below show a one-day period and were all taken at the same time earlier today.”
Some other trivia details about Artemis:

* Queries are not sent for every file, just the suspicious ones.
* It will probably be invisible in the consumer products. (It’s a special driver.)
* A query and a response is around 340 bytes.
* It’s checksum/fingerprint independent, too.
* Actionable responses are cryptographically strong.
* Telemetry can be used to prioritize sample processing.
* Today Artemis should gain about 1.5 million new users.

You can find the blog posting McAfee Security Insights blog and Project Artemis can be found here.

-Abhiz

Malware protection over the Cloud by McAfee

Over the Cloud Malware scanning is first from a security company, the credit goes to McAfee, They have been pushing quite hard to get to the top position in the security space and I am pretty much sure they are the first ones to get malware detection over the cloud.

They talked about the over the cloud malware detection a few months back but wow they have delivered it, its out there now.

The Project is named Artemis.

“One of the things Artemis provides to researchers is very clear telemetry on active malware campaigns, and I want to share a few interesting examples. All the “measles maps” below show a one-day period and were all taken at the same time earlier today.”
Some other trivia details about Artemis:

* Queries are not sent for every file, just the suspicious ones.
* It will probably be invisible in the consumer products. (It’s a special driver.)
* A query and a response is around 340 bytes.
* It’s checksum/fingerprint independent, too.
* Actionable responses are cryptographically strong.
* Telemetry can be used to prioritize sample processing.
* Today Artemis should gain about 1.5 million new users.

You can find the blog posting McAfee Security Insights blog and Project Artemis can be found here.

-Abhiz

Malware protection over the Cloud by McAfee

Over the Cloud Malware scanning is first from a security company, the credit goes to McAfee, They have been pushing quite hard to get to the top position in the security space and I am pretty much sure they are the first ones to get malware detection over the cloud.

They talked about the over the cloud malware detection a few months back but wow they have delivered it, its out there now.

The Project is named Artemis.

“One of the things Artemis provides to researchers is very clear telemetry on active malware campaigns, and I want to share a few interesting examples. All the “measles maps” below show a one-day period and were all taken at the same time earlier today.”
Some other trivia details about Artemis:

* Queries are not sent for every file, just the suspicious ones.
* It will probably be invisible in the consumer products. (It’s a special driver.)
* A query and a response is around 340 bytes.
* It’s checksum/fingerprint independent, too.
* Actionable responses are cryptographically strong.
* Telemetry can be used to prioritize sample processing.
* Today Artemis should gain about 1.5 million new users.

You can find the blog posting McAfee Security Insights blog and Project Artemis can be found here.

-Abhiz

Malware protection over the Cloud by McAfee

Over the Cloud Malware scanning is first from a security company, the credit goes to McAfee, They have been pushing quite hard to get to the top position in the security space and I am pretty much sure they are the first ones to get malware detection over the cloud.

They talked about the over the cloud malware detection a few months back but wow they have delivered it, its out there now.

The Project is named Artemis.

“One of the things Artemis provides to researchers is very clear telemetry on active malware campaigns, and I want to share a few interesting examples. All the “measles maps” below show a one-day period and were all taken at the same time earlier today.”
Some other trivia details about Artemis:

* Queries are not sent for every file, just the suspicious ones.
* It will probably be invisible in the consumer products. (It’s a special driver.)
* A query and a response is around 340 bytes.
* It’s checksum/fingerprint independent, too.
* Actionable responses are cryptographically strong.
* Telemetry can be used to prioritize sample processing.
* Today Artemis should gain about 1.5 million new users.

You can find the blog posting McAfee Security Insights blog and Project Artemis can be found here.

-Abhiz

Malware protection over the Cloud by McAfee

Over the Cloud Malware scanning is first from a security company, the credit goes to McAfee, They have been pushing quite hard to get to the top position in the security space and I am pretty much sure they are the first ones to get malware detection over the cloud.

They talked about the over the cloud malware detection a few months back but wow they have delivered it, its out there now.

The Project is named Artemis.

“One of the things Artemis provides to researchers is very clear telemetry on active malware campaigns, and I want to share a few interesting examples. All the “measles maps” below show a one-day period and were all taken at the same time earlier today.”
Some other trivia details about Artemis:

* Queries are not sent for every file, just the suspicious ones.
* It will probably be invisible in the consumer products. (It’s a special driver.)
* A query and a response is around 340 bytes.
* It’s checksum/fingerprint independent, too.
* Actionable responses are cryptographically strong.
* Telemetry can be used to prioritize sample processing.
* Today Artemis should gain about 1.5 million new users.

You can find the blog posting McAfee Security Insights blog and Project Artemis can be found here.

-Abhiz

Tuesday, October 7, 2008

Ganguly Announced Retirement

This was a decision everyone knew was coming, but no one expected it to come when it eventually did.

Sourav Ganguly [Images] sent shockwaves throughout the country when he announced his decision to call it quits after the upcoming four-Test series against Australia[Images].

The decision, which comes just two days ahead of the high-profile series against Australia, beginning on Thursday, caught everyone by surprise.

"This is going to be my last series, I have decided to quit," he told reporters in Bangalore on Thursday.

"I have told my team mates before coming here that this four-Test series would be my last. I thank everyone for the support they have given me. I hope I will end my career on a winning note," the former India captain added.

Ganguly was a surprise inclusion in the squad for the Australia series after being left out of the Rest of India team for the Irani Trophy match against Delhi [Images].

"Honestly, I didn't expect to be picked for this series," said the left-hand batsman, who aggregated less than 100 runs in the recent series against Sri Lanka [Images].

The 36-year-old Bengal stalwart, who staged a spectacular entry into Tests with a debut ton at Lord's in 1996, made a storming return to the five-day game in South Africa [Images] in late 2006 after losing his place earlier that year.

He amassed over 1100 runs, with 239 his career-best score against Pakistan in Bangalore in late 2007, at a fantastic average of 61.44 last year, which compares very favourably with his career average of 41.74 in 109 Tests.

