tag:blogger.com,1999:blog-30656601613282404772024-03-18T21:11:48.306-07:00Tech TalkAbhizhttp://www.blogger.com/profile/16736298656356071129noreply@blogger.comBlogger1523125tag:blogger.com,1999:blog-3065660161328240477.post-90749998752376026822008-12-11T09:44:00.000-08:002009-01-19T07:41:31.017-08:00MS Ireland blocks redirection 'hack' - eventually<div xmlns='http://www.w3.org/1999/xhtml'><div id='body'><br /><p>Surfers attempting to visit Microsoft's Irish website via<br />Microsoft.ie on Tuesday morning were greeted with a defaced page<br />instead.</p><br /><br /><p>Hackers sprayed digital graffiti bragging that Microsoft Ireland had<br />been hacked by the previously unknown "Terrorist crew". The message,<br />which contains greetings to other hackers, as is the custom with<br />defaced websites, did not arise through a direct attack on Microsoft's<br />site itself.</p><br /><div class='CaptionedImage Right Float'><br /><img height='313' width='425' alt='' src='http://regmedia.co.uk/2008/12/09/ms_ie.jpg'/><p>MS Ireland redirection graffiti</p><br /></div><br /><br /><p>Rather, the miscreants succeeded in somehow re-routing the redirection page from Microsoft.ie to the main site.</p><br /><br /><p>Microsoft fixed the issue, which existed for a few hours, this<br />morning. The software giant promised to improved its security to<br />prevent a repetition of the incident.</p><br /><br /><p>"There was no issue with the Microsoft Ireland website, however<br />there was a security incident with one of the re-directs from the<br />'Microsoft.ie' domain to 'Microsoft.com/Ireland' which is hosted by a<br />third party," a Microsoft Ireland spokesman explained.</p><br /><br /><p>"We resolved the re-direct issue very quickly and the Microsoft<br />Ireland site (and other Microsoft sites) were not affected by this<br />incident. We take these incidents very seriously and we are working<br />with the third party to ensure this issue isn't repeated. We have also<br />informed the relevant authorities," he added. ®</p><p>-abhiz<br/></p><br /></div><p class='scribefire-powered'>Powered by <a href='http://www.scribefire.com/'>ScribeFire</a>.</p></div>Abhizhttp://www.blogger.com/profile/16736298656356071129noreply@blogger.com0tag:blogger.com,1999:blog-3065660161328240477.post-81261500780248339112008-12-01T08:16:00.000-08:002009-01-19T07:41:31.042-08:00Information Security Blog by Abhishek Amralkar: Pakistan Says Cyber Terrorist will be hanged<a href="http://mixbloggy.blogspot.com/2008/11/pakistan-says-cyber-terrorist-will-be.html">Information Security Blog by Abhishek Amralkar: Pakistan Says Cyber Terrorist will be hanged</a>Abhizhttp://www.blogger.com/profile/16736298656356071129noreply@blogger.com0tag:blogger.com,1999:blog-3065660161328240477.post-48664952875316867762008-12-01T07:46:00.000-08:002009-01-19T07:41:31.067-08:00India v/s Pakistan - Just more than cyberwar ?Indian and Pakistani Hackers having been <a href="http://timesofindia.indiatimes.com/Hyderabad/Hackers_deface_CID_website/articleshow/3762088.cms">playing this game </a>from quite sometime now, hacking into the websites of the other country. Indian hackers hacked into Oil and Gas Regulatory Authority’s and Pakistan hackers replied back by hacking into ONGC and AndraPradesh CID website.<br /><br />I am really very upset with what has happened in mumbai and there is a limit to everything. I recall even during the Kargil war while the army battled in kargil, hackers hacked the other countries website. I am not sure if the situation is same or not but I want the bastards to justify their acts and they should be punished even if India has to take drastic steps so be it.Abhizhttp://www.blogger.com/profile/16736298656356071129noreply@blogger.com0tag:blogger.com,1999:blog-3065660161328240477.post-355316489437376032008-12-01T07:44:00.000-08:002009-01-19T07:41:31.084-08:00When Genuine Company Spams - SatGuide GPS Navigation<p>SatGuide is a product based company that sells GPS solutions, including Personal Navigation systems, Navigation kits for Laptops and Cell Phones.<br />And now I have received lot of spam from them to buy their product and in the email they said I requested the brouchers of their products at some mall which I know I never did and I use different emails for different reason so that tells me from where they got that email address. (I would love to pursue the bastard company that sold my email address to this freaking people).