He was unable to maintain that high in the current year, though he came up with important knocks, like the 87 against the visiting South Africans at Kanpur, that helped India level the three-Test rubber in April.

This, however, was followed by his poor run in Sri Lanka, where his best score was 35 in six innings.

Ganguly is among the few Indians who have played over 100 Tests but has a poor record against Australia, especially at home, where he averages only 27.35 in nine matches, with a best innings of 66

-Abhiz

Powered by ScribeFire.

Saturday, October 4, 2008

Diapose your old IT equipments properly

Check out ebay and there are lots of old Firewalls and other hardware
waiting to be sold. We have seen in the past when old second hand hard
drives were bought on ebay and then data recovery was performed which
did land up giving up a lot of juicy information and many a times
government details were found which was very critical and did raise
data privacy concerns but this same ebay experiment was performed on
other hardware device which was a Cisco VPN box and guess what ? The
device was configured to connect back directly to the previous owners
VPN device without any authentication. the previous owner was none
other than Kirklees council. The new owner had complete access to the
Kirklees Council network which is a big threat concerning the data they
would have stored on file servers.

So friends please make it a
habit to shred the data, wipe disks according to DoD standards and
reset other devices to default configuration so that such blunders
don't happen with your company.

Read the story here

-Abhiz

Powered by ScribeFire.

Phishing Protection in GMail - Red Warning Google

Spam and Phishing attempts can be found in abundance on the internet
and here I got one from alert@google.com which originally seems to be
coming from 193.67.82.17 IP and the hostname of this IP is veronica and
the username is anupam.

So this guy anupam@veronica is an Indian Spammer but anyways the interesting things about the email are :

1) The email was in my spam folder - Good spam detection
2) Phishing attempted detected - SPF is working for me and Google
3) Red Warning label to make me aware that it is a phishing attempt. - New and Nice feature

The
red warning does not show up when you receive a spam email but it shows
up when an email is being forged and to enable the check your domain
must have SPF checking enabled. You can look at my previous post on how
to enable SPF for Google Apps.

You can see the screenshot of the new red warning phishing notification from Google.

It is not of great help to the geeks but of course for the normal human beings it is definitely a good feature.

Powered by ScribeFire.

PCI Standard 1.2 goes live today

Payment Card Industry Security standard today goes live with version
1.2 which some important changes. This revision was based on feedback
from the corporations and it also incorporates some relaxation to the
Security folks on Firewall rules review etc.

There are lot of
speculations and questions when relating to terms and statements used
in the old PCI standard which includes 1.1 and the PCI standard 1.2
tries to clarify the requirements rather than just beating around the
bush and tells the companies what to do and what they expect. For eq.

1) Firewall rules can now be reviewed in 6 months rather than the current 3 months /quarter.
2) Then every Wireless implementation should be with WEP / WPA encryption.
3) Risk based approach to patch management rather than deadline patching.
4) Penetration testing can be done internally no need for external third parties (cost saving).
5) Policy to outline and keep a check on Managed Security Services providers.

The standard can be found at PCI Security Standards Website.

-Abhiz

Powered by ScribeFire.

Monday, September 29, 2008

Smoking Banned from October 2nd

If you're a chain smoker, you're in for some really rough time come October 2nd - the long gestating new rules for the ban of smoking will be implemented on Gandhi Jayanti.

The 'Prohibition of Smoking in Public Places Rules' by the Union health ministry kick starts in October 2 would ban tobacco consumption in all government or private buildings. Sweating over what 'public places' means? Keep sweating, for the list is this - small cafes, restaurants, schools, pubs or discotheques, stadia, airports, hospitals and bus stands.

In you're caught smoking in the above places, you'd have to to shell out Rs 200. And that's just the first few days, because the fine would later be revised to Rs 1,000.

And the public places that allow employees to smoke within their building premises would have to cough up Rs 5,000 per employee caught smoking.

Smokers' only refuge would be the road or parks.

Also, under the new rules, cigarette and bidi packs will feature either a glossy photo of infected human lungs or an X-ray plate of the chest of a cancer-sticken man. Packets of chewing and smokeless tobacco products will flaunt a graphic image of a scorpion that depicts cancer.

Smoking on the road or the park will save others from the wrath of passive smoking. 250-300 million Indians consume some form of tobacco. And around 14.1% of school-going children have started to smoke.

Health minister A Ramadoss said, "Research has shown that smoking would kill 10 lakh people in India annually from 2010. At present, we estimate that 40% of India's health problems stem from tobacco use. So a smoking ban is essential to save India's future. A similar smoke-free policy introduced by England and Scotland last year saw 45,000 people giving up smoking in just 10 months"

We completely agree with Mr Ramadoss. So if you're a smoker and you think Mr Ramadoss is merely blowing smoke, you can expect the Smokeys showing up in your face brandishing Rs 200 chalans as smoking guns.

-Abhiz

Monday, September 15, 2008

Security Incident Analysis Report

You might be very good at technical skills, you might be the best incident analyst in your organization but if you are not able to deliver your findings or analysis in an effective way to the top folks then all your hard work will be useless.

What matters the most to CXO's when dealing with Incidents:

1) Incident reports
2) Graphs / Pattern
3) High level view of the incident
4) High level view supported by excellent low level incident details
5) Root cause of the incident
6) What went wrong and who should be blamed
7) How to avoid it in future
8) Does this Incident touch compliance requirements.

The CXO's are usually interested in how things have happened and what is the answer they can give when they are asked about the incident that recently happened to the media, to the shareholders and most importantly to their own Bosses.

There are instances when people come up with a 3 page incident report without any format being following, without linking close occurrences of the incident and what lead to such an incident. You can have a look at the incident analysis report from Government of Canada after the Slammer worm was released.

So, when ever you write an incident report make sure you are precise to the point and include all the details with a chain of occurrences and make it effective not just for other technical folks but even for management.

-Abhiz

Security Incident Analysis Report

You might be very good at technical skills, you might be the best incident analyst in your organization but if you are not able to deliver your findings or analysis in an effective way to the top folks then all your hard work will be useless.

What matters the most to CXO's when dealing with Incidents:

1) Incident reports
2) Graphs / Pattern
3) High level view of the incident
4) High level view supported by excellent low level incident details
5) Root cause of the incident
6) What went wrong and who should be blamed
7) How to avoid it in future
8) Does this Incident touch compliance requirements.

The CXO's are usually interested in how things have happened and what is the answer they can give when they are asked about the incident that recently happened to the media, to the shareholders and most importantly to their own Bosses.

There are instances when people come up with a 3 page incident report without any format being following, without linking close occurrences of the incident and what lead to such an incident. You can have a look at the incident analysis report from Government of Canada after the Slammer worm was released.

So, when ever you write an incident report make sure you are precise to the point and include all the details with a chain of occurrences and make it effective not just for other technical folks but even for management.

-Abhiz

Security Incident Analysis Report

You might be very good at technical skills, you might be the best incident analyst in your organization but if you are not able to deliver your findings or analysis in an effective way to the top folks then all your hard work will be useless.

What matters the most to CXO's when dealing with Incidents:

1) Incident reports
2) Graphs / Pattern
3) High level view of the incident
4) High level view supported by excellent low level incident details
5) Root cause of the incident
6) What went wrong and who should be blamed
7) How to avoid it in future
8) Does this Incident touch compliance requirements.

The CXO's are usually interested in how things have happened and what is the answer they can give when they are asked about the incident that recently happened to the media, to the shareholders and most importantly to their own Bosses.

There are instances when people come up with a 3 page incident report without any format being following, without linking close occurrences of the incident and what lead to such an incident. You can have a look at the incident analysis report from Government of Canada after the Slammer worm was released.

So, when ever you write an incident report make sure you are precise to the point and include all the details with a chain of occurrences and make it effective not just for other technical folks but even for management.

-Abhiz

Security Incident Analysis Report

You might be very good at technical skills, you might be the best incident analyst in your organization but if you are not able to deliver your findings or analysis in an effective way to the top folks then all your hard work will be useless.

What matters the most to CXO's when dealing with Incidents:

1) Incident reports
2) Graphs / Pattern
3) High level view of the incident
4) High level view supported by excellent low level incident details
5) Root cause of the incident
6) What went wrong and who should be blamed
7) How to avoid it in future
8) Does this Incident touch compliance requirements.

The CXO's are usually interested in how things have happened and what is the answer they can give when they are asked about the incident that recently happened to the media, to the shareholders and most importantly to their own Bosses.

There are instances when people come up with a 3 page incident report without any format being following, without linking close occurrences of the incident and what lead to such an incident. You can have a look at the incident analysis report from Government of Canada after the Slammer worm was released.

So, when ever you write an incident report make sure you are precise to the point and include all the details with a chain of occurrences and make it effective not just for other technical folks but even for management.

-Abhiz

Security Incident Analysis Report

You might be very good at technical skills, you might be the best incident analyst in your organization but if you are not able to deliver your findings or analysis in an effective way to the top folks then all your hard work will be useless.

What matters the most to CXO's when dealing with Incidents:

1) Incident reports
2) Graphs / Pattern
3) High level view of the incident
4) High level view supported by excellent low level incident details
5) Root cause of the incident
6) What went wrong and who should be blamed
7) How to avoid it in future
8) Does this Incident touch compliance requirements.

The CXO's are usually interested in how things have happened and what is the answer they can give when they are asked about the incident that recently happened to the media, to the shareholders and most importantly to their own Bosses.

There are instances when people come up with a 3 page incident report without any format being following, without linking close occurrences of the incident and what lead to such an incident. You can have a look at the incident analysis report from Government of Canada after the Slammer worm was released.

So, when ever you write an incident report make sure you are precise to the point and include all the details with a chain of occurrences and make it effective not just for other technical folks but even for management.

-Abhiz

Security Incident Analysis Report

You might be very good at technical skills, you might be the best incident analyst in your organization but if you are not able to deliver your findings or analysis in an effective way to the top folks then all your hard work will be useless.

What matters the most to CXO's when dealing with Incidents:

1) Incident reports
2) Graphs / Pattern
3) High level view of the incident
4) High level view supported by excellent low level incident details
5) Root cause of the incident
6) What went wrong and who should be blamed
7) How to avoid it in future
8) Does this Incident touch compliance requirements.

The CXO's are usually interested in how things have happened and what is the answer they can give when they are asked about the incident that recently happened to the media, to the shareholders and most importantly to their own Bosses.

There are instances when people come up with a 3 page incident report without any format being following, without linking close occurrences of the incident and what lead to such an incident. You can have a look at the incident analysis report from Government of Canada after the Slammer worm was released.

So, when ever you write an incident report make sure you are precise to the point and include all the details with a chain of occurrences and make it effective not just for other technical folks but even for management.

-Abhiz

Security Incident Analysis Report

You might be very good at technical skills, you might be the best incident analyst in your organization but if you are not able to deliver your findings or analysis in an effective way to the top folks then all your hard work will be useless.

What matters the most to CXO's when dealing with Incidents:

1) Incident reports
2) Graphs / Pattern
3) High level view of the incident
4) High level view supported by excellent low level incident details
5) Root cause of the incident
6) What went wrong and who should be blamed
7) How to avoid it in future
8) Does this Incident touch compliance requirements.

The CXO's are usually interested in how things have happened and what is the answer they can give when they are asked about the incident that recently happened to the media, to the shareholders and most importantly to their own Bosses.

There are instances when people come up with a 3 page incident report without any format being following, without linking close occurrences of the incident and what lead to such an incident. You can have a look at the incident analysis report from Government of Canada after the Slammer worm was released.

So, when ever you write an incident report make sure you are precise to the point and include all the details with a chain of occurrences and make it effective not just for other technical folks but even for management.

-Abhiz

Security Incident Analysis Report

You might be very good at technical skills, you might be the best incident analyst in your organization but if you are not able to deliver your findings or analysis in an effective way to the top folks then all your hard work will be useless.

What matters the most to CXO's when dealing with Incidents:

1) Incident reports
2) Graphs / Pattern
3) High level view of the incident
4) High level view supported by excellent low level incident details
5) Root cause of the incident
6) What went wrong and who should be blamed
7) How to avoid it in future
8) Does this Incident touch compliance requirements.

The CXO's are usually interested in how things have happened and what is the answer they can give when they are asked about the incident that recently happened to the media, to the shareholders and most importantly to their own Bosses.

There are instances when people come up with a 3 page incident report without any format being following, without linking close occurrences of the incident and what lead to such an incident. You can have a look at the incident analysis report from Government of Canada after the Slammer worm was released.

So, when ever you write an incident report make sure you are precise to the point and include all the details with a chain of occurrences and make it effective not just for other technical folks but even for management.

-Abhiz

Security Incident Analysis Report

You might be very good at technical skills, you might be the best incident analyst in your organization but if you are not able to deliver your findings or analysis in an effective way to the top folks then all your hard work will be useless.

What matters the most to CXO's when dealing with Incidents:

1) Incident reports
2) Graphs / Pattern
3) High level view of the incident
4) High level view supported by excellent low level incident details
5) Root cause of the incident
6) What went wrong and who should be blamed
7) How to avoid it in future
8) Does this Incident touch compliance requirements.

The CXO's are usually interested in how things have happened and what is the answer they can give when they are asked about the incident that recently happened to the media, to the shareholders and most importantly to their own Bosses.

There are instances when people come up with a 3 page incident report without any format being following, without linking close occurrences of the incident and what lead to such an incident. You can have a look at the incident analysis report from Government of Canada after the Slammer worm was released.

So, when ever you write an incident report make sure you are precise to the point and include all the details with a chain of occurrences and make it effective not just for other technical folks but even for management.

-Abhiz

Security Incident Analysis Report

You might be very good at technical skills, you might be the best incident analyst in your organization but if you are not able to deliver your findings or analysis in an effective way to the top folks then all your hard work will be useless.

What matters the most to CXO's when dealing with Incidents:

1) Incident reports
2) Graphs / Pattern
3) High level view of the incident
4) High level view supported by excellent low level incident details
5) Root cause of the incident
6) What went wrong and who should be blamed
7) How to avoid it in future
8) Does this Incident touch compliance requirements.

The CXO's are usually interested in how things have happened and what is the answer they can give when they are asked about the incident that recently happened to the media, to the shareholders and most importantly to their own Bosses.

There are instances when people come up with a 3 page incident report without any format being following, without linking close occurrences of the incident and what lead to such an incident. You can have a look at the incident analysis report from Government of Canada after the Slammer worm was released.

So, when ever you write an incident report make sure you are precise to the point and include all the details with a chain of occurrences and make it effective not just for other technical folks but even for management.

-Abhiz

Security Incident Analysis Report

You might be very good at technical skills, you might be the best incident analyst in your organization but if you are not able to deliver your findings or analysis in an effective way to the top folks then all your hard work will be useless.

What matters the most to CXO's when dealing with Incidents:

1) Incident reports
2) Graphs / Pattern
3) High level view of the incident
4) High level view supported by excellent low level incident details
5) Root cause of the incident
6) What went wrong and who should be blamed
7) How to avoid it in future
8) Does this Incident touch compliance requirements.

The CXO's are usually interested in how things have happened and what is the answer they can give when they are asked about the incident that recently happened to the media, to the shareholders and most importantly to their own Bosses.

There are instances when people come up with a 3 page incident report without any format being following, without linking close occurrences of the incident and what lead to such an incident. You can have a look at the incident analysis report from Government of Canada after the Slammer worm was released.

So, when ever you write an incident report make sure you are precise to the point and include all the details with a chain of occurrences and make it effective not just for other technical folks but even for management.
-Abhiz

Security threats of Biometric E - Passports in India

Mr Pranab Mukherjee, External Affairs Minister of India has declared that E-Passports and Biometric passports will be availiable and issued to general public by september 2009.

This will surely help the government to issue passports quickly but the problem lies in the technology, The Biometric passport experiment by the United States and other countries have already been under the ire of hackers.

It has been proved that the biometric passports have been cloned even while they were lying in the bag of the holder, no need to have the passport in your hand.

The new version of passports were released by British government which said was said to be "FakeProof" even that was not of any use, the FakeProof Passports were cloned in minutes of launch.

If the biometric e-passports launched by India are cloned, it can be misused and that can lead to bad consequences like identity theft, flee from one country to other and sky is limit to do frauds with these cloned passports.

Now with the growing threats of Cybercrime, Hacking incidents from China and other countries, Terrorists using Open Wifi and Governments dependence on technology is not going to be easy.

Indian government needs to think about how they are going to do it and no matter how foolproof and secure the technology is we know it can be breached. There is major challenge for the government in so agressive adoption of technology and with the technology even the law needs to be updated because the IT Act 2000 is quite outdated the recent amendments are not enough to cover the new threats and challenges standing ahead of us.

-Abhiz

Security threats of Biometric E - Passports in India

Mr Pranab Mukherjee, External Affairs Minister of India has declared that E-Passports and Biometric passports will be availiable and issued to general public by september 2009.

This will surely help the government to issue passports quickly but the problem lies in the technology, The Biometric passport experiment by the United States and other countries have already been under the ire of hackers.

It has been proved that the biometric passports have been cloned even while they were lying in the bag of the holder, no need to have the passport in your hand.

The new version of passports were released by British government which said was said to be "FakeProof" even that was not of any use, the FakeProof Passports were cloned in minutes of launch.

If the biometric e-passports launched by India are cloned, it can be misused and that can lead to bad consequences like identity theft, flee from one country to other and sky is limit to do frauds with these cloned passports.

Now with the growing threats of Cybercrime, Hacking incidents from China and other countries, Terrorists using Open Wifi and Governments dependence on technology is not going to be easy.

Indian government needs to think about how they are going to do it and no matter how foolproof and secure the technology is we know it can be breached. There is major challenge for the government in so agressive adoption of technology and with the technology even the law needs to be updated because the IT Act 2000 is quite outdated the recent amendments are not enough to cover the new threats and challenges standing ahead of us.

-Abhiz

Security threats of Biometric E - Passports in India

Mr Pranab Mukherjee, External Affairs Minister of India has declared that E-Passports and Biometric passports will be availiable and issued to general public by september 2009.

This will surely help the government to issue passports quickly but the problem lies in the technology, The Biometric passport experiment by the United States and other countries have already been under the ire of hackers.

It has been proved that the biometric passports have been cloned even while they were lying in the bag of the holder, no need to have the passport in your hand.

The new version of passports were released by British government which said was said to be "FakeProof" even that was not of any use, the FakeProof Passports were cloned in minutes of launch.

If the biometric e-passports launched by India are cloned, it can be misused and that can lead to bad consequences like identity theft, flee from one country to other and sky is limit to do frauds with these cloned passports.

Now with the growing threats of Cybercrime, Hacking incidents from China and other countries, Terrorists using Open Wifi and Governments dependence on technology is not going to be easy.

Indian government needs to think about how they are going to do it and no matter how foolproof and secure the technology is we know it can be breached. There is major challenge for the government in so agressive adoption of technology and with the technology even the law needs to be updated because the IT Act 2000 is quite outdated the recent amendments are not enough to cover the new threats and challenges standing ahead of us.

-Abhiz

Security threats of Biometric E - Passports in India

Mr Pranab Mukherjee, External Affairs Minister of India has declared that E-Passports and Biometric passports will be availiable and issued to general public by september 2009.

This will surely help the government to issue passports quickly but the problem lies in the technology, The Biometric passport experiment by the United States and other countries have already been under the ire of hackers.

It has been proved that the biometric passports have been cloned even while they were lying in the bag of the holder, no need to have the passport in your hand.

The new version of passports were released by British government which said was said to be "FakeProof" even that was not of any use, the FakeProof Passports were cloned in minutes of launch.

If the biometric e-passports launched by India are cloned, it can be misused and that can lead to bad consequences like identity theft, flee from one country to other and sky is limit to do frauds with these cloned passports.

Now with the growing threats of Cybercrime, Hacking incidents from China and other countries, Terrorists using Open Wifi and Governments dependence on technology is not going to be easy.

Indian government needs to think about how they are going to do it and no matter how foolproof and secure the technology is we know it can be breached. There is major challenge for the government in so agressive adoption of technology and with the technology even the law needs to be updated because the IT Act 2000 is quite outdated the recent amendments are not enough to cover the new threats and challenges standing ahead of us.

-Abhiz

Security threats of Biometric E - Passports in India

Mr Pranab Mukherjee, External Affairs Minister of India has declared that E-Passports and Biometric passports will be availiable and issued to general public by september 2009.

This will surely help the government to issue passports quickly but the problem lies in the technology, The Biometric passport experiment by the United States and other countries have already been under the ire of hackers.

It has been proved that the biometric passports have been cloned even while they were lying in the bag of the holder, no need to have the passport in your hand.

The new version of passports were released by British government which said was said to be "FakeProof" even that was not of any use, the FakeProof Passports were cloned in minutes of launch.

If the biometric e-passports launched by India are cloned, it can be misused and that can lead to bad consequences like identity theft, flee from one country to other and sky is limit to do frauds with these cloned passports.

Now with the growing threats of Cybercrime, Hacking incidents from China and other countries, Terrorists using Open Wifi and Governments dependence on technology is not going to be easy.

Indian government needs to think about how they are going to do it and no matter how foolproof and secure the technology is we know it can be breached. There is major challenge for the government in so agressive adoption of technology and with the technology even the law needs to be updated because the IT Act 2000 is quite outdated the recent amendments are not enough to cover the new threats and challenges standing ahead of us.

-Abhiz

Security threats of Biometric E - Passports in India

Mr Pranab Mukherjee, External Affairs Minister of India has declared that E-Passports and Biometric passports will be availiable and issued to general public by september 2009.

This will surely help the government to issue passports quickly but the problem lies in the technology, The Biometric passport experiment by the United States and other countries have already been under the ire of hackers.

It has been proved that the biometric passports have been cloned even while they were lying in the bag of the holder, no need to have the passport in your hand.

The new version of passports were released by British government which said was said to be "FakeProof" even that was not of any use, the FakeProof Passports were cloned in minutes of launch.

If the biometric e-passports launched by India are cloned, it can be misused and that can lead to bad consequences like identity theft, flee from one country to other and sky is limit to do frauds with these cloned passports.

Now with the growing threats of Cybercrime, Hacking incidents from China and other countries, Terrorists using Open Wifi and Governments dependence on technology is not going to be easy.

Indian government needs to think about how they are going to do it and no matter how foolproof and secure the technology is we know it can be breached. There is major challenge for the government in so agressive adoption of technology and with the technology even the law needs to be updated because the IT Act 2000 is quite outdated the recent amendments are not enough to cover the new threats and challenges standing ahead of us.

-Abhiz

Security threats of Biometric E - Passports in India

Mr Pranab Mukherjee, External Affairs Minister of India has declared that E-Passports and Biometric passports will be availiable and issued to general public by september 2009.

This will surely help the government to issue passports quickly but the problem lies in the technology, The Biometric passport experiment by the United States and other countries have already been under the ire of hackers.

It has been proved that the biometric passports have been cloned even while they were lying in the bag of the holder, no need to have the passport in your hand.

The new version of passports were released by British government which said was said to be "FakeProof" even that was not of any use, the FakeProof Passports were cloned in minutes of launch.

If the biometric e-passports launched by India are cloned, it can be misused and that can lead to bad consequences like identity theft, flee from one country to other and sky is limit to do frauds with these cloned passports.

Now with the growing threats of Cybercrime, Hacking incidents from China and other countries, Terrorists using Open Wifi and Governments dependence on technology is not going to be easy.

Indian government needs to think about how they are going to do it and no matter how foolproof and secure the technology is we know it can be breached. There is major challenge for the government in so agressive adoption of technology and with the technology even the law needs to be updated because the IT Act 2000 is quite outdated the recent amendments are not enough to cover the new threats and challenges standing ahead of us.

-Abhiz

Security threats of Biometric E - Passports in India

Mr Pranab Mukherjee, External Affairs Minister of India has declared that E-Passports and Biometric passports will be availiable and issued to general public by september 2009.

This will surely help the government to issue passports quickly but the problem lies in the technology, The Biometric passport experiment by the United States and other countries have already been under the ire of hackers.

It has been proved that the biometric passports have been cloned even while they were lying in the bag of the holder, no need to have the passport in your hand.

The new version of passports were released by British government which said was said to be "FakeProof" even that was not of any use, the FakeProof Passports were cloned in minutes of launch.

If the biometric e-passports launched by India are cloned, it can be misused and that can lead to bad consequences like identity theft, flee from one country to other and sky is limit to do frauds with these cloned passports.

Now with the growing threats of Cybercrime, Hacking incidents from China and other countries, Terrorists using Open Wifi and Governments dependence on technology is not going to be easy.

Indian government needs to think about how they are going to do it and no matter how foolproof and secure the technology is we know it can be breached. There is major challenge for the government in so agressive adoption of technology and with the technology even the law needs to be updated because the IT Act 2000 is quite outdated the recent amendments are not enough to cover the new threats and challenges standing ahead of us.

-Abhiz

Security threats of Biometric E - Passports in India

Mr Pranab Mukherjee, External Affairs Minister of India has declared that E-Passports and Biometric passports will be availiable and issued to general public by september 2009.

This will surely help the government to issue passports quickly but the problem lies in the technology, The Biometric passport experiment by the United States and other countries have already been under the ire of hackers.

It has been proved that the biometric passports have been cloned even while they were lying in the bag of the holder, no need to have the passport in your hand.

The new version of passports were released by British government which said was said to be "FakeProof" even that was not of any use, the FakeProof Passports were cloned in minutes of launch.

If the biometric e-passports launched by India are cloned, it can be misused and that can lead to bad consequences like identity theft, flee from one country to other and sky is limit to do frauds with these cloned passports.

Now with the growing threats of Cybercrime, Hacking incidents from China and other countries, Terrorists using Open Wifi and Governments dependence on technology is not going to be easy.

Indian government needs to think about how they are going to do it and no matter how foolproof and secure the technology is we know it can be breached. There is major challenge for the government in so agressive adoption of technology and with the technology even the law needs to be updated because the IT Act 2000 is quite outdated the recent amendments are not enough to cover the new threats and challenges standing ahead of us.

-Abhiz

Security threats of Biometric E - Passports in India

Mr Pranab Mukherjee, External Affairs Minister of India has declared that E-Passports and Biometric passports will be availiable and issued to general public by september 2009.

This will surely help the government to issue passports quickly but the problem lies in the technology, The Biometric passport experiment by the United States and other countries have already been under the ire of hackers.

It has been proved that the biometric passports have been cloned even while they were lying in the bag of the holder, no need to have the passport in your hand.

The new version of passports were released by British government which said was said to be "FakeProof" even that was not of any use, the FakeProof Passports were cloned in minutes of launch.

If the biometric e-passports launched by India are cloned, it can be misused and that can lead to bad consequences like identity theft, flee from one country to other and sky is limit to do frauds with these cloned passports.

Now with the growing threats of Cybercrime, Hacking incidents from China and other countries, Terrorists using Open Wifi and Governments dependence on technology is not going to be easy.

Indian government needs to think about how they are going to do it and no matter how foolproof and secure the technology is we know it can be breached. There is major challenge for the government in so agressive adoption of technology and with the technology even the law needs to be updated because the IT Act 2000 is quite outdated the recent amendments are not enough to cover the new threats and challenges standing ahead of us.

-Abhiz

Security threats of Biometric E - Passports in India

Mr Pranab Mukherjee, External Affairs Minister of India has declared that E-Passports and Biometric passports will be availiable and issued to general public by september 2009.

This will surely help the government to issue passports quickly but the problem lies in the technology, The Biometric passport experiment by the United States and other countries have already been under the ire of hackers.

It has been proved that the biometric passports have been cloned even while they were lying in the bag of the holder, no need to have the passport in your hand.

The new version of passports were released by British government which said was said to be "FakeProof" even that was not of any use, the FakeProof Passports were cloned in minutes of launch.

If the biometric e-passports launched by India are cloned, it can be misused and that can lead to bad consequences like identity theft, flee from one country to other and sky is limit to do frauds with these cloned passports.

Now with the growing threats of Cybercrime, Hacking incidents from China and other countries, Terrorists using Open Wifi and Governments dependence on technology is not going to be easy.

Indian government needs to think about how they are going to do it and no matter how foolproof and secure the technology is we know it can be breached. There is major challenge for the government in so agressive adoption of technology and with the technology even the law needs to be updated because the IT Act 2000 is quite outdated the recent amendments are not enough to cover the new threats and challenges standing ahead of us.

-Abhiz

Wednesday, September 10, 2008

Top Network Security Test To Business

This report was released targeting SMB's but I would say these threats are very prominent in Big Organizations also. The threats fall into the same category but the only variation is the method of exploitation.


The 10 network security threats can be found below:

10) Insiders
- In many SMBs, business records and customer information is often entrusted to a single person. Without adequate checks and balances, including network system logs and automated reports, data loss from within can stretch over long periods of time.

9) Lack of Contingency Plans - One of the biggest threats to SMBs relates to the business impact of post-hack, intrusion or virus. Many SMBs lack a data loss response policy or disaster recovery plan, leaving their business slow to recover and restart operations.

8) Unchanged Factory Defaults - Hackers publish and maintain exhaustive lists of default logins (username and password) to nearly every networked device, and can easily take control of network resources if the default factory configuration settings are not changed.

7) The Unsecured Home - In many small businesses, employees often take laptops home to work. In an unsecured home network environment, a business laptop can be dangerously exposed to viruses, attacks and malware applications.

6) Reckless Use of Public Networks - A common ruse by attackers is to put up an unsecured wireless access point labelled, "Free Public WiFi" and simply wait for a connection-starved road warrior to connect. With a packet sniffer enabled, an attacker stealthily sees everything the employee types, and is then able to utilize that data for personal gain.

5) Loss of Portable Devices - Much SMB data is compromised every year due to lost laptops, misplaced mobile devices and left behind USB sticks. Although encryption of mobile device data and use of strong passwords would mitigate many of these losses, many SMB users simply fail to secure their mobile devices and data.

4) Compromised Web Servers - Many SMBs host their own websites without adequate protection, leaving their business networks exposed to SQL injections and botnet attacks.

3) Reckless Web Surfing - Now more than ever, malware, spyware, keyloggers and spambots reside in innocuous looking websites. Employees who venture into ostensibly safe sites may be unknowingly exposing their business networks to extreme threats.

2) Malicious HTML E-mail - No longer are attackers sending e-mails with malicious attachments. Today, the threat is hidden in HTML e-mail messages that include links to malicious, booby-trapped sites. A wrong click can easily lead to a drive by download.

1) Unpatched Vulnerabilities Open to Known Exploits - More than 90 percent of automated attacks try to leverage known vulnerabilities. Although patches are issued regularly, a short staffed SMB may likely fail to install the latest application updates and patches to their systems, leaving them vulnerable to an otherwise easily stopped attack.

WatchGuard Technologies has released the above findings..

-Abhiz

Google can be bad for you company - Tech and Security Flaws

An error in Google News index service which is fully automatic and no manual labor is involved in screening it. Caused an error due to which a old news (2002 article) was treated as a latest news item and this was included by a investor news service in their daily news letter which said the United Airlines has filed for bankruptcy. Which was a fear in the minds of the investors due to the history of United Airlines.

The Stock of United Airlines fell 75% from $12.30 to less than $3.

A simple flaw in Google news index service caused a lot of pain not only for the company but even for the traders and investors.

Tip: Google news utilizes the Google Indexing Service which surely will be vulnerable to this current flaw and this can be used by SEO enthusiasts to get good placing in the search engine results.

The way Google is coming up with products which are always full of flaws, never polished and quietly labeled "Beta". Google is causing lot of problems for people. Google uses the Crowd Sourcing mentality in which everyone follows one stupid guy and due to one guy everyone suffers. It feels like a Sweet Poison.

Take recent security flaws discovered in Google :
1) Gmail session key hijacking
2) Recent Google Apps outage - 2 Times
3) Random deletion of emails in Gmail going on from long time
4) The famous Google Chrome Browser which is full of vulnerabilities.
5) Google updates Chrome browser without even asking users if they want to upgrade to the latest version. They install it silently.

It has become a Fashion statement to make fun of Microsoft and abuse Bill Gates but they are getting much better than what they were sometime back.

Google created a hype about Chrome Web Browser but it was ripped apart by Security researchers in no time.

Google should stop being irresponsible and take flaws (Security or Non-Security) very seriously.

Google surely has a lot of talented resources at disposal and they should be put to correct work, 20% time is not always a good idea.

-Abhiz

Sunday, September 7, 2008

Phishing: Security Alerts From HDFC Bank






There was a wave of emails coupled by phishing attacks for ICICI
Bank customers and it has considerable slowed down. Today I saw this
email in my inbox claiming to be from netbanking@hdfcbank.com - Which
says it is a Security Alert that I need to enter my Customer ID and
IPIN so that the technical Crew HDFC can perform a security upgrade.


You can see the actual Email below.

There are many mistakes in this email and I wonder why the AntiSpam didn't pick it up.

1)
The SPF test for this Email Server Fails, It is coming from
208.78.58.98 - host98.xicom58.juch-tech.com, Located in Canada where as
Hdfcbank.com is a different IP altogather.
2) The Link is pointing to http://hdfcsecuredataaccess.agilityhoster.com/ instead of HDFC Bank.
3) AnyBank will not send an email which such poor layout.
4) No Bank will send such an email to its customers to enter their Login details on a website.

This
kind of Phishing attack is nothing new, But looking at the recent
pattern's of growin phishing attacks and web malware there is lot more
of such Phishing scams to come with localised version, specially
targetted for Indians.

First it was ICICI Bank Now its HDFC and soon it might be AXIS or SBI.

Just
play safe, Don't click on any such links in email, your bank will never
ask you to verify your login details or credit card number(They already
have those details).


-Abhiz

Portable Google Chrome Browser Download

Google has unveiled a new browser Google Chrome with lots of features and is available for download - Portable Version

1) Simple UI - They didn't have good resources to do it.
2) Open Source - Candy for Tech Guys
3) Based on WebKit - Similar to Safari which makes chrome faster than IE and Firefox
4) Dynamic Tabs
5) Safe or Privacy mode browsing
6) Uses Less memory - We will see that in the near future when a full fledged version is out.
7) Sandboxed - So that a crash in tab 1 cannot crash the whole browser.

Everything
is right, What Google has done with Chrome is cool but again we cannot
ignore the security issues that will surface against the most advanced
browser :P

There are already Browser Crash issues being report
so there is no way you can say it is going to be a secure browser, I
had a test run but I am still not convinced about it. I will stick with
Firefox 3 for now.

Google wants to move everything to the web
hence they released this browser, this is for their own gain not for
community so anyways their focus will be more on Web Apps rather than
Security.

Google planned to sell Chrome by saying it is
Sandboxed and with full of security integrated but you can see it for
your self by clicking the link below with Chrome.

Click this link with Google Chrome for Magic

You can download the Portable version of Google Chrome from here

Abhiz

Thursday, August 28, 2008

Top 10 Firefox add-ons

Add-ons or extensions are small pieces of software that can add new features or tiny tweaks to your browser. They can add niche search engines, change the look of your browser tool bar, block annoying pop-ups, preview links, organise your browsing history and do much more.

Mozilla Corp, which recently set a world record with Firefox 3, recently held its annual competition that recognises the year's best Firefox add-ons.

This year's contest focused on add-ons that took advantage of its latest open-source browser Firefox 3. Here's listing what Mozilla crowned best Firefox add-ons.

Click Here

-Abhiz

Tuesday, August 19, 2008

Be a Web Security Samurai

We have BackTrack Live CD for Penetration Testers with lots of tools from scanning to gaining root and 0wn a machine, BackTrack already has most of the tools that are needed by PenTesters but there this is a new kid on the block with a Focus on Web Security Testing Live CD named Samurai.This is what the Official Website of Samurai has to say..
"The Samurai Web Testing Framework is a live linux environment that has been pre-configured to function as a web pen-testing environment. The CD contains the best of the open source and free tools that focus on testing and attacking websites. In developing this environment, we have based our tool selection on the tools we use in our security practice. We have included the tools used in all four steps of a web pen-test.
Starting with reconnaissance, we have included tools such as the Fierce domain scanner and Maltego. For mapping, we have included tools such WebScarab and ratproxy. We then chose tools for discovery. These would include w3af and burp. For exploitation, the final stage, we included BeEF, AJAXShell and much more. This CD also includes a pre-configured wiki, set up to be the central information store during your pen-test."---------Looks like they have integrated all web security tools but the problem is how many CD's or USB drives should I carry with me?The problem with Linux is tremendous amount of forks happen within a very short span of time, We have WHAX Penetration Live CD, We have the wonderful Backtrack and now Samurai.Although they are all for different uses why can't just one Live distribution have it all, that is the reason I have created a Live Distribution with the tools that I need, which I carry with me. I know my need and the choice of tools on my Live CD might not be exhaustive like the ones above but I surely have what I need and even if there is something required badly I can always get it off the net while the distribution is running.What do you think ? Is it better to have your own custom distribution or carry many Special Purpose Live CD's with you.

-Abhiz

PCI Compliance Guide from Microsoft

This is a good guide from Microsoft about PCI Compliance and is surely a must read for people who want to know more about PCI or implement PCI Compliance at any level, which is a pushing factor for all the companies who manage their customers credit card data and do financial transactions.Being compliant to a standard like PCI does not mean you are Secure!"The Payment Card Industry Data Security Standard Compliance Planning Guide is designed to help organizations meet Payment Card Industry Data Security Standard (PCI DSS) requirements. Specifically, this guide is targeted to merchants that accept payment cards, financial institutions that process payment card transactions, and service providers—third-party companies that provide payment card processing or data storage services. IT solutions for each of these groups must meet all PCI DSS requirements. The guide is intended to augment The Regulatory Compliance Planning Guide, which introduces a framework-based approach to creating IT controls as part of your efforts to comply with multiple regulations and standards. This guide also describes Microsoft products and technology solutions that you can use to implement a series of IT controls to help meet the PCI DSS requirements, as well as any other regulatory obligations your organization may have." Download the PCI Compliance guide.

-Abhiz

Encryption Toolkit from Google

Google has released an open source cryptographic toolkit "Keyczar" for developers to use it in their applications, it supports authentication and encryption with both symmetric and asymmetric keys.Keyczar currently supports Python and Java implementation but this toolkit is not designed to be used as an replacement for OpenSSL.This toolkit can be used in your web applications to encode the URL and validate on the server by using cipher keys etc.But the challenge for Keyczar is there are many such implementations already availiable for Python, PHP and Microsoft Dotnet. Lets see how much adoption does Keyczar gets and yes even if people don't use it in their self-hosted projects you should be able to use it with AppEngine from Google.

-Abhiz

Another reason to secure your Wifi

Indian police investigating bomb blasts which killed 42 people traced an email claiming responsibility to a Mumbai apartment, they immediately raided the apartment in which a American national was staying.But after through investigation the police came to a conclusion that the American national was not the one who send that email but his Internet Connection was used to pass on the information, He had an Open Wifi connection without any Encryption and the range of the Wifi was accessible at quite good distance.Now the American was not involved but the terrorists used his open wifi connection and sent an email and he got in trouble. This is just another reason you should secure your PC as well as your Internet infrastructure because the moron's are getting smarter. 1) They used open wifi to send an email 2) they used microchips in the bombs that they planted in surat (good that the microchips were faulty and failed).What should people do to secure their Wifi ?1) First log everything at the router level, email the logs periodically to a email address to keep as backup.2) Use Encryption, WEP or WPA - WEP is quite easy to crack so I would recommend using WPA.3) Change default passwords immediately as soon as the technical support guy leaves your house.4) Switch off the router/modem when not in use.5) Monitor your internet bills because a unusual spike is a clear indication of misuse of your internet.6) Configuring MAC Address Filtering in your Modem/router so that only your machine gets connected to internet.7) If you use only 1 machine for Wifi reduce the DHCP address pool lease so that only one machine is connected to the internet at a time, or better of use static IP Address.One more thing i would like to add is the modem/router installation team of the ISP should take the lead and stop people from using Open Wifi and WEP, they should assist them in setting up WPA because its not just hackers or neighbors stealing your wifi connection even the very bad can use it for their bad deeds and you are innocent but can still end up in trouble like the American national.

-Abhiz

Wednesday, August 13, 2008

What's the need for Linux apps on Windows?

As for why you'd want to do this, there are several Linux apps that are much better -- and with more advanced features -- than their Windows counterparts.

Amarok on the desktop (Click for larger).
Amarok on the desktop (Click for larger).

For example, Amarok is a superior alternative to Windows Media Player or iTunes, especially if you ever need to take music off your iPod. Amarok lets you move files in both directions -- onto the iPod and from the iPod onto your desktop, a function that iTunes by itself does not provide. Amarok also has better options for tagging your music than iTunes, and it features integration with Wikipedia and the Last.fm social network.

Web developers and designers could test their pages against Linux browsers like Konqueror or Epiphany. Also, those working in scientific fields probably use a number of Linux-based apps that haven't yet been ported to Windows (and may never be).

Running apps in a faux-native environment will always be easier than dual-booting into a second OS. And aside from the practical concerns, it's just plain cool. Or creepy, depeding on your bias.


-Abhiz