<br /><br />Now I request all the people around in India or abroad whereever this company is selling its products please don't buy their products as they might have some product but Spamming is bloody not allowed for any reason and even if you still want to buy go and search about their products which will tell you not to buy anything from them. one of the many bad experience can be found at <a href="https://www.team-bhp.com/forum/gadgets-computers-software/33518-satnav-technologies-satguide-stay-away.html">team-bhp.com</a><br /><br />Infact I would say go for MapMyIndia <a href="http://www.mapmyindia.com/navigator/">Navigator</a> which is much better.<br />These are some of the links you might want to block at your company level<br />www.a-mantra.com<br />www.roadsofindia.com<br />www.satnavtechnologies.com<br />http://www.satguide.in<br />--<br /><br />I understand the economic conditions are bad, companies are feeling the heat due to drop in sales and demand but this does not mean you can SPAM people. I requested to be removed from their email list 3 times but still nothing happened but now they are adding me to Yahoo Groups so that they can constantly spam me which is very irritating as I don't like their F**king product.<br /></p><p><br /></p><p>-Abhiz<br /></p>Abhizhttp://www.blogger.com/profile/16736298656356071129noreply@blogger.com0tag:blogger.com,1999:blog-3065660161328240477.post-5060702966812905912008-11-27T04:40:00.000-08:002009-01-19T07:41:31.104-08:00ATS Chief dies a Hero's Death<div xmlns='http://www.w3.org/1999/xhtml'><font class='StoryBodyText'>Mumbai, Nov 27 (PTI) He wore a helmet,<br />talked on his cellphone and finally put on a bullet-proof jacket before<br />he met his deathly fate in the country's biggest terror seize.<br/><br />Maharashtra Anti-Terrorism Squad (ATS) chief Hemant Karkare, who was<br />probing the Malegaon blasts case, suffered three bullet injuries in his<br />chest as he was leading the offensive against the terrorists in one of<br />the places the ultras had holed out early this morning.<br/><br /><br/> The last television visuals of the 54-year-old officer showed him<br />in a light blue shirt and dark trousers surrounded by uniformed<br />policemen armed with firearms and walkie-talkies.<br/><br /><br/> Karkare, a 1982 batch IPS officer, became the head of ATS in<br />January this year following his return to the state cadre after serving<br />seven years in Research and Analysis Wing (RAW) in Austria.<br/><br /><br/> One of the brightest officers, Karkare had solved the serial bomb<br />blasts in Thane, Vashi and Panvel and was also credited for the<br />stunning revelations in the investigation of the September 29 blast in<br />Malegaon. He is known for his discipline and fair investigation.<br/><br /><br/> During the Malegaon investigation, Karkare had told his officers<br />not to create false evidence, saying, "We should do our job and it is<br />for the court to decide." Incidentally, the Pune ATS on November 26<br />reportedly received phone calls threatening to blow up the residence of<br />Karkare "within a couple of days".<br/><br /><br/> In his last interview to a television channel yesterday, he<br />referred to getting the custody of Malegaon blast accused Sadhvi Pragya<br />Singh Thakur, and said "police custody would have helped investigations<br />to proceed faster but still we will see how best to deal with it in a<br />legal way". <br/><br/>My Salute to the great man<br/><br/>-Abhiz<br/></font><p class='scribefire-powered'>Powered by <a href='http://www.scribefire.com/'>ScribeFire</a>.</p></div>Abhizhttp://www.blogger.com/profile/16736298656356071129noreply@blogger.com0tag:blogger.com,1999:blog-3065660161328240477.post-8607029287437106242008-11-09T04:11:00.000-08:002009-01-19T07:41:31.137-08:00Pakistan Says Cyber Terrorist will be hanged<div xmlns='http://www.w3.org/1999/xhtml'><em><span style='font-size: 85%;'>"Pakistani president Asif Ali Zardari<br />signed a law making cyber terror a crime "punishable with death."<br />Executions will only be allowed if the hack attack "causes [the] death<br />of any person," the Prevention of Electronic Crimes law states."</span></em><br/><br/>Cybercriminals<br />are always in news over new malware, vulnerabilities, ID Theft or<br />Credit Card Theft. We have enough proof that even terrorists use<br />internet a lot because they can hide anywhere in the world and<br />communicate whatever they want to with each other. For. eq. recent bomb<br />blasts in ahmedabad terrorists sent an email from an Open Wifi<br />connection in mumbai and dared the indian government to stop them and<br />there is very little government can do about in such scenario. But the<br />best way is to react back and hit so hard at such bastards that nobody<br />ever dares to do something like this, government should make sure that<br />they are scared to death even in the dreams. Pakistan got a law in<br />place as now that anybody who causes death by electronic means will be<br />punishable by death, the maximum punishment in India for a Hacker is 3<br />years and in United States around 20 years and I am not aware of<br />anybody staying behind the bars for that long.<br/><br/>This move from <a href='http://blog.wired.com/defense/2008/11/cyber-terror.html'>Pakistan</a><br />was a real shocker but it is welcome as we have seen lot of cyber<br />fights happening and the recent increase in terrorists activity.<br/><br/>-Abhiz<br/><p class='scribefire-powered'>Powered by <a href='http://www.scribefire.com/'>ScribeFire</a>.</p></div>Abhizhttp://www.blogger.com/profile/16736298656356071129noreply@blogger.com0tag:blogger.com,1999:blog-3065660161328240477.post-75785386963926419582008-11-07T06:18:00.000-08:002009-01-19T07:41:31.154-08:00Best way to recover Encryption keys or Passwords from Suspects during Digital Forensics Investigation<h2 style="font-weight: bold;" class="post-title entry-title"> <span style="font-family: arial;">This is a bit unusual but a very effective way to recover encryption keys or password from a suspect. Does not matter what crime the person has done, Child Porn, Credit Card Theft, Financial Fraud or virtually anything online.<span style="font-weight: normal;">The fraudsters are becoming smart and use multiple ways to hide data and conceal tracks and sometimes it becomes difficult the recover encryption keys from the hard drive or RAM then what do you do ? Beat the shit out of the suspect and let him spit out the Encryption keys and Passwords. This method is very popular in India but not in other coutries like USA, UK,etc.</span></span><br /></h2><span style="font-weight: bold;">But it is a very effective solution, This was recently done by </span><a style="font-weight: bold;" href="news.cnet.com/8301-13739_3-10069776-46.html">Turkish Police</a><span style="font-weight: bold;"> and they got all the details from the suspect like encryption keys and passwords, Now the next step is just to get the data out and submit in the court of law. </span>Abhizhttp://www.blogger.com/profile/16736298656356071129noreply@blogger.com0tag:blogger.com,1999:blog-3065660161328240477.post-57764048635117562642008-10-31T11:12:00.000-07:002009-01-19T07:41:31.169-08:00Piratebay talk - How to dismantle a multi-billion dollar industry<span class="Apple-style-span" style="color: rgb(116, 114, 114); font-family: Arial; font-size: 13px; line-height: 20px; ">I was at HackInTheBox 2008 Conference and attended the talk from Piratebay guys and they talked about their experience about going to prison, fighting with cops, getting into legal problems and how people supported them so well.. I suggest you see this full video, it was awesome because they said screw you to everybody who came to bother them and they are up, running and growing so fast.</span><div><span class="Apple-style-span" style="color: rgb(116, 114, 114); font-family: Arial; font-size: 13px; line-height: 20px;"><br /></span></div><div><span class="Apple-style-span" style="color: rgb(116, 114, 114); font-family: Arial; font-size: 13px; line-height: 20px; "><span class="Apple-style-span" style="color: rgb(0, 0, 0); font-family: Tahoma; line-height: normal; white-space: pre; "><object id="bplayer" classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" width="320" height="276"><embed name="bplayer" src="http://bambuser.com/r/player.swf" type="application/x-shockwave-flash" flashvars="username=l33tdawg&context=external" width="320" height="276" allowfullscreen="true"></embed><param name="movie" value="http://bambuser.com/r/player.swf"></param><param name="flashvars" value="username=l33tdawg&context=external"></param><param name="allowfullscreen" value="true"></param></object></span><br /><br />Piratebay rocks!!!</span><div><span class="Apple-style-span" style="color: rgb(116, 114, 114); font-family: Arial; font-size: 13px; line-height: 20px;"><br /></span></div><div><span class="Apple-style-span" style="color: rgb(116, 114, 114); font-family: Arial; font-size: 13px; line-height: 20px;">-Abhiz</span></div></div>Abhizhttp://www.blogger.com/profile/16736298656356071129noreply@blogger.com0tag:blogger.com,1999:blog-3065660161328240477.post-48736489458677036732008-10-19T11:49:00.000-07:002009-01-19T07:41:31.187-08:00Seminar on privacy and data protection in Cyber Space<div xmlns='http://www.w3.org/1999/xhtml'>I attended the Seminar on Privacy Rights and Data protection in Cyber<br />Space yesterday at KLE Law College in Bangalore, The seminar was<br />organized by KILPAR and DSFI in association with KLE Society, Law<br />College, Bangalore.<br/><br/>The Seminar was about the new bill that is<br />going to be debated in the Indian Parliament about Privacy Rights and<br />Protection of Data. There were some really cool presentations on the<br />topic both technical as well as Law side. I gave a small presentation<br />about Privacy Incidents happening around in the real life and How<br />important it is to have a law that governs the rights of Indians. My<br />Presentation will be up at their website soon.<br/><br/>This was a<br />wonderful experience as even top lawyers were present to debate and<br />discuss their issues and points of conflicts in the current bill which<br />needs to be addressed. The great thing about this seminar was the<br />points of concerns being discussed will be forwarded to the government<br />which will help them to make appropriate amendments.<br/><br/>Oh yes, 17th October 2008 is also the Digital Society Day :)<br/><br/>-Abhiz<br/><p class='scribefire-powered'>Powered by <a href='http://www.scribefire.com/'>ScribeFire</a>.</p></div>Abhizhttp://www.blogger.com/profile/16736298656356071129noreply@blogger.com0tag:blogger.com,1999:blog-3065660161328240477.post-33442129923846071932008-10-19T11:48:00.000-07:002009-01-19T07:41:31.209-08:00Wireless Security still lacking in mumbai, Survey Report<div xmlns='http://www.w3.org/1999/xhtml'>Deloitte has done a <a href='http://www.indiainfoline.com/news/innernews.asp?storyId=81317'>survey of Wireless devices</a><br />in Mumbai and wow the results are still alarming for the law<br />enforcement agencies even after the shocking terror activities. People<br />are just not willing to secure their wireless devices with WEP or WPA.<br/><br/><span style='font-weight: bold;'>The key findings for the survey are:</span><br/>1) Of the 6729 wireless networks seen, 36% appeared to be unprotected i.e. without any encryption,<br/>2) 52% were using low level of protection i.e. Wired Equivalent Privacy (WEP) encryption.<br/>3) Balance 12% were using the more secure Wi-Fi Protected Access (WPA).<br/>4) This makes 88 % of the observed wireless networks relatively easy to compromise.<br/><br/>There<br />is a lot more to be done in mumbai because I remember going wardriving<br />around the city a few years back and got so many open wireless<br />connections that there was no need to buy internet connection at home<br />just sit in the car and do your stuff.<br/><br/>This is surely a<br />challenge for the law enforcement agencies, The ISP's should educate<br />users to secure their Wifi connections and there has to be a regular<br />audit from the ISP side to make sure the wireless devices in their<br />networks are using some sort of authentication. We can always argue<br />that even WEP can be cracked in a few hours and the same holds true for<br />WPA and WPA/2 which was recently cracked up to the speed boost of<br />10,000 times with the use of Nvidia Graphics card.<br/><br/>It is a<br />challenge to make all the wifi owners to fix their wireless devices but<br />with the proper help from ISP it should become easier but it is a task<br />government needs to take up.<br/><br/>-Abhiz<br/><p class='scribefire-powered'>Powered by <a href='http://www.scribefire.com/'>ScribeFire</a>.</p></div>Abhizhttp://www.blogger.com/profile/16736298656356071129noreply@blogger.com0tag:blogger.com,1999:blog-3065660161328240477.post-24598620368611794802008-10-19T11:44:00.000-07:002009-01-19T07:41:31.227-08:00AntiVirus, IDS's all are prone to False Positives - AVG, Dragon and Snort<div xmlns='http://www.w3.org/1999/xhtml'><font face='arial'>Today one of my machine with AVG Antivirus started to flash some popups<br />in quick succession and it was telling me that a few threats were<br />detected while they are trying to execute. it was Zone Alarm firewall<br />starting up during windows boot.<br/><br/>I knew there should be an<br />update to fix it and updated my AVG signatures immediately and those<br />popups stopped and Zone Alarm started, so that machine was again<br />protected. But I didn't like a few things that happened, AVG completely<br />stopped zonealarm from running so during the time updated AV signatures<br />were downloaded and installed my machine was unprotected. Again ideally<br />Firewall should have a priority over antivirus but the other way is<br />happening and very important when AVG is not allowing zonealarm to<br />start it should stop internet but thats an overkill.<br/><br/><span style='font-weight: bold;'>More False Positives in IDS's</span><br/><br/>Writing<br />about AntiVirus false positives reminds me of IDS's which are one<br />biggest source of false positives. There is a larger problem with IDS<br />regarding False Positives, I have worked on multiple IDS's and SIM<br />products and it all the same.. everything is full of false positive.<br />for eq. Dragon IDS detects "uname" as a potential attack even when it<br />is running against a windows machine. Infact at one instace one of the<br />user was visiting wayn.com and orkut.com and just for the reason that<br />the developers of these websites used "uname" as username parameter in<br />the HTML that used to download when a user visits these two websites<br />and wow Dragon started to flash attack all over the place but it was<br />just a browsing activity.<br/><br/>I have worked on Multiple ID's and<br />Dragon is one IDS which I never want to work with, there is so much<br />tweaking to be done to supress false positives. Enterasys Dragon needs<br />to improve alot. Maybe till then you can try opensource snort or better<br />off SourceFire which has cool RNA and Defense Centre.<br/><br/>-Abhiz<br/></font><p class='scribefire-powered'>Powered by <a href='http://www.scribefire.com/'>ScribeFire</a>.</p></div>Abhizhttp://www.blogger.com/profile/16736298656356071129noreply@blogger.com0tag:blogger.com,1999:blog-3065660161328240477.post-56132894885218741732008-10-19T11:41:00.000-07:002009-01-19T07:41:31.247-08:00PAPER on Threat Modeling<div xmlns='http://www.w3.org/1999/xhtml'>Adam Shostack from Microsoft has written a very good paper on <a href='http://blogs.msdn.com/sdl/attachment/8991806.ashx'>threat modeling. </a><br/><br/>This paper is written in context of the Security Development Lifecycle used and developed by microsoft<br/><br/>-Abhiz<br/><p class='scribefire-powered'>Powered by <a href='http://www.scribefire.com/'>ScribeFire</a>.</p></div>Abhizhttp://www.blogger.com/profile/16736298656356071129noreply@blogger.com0tag:blogger.com,1999:blog-3065660161328240477.post-20444444504671523792008-10-11T06:27:00.009-07:002009-01-19T07:41:30.606-08:00Malware protection over the Cloud by McAfeeOver the Cloud Malware scanning is first from a security company, the credit goes to McAfee, They have been pushing quite hard to get to the top position in the security space and I am pretty much sure they are the first ones to get malware detection over the cloud.<br /><br />They talked about the over the cloud malware detection a few months back but wow they have delivered it, its out there now.<br /><br />The Project is named Artemis.<br /><br />“One of the things Artemis provides to researchers is very clear telemetry on active malware campaigns, and I want to share a few interesting examples. All the “measles maps” below show a one-day period and were all taken at the same time earlier today.”<br />Some other trivia details about Artemis:<br /><br /> * Queries are not sent for every file, just the suspicious ones.<br /> * It will probably be invisible in the consumer products. (It’s a special driver.)<br /> * A query and a response is around 340 bytes.<br /> * It’s checksum/fingerprint independent, too.<br /> * Actionable responses are cryptographically strong.<br /> * Telemetry can be used to prioritize sample processing.<br /> * Today Artemis should gain about 1.5 million new users.<br /><br />You can find the blog posting McAfee Security Insights blog and Project Artemis can be found here.<br /><br />-AbhizAbhizhttp://www.blogger.com/profile/16736298656356071129noreply@blogger.com0tag:blogger.com,1999:blog-3065660161328240477.post-75070141506155752752008-10-11T06:27:00.008-07:002009-01-19T07:41:27.150-08:00Malware protection over the Cloud by McAfeeOver the Cloud Malware scanning is first from a security company, the credit goes to McAfee, They have been pushing quite hard to get to the top position in the security space and I am pretty much sure they are the first ones to get malware detection over the cloud.<br /><br />They talked about the over the cloud malware detection a few months back but wow they have delivered it, its out there now.<br /><br />The Project is named Artemis.<br /><br />“One of the things Artemis provides to researchers is very clear telemetry on active malware campaigns, and I want to share a few interesting examples. All the “measles maps” below show a one-day period and were all taken at the same time earlier today.”<br />Some other trivia details about Artemis:<br /><br /> * Queries are not sent for every file, just the suspicious ones.<br /> * It will probably be invisible in the consumer products. (It’s a special driver.)<br /> * A query and a response is around 340 bytes.<br /> * It’s checksum/fingerprint independent, too.<br /> * Actionable responses are cryptographically strong.<br /> * Telemetry can be used to prioritize sample processing.<br /> * Today Artemis should gain about 1.5 million new users.<br /><br />You can find the blog posting McAfee Security Insights blog and Project Artemis can be found here.<br /><br />-AbhizAbhizhttp://www.blogger.com/profile/16736298656356071129noreply@blogger.com0tag:blogger.com,1999:blog-3065660161328240477.post-66058518891956113462008-10-11T06:27:00.007-07:002009-01-19T07:41:22.785-08:00Malware protection over the Cloud by McAfeeOver the Cloud Malware scanning is first from a security company, the credit goes to McAfee, They have been pushing quite hard to get to the top position in the security space and I am pretty much sure they are the first ones to get malware detection over the cloud.<br /><br />They talked about the over the cloud malware detection a few months back but wow they have delivered it, its out there now.<br /><br />The Project is named Artemis.<br /><br />“One of the things Artemis provides to researchers is very clear telemetry on active malware campaigns, and I want to share a few interesting examples. All the “measles maps” below show a one-day period and were all taken at the same time earlier today.”<br />Some other trivia details about Artemis:<br /><br /> * Queries are not sent for every file, just the suspicious ones.<br /> * It will probably be invisible in the consumer products. (It’s a special driver.)<br /> * A query and a response is around 340 bytes.<br /> * It’s checksum/fingerprint independent, too.<br /> * Actionable responses are cryptographically strong.<br /> * Telemetry can be used to prioritize sample processing.<br /> * Today Artemis should gain about 1.5 million new users.<br /><br />You can find the blog posting McAfee Security Insights blog and Project Artemis can be found here.<br /><br />-AbhizAbhizhttp://www.blogger.com/profile/16736298656356071129noreply@blogger.com0tag:blogger.com,1999:blog-3065660161328240477.post-39812962794893270252008-10-11T06:27:00.006-07:002009-01-19T07:41:19.588-08:00Malware protection over the Cloud by McAfeeOver the Cloud Malware scanning is first from a security company, the credit goes to McAfee, They have been pushing quite hard to get to the top position in the security space and I am pretty much sure they are the first ones to get malware detection over the cloud.<br /><br />They talked about the over the cloud malware detection a few months back but wow they have delivered it, its out there now.<br /><br />The Project is named Artemis.<br /><br />“One of the things Artemis provides to researchers is very clear telemetry on active malware campaigns, and I want to share a few interesting examples. All the “measles maps” below show a one-day period and were all taken at the same time earlier today.”<br />Some other trivia details about Artemis:<br /><br /> * Queries are not sent for every file, just the suspicious ones.<br /> * It will probably be invisible in the consumer products. (It’s a special driver.)<br /> * A query and a response is around 340 bytes.<br /> * It’s checksum/fingerprint independent, too.<br /> * Actionable responses are cryptographically strong.<br /> * Telemetry can be used to prioritize sample processing.<br /> * Today Artemis should gain about 1.5 million new users.<br /><br />You can find the blog posting McAfee Security Insights blog and Project Artemis can be found here.<br /><br />-AbhizAbhizhttp://www.blogger.com/profile/16736298656356071129noreply@blogger.com0tag:blogger.com,1999:blog-3065660161328240477.post-61990330417859436712008-10-11T06:27:00.005-07:002009-01-19T07:41:16.250-08:00Malware protection over the Cloud by McAfeeOver the Cloud Malware scanning is first from a security company, the credit goes to McAfee, They have been pushing quite hard to get to the top position in the security space and I am pretty much sure they are the first ones to get malware detection over the cloud.<br /><br />They talked about the over the cloud malware detection a few months back but wow they have delivered it, its out there now.<br /><br />The Project is named Artemis.<br /><br />“One of the things Artemis provides to researchers is very clear telemetry on active malware campaigns, and I want to share a few interesting examples. All the “measles maps” below show a one-day period and were all taken at the same time earlier today.”<br />Some other trivia details about Artemis:<br /><br /> * Queries are not sent for every file, just the suspicious ones.<br /> * It will probably be invisible in the consumer products. (It’s a special driver.)<br /> * A query and a response is around 340 bytes.<br /> * It’s checksum/fingerprint independent, too.<br /> * Actionable responses are cryptographically strong.<br /> * Telemetry can be used to prioritize sample processing.<br /> * Today Artemis should gain about 1.5 million new users.<br /><br />You can find the blog posting McAfee Security Insights blog and Project Artemis can be found here.<br /><br />-AbhizAbhizhttp://www.blogger.com/profile/16736298656356071129noreply@blogger.com0tag:blogger.com,1999:blog-3065660161328240477.post-29391852722469487312008-10-11T06:27:00.004-07:002009-01-19T07:41:13.334-08:00Malware protection over the Cloud by McAfeeOver the Cloud Malware scanning is first from a security company, the credit goes to McAfee, They have been pushing quite hard to get to the top position in the security space and I am pretty much sure they are the first ones to get malware detection over the cloud.<br /><br />They talked about the over the cloud malware detection a few months back but wow they have delivered it, its out there now.<br /><br />The Project is named Artemis.<br /><br />“One of the things Artemis provides to researchers is very clear telemetry on active malware campaigns, and I want to share a few interesting examples. All the “measles maps” below show a one-day period and were all taken at the same time earlier today.”<br />Some other trivia details about Artemis:<br /><br /> * Queries are not sent for every file, just the suspicious ones.<br /> * It will probably be invisible in the consumer products. (It’s a special driver.)<br /> * A query and a response is around 340 bytes.<br /> * It’s checksum/fingerprint independent, too.<br /> * Actionable responses are cryptographically strong.<br /> * Telemetry can be used to prioritize sample processing.<br /> * Today Artemis should gain about 1.5 million new users.<br /><br />You can find the blog posting McAfee Security Insights blog and Project Artemis can be found here.<br /><br />-AbhizAbhizhttp://www.blogger.com/profile/16736298656356071129noreply@blogger.com0tag:blogger.com,1999:blog-3065660161328240477.post-60571927168020671692008-10-11T06:27:00.003-07:002009-01-19T07:41:09.546-08:00Malware protection over the Cloud by McAfeeOver the Cloud Malware scanning is first from a security company, the credit goes to McAfee, They have been pushing quite hard to get to the top position in the security space and I am pretty much sure they are the first ones to get malware detection over the cloud.<br /><br />They talked about the over the cloud malware detection a few months back but wow they have delivered it, its out there now.<br /><br />The Project is named Artemis.<br /><br />“One of the things Artemis provides to researchers is very clear telemetry on active malware campaigns, and I want to share a few interesting examples. All the “measles maps” below show a one-day period and were all taken at the same time earlier today.”<br />Some other trivia details about Artemis:<br /><br /> * Queries are not sent for every file, just the suspicious ones.<br /> * It will probably be invisible in the consumer products. (It’s a special driver.)<br /> * A query and a response is around 340 bytes.<br /> * It’s checksum/fingerprint independent, too.<br /> * Actionable responses are cryptographically strong.<br /> * Telemetry can be used to prioritize sample processing.<br /> * Today Artemis should gain about 1.5 million new users.<br /><br />You can find the blog posting McAfee Security Insights blog and Project Artemis can be found here.<br /><br />-AbhizAbhizhttp://www.blogger.com/profile/16736298656356071129noreply@blogger.com0tag:blogger.com,1999:blog-3065660161328240477.post-64177451346914709852008-10-11T06:27:00.002-07:002009-01-19T07:41:07.012-08:00Malware protection over the Cloud by McAfeeOver the Cloud Malware scanning is first from a security company, the credit goes to McAfee, They have been pushing quite hard to get to the top position in the security space and I am pretty much sure they are the first ones to get malware detection over the cloud.<br /><br />They talked about the over the cloud malware detection a few months back but wow they have delivered it, its out there now.<br /><br />The Project is named Artemis.<br /><br />“One of the things Artemis provides to researchers is very clear telemetry on active malware campaigns, and I want to share a few interesting examples. All the “measles maps” below show a one-day period and were all taken at the same time earlier today.”<br />Some other trivia details about Artemis:<br /><br /> * Queries are not sent for every file, just the suspicious ones.<br /> * It will probably be invisible in the consumer products. (It’s a special driver.)<br /> * A query and a response is around 340 bytes.<br /> * It’s checksum/fingerprint independent, too.<br /> * Actionable responses are cryptographically strong.<br /> * Telemetry can be used to prioritize sample processing.<br /> * Today Artemis should gain about 1.5 million new users.<br /><br />You can find the blog posting McAfee Security Insights blog and Project Artemis can be found here.<br /><br />-AbhizAbhizhttp://www.blogger.com/profile/16736298656356071129noreply@blogger.com0tag:blogger.com,1999:blog-3065660161328240477.post-46653087406454840502008-10-11T06:27:00.001-07:002009-01-19T07:41:04.636-08:00Malware protection over the Cloud by McAfeeOver the Cloud Malware scanning is first from a security company, the credit goes to McAfee, They have been pushing quite hard to get to the top position in the security space and I am pretty much sure they are the first ones to get malware detection over the cloud.<br /><br />They talked about the over the cloud malware detection a few months back but wow they have delivered it, its out there now.<br /><br />The Project is named Artemis.<br /><br />“One of the things Artemis provides to researchers is very clear telemetry on active malware campaigns, and I want to share a few interesting examples. All the “measles maps” below show a one-day period and were all taken at the same time earlier today.”<br />Some other trivia details about Artemis:<br /><br /> * Queries are not sent for every file, just the suspicious ones.<br /> * It will probably be invisible in the consumer products. (It’s a special driver.)<br /> * A query and a response is around 340 bytes.<br /> * It’s checksum/fingerprint independent, too.<br /> * Actionable responses are cryptographically strong.<br /> * Telemetry can be used to prioritize sample processing.<br /> * Today Artemis should gain about 1.5 million new users.<br /><br />You can find the blog posting McAfee Security Insights blog and Project Artemis can be found here.<br /><br />-AbhizAbhizhttp://www.blogger.com/profile/16736298656356071129noreply@blogger.com0tag:blogger.com,1999:blog-3065660161328240477.post-38375093800413342752008-10-11T06:27:00.000-07:002009-01-19T07:41:02.435-08:00Malware protection over the Cloud by McAfeeOver the Cloud Malware scanning is first from a security company, the credit goes to McAfee, They have been pushing quite hard to get to the top position in the security space and I am pretty much sure they are the first ones to get malware detection over the cloud.<br /><br />They talked about the over the cloud malware detection a few months back but wow they have delivered it, its out there now.<br /><br />The Project is named Artemis.<br /><br />“One of the things Artemis provides to researchers is very clear telemetry on active malware campaigns, and I want to share a few interesting examples. All the “measles maps” below show a one-day period and were all taken at the same time earlier today.”<br />Some other trivia details about Artemis:<br /><br /> * Queries are not sent for every file, just the suspicious ones.<br /> * It will probably be invisible in the consumer products. (It’s a special driver.)<br /> * A query and a response is around 340 bytes.<br /> * It’s checksum/fingerprint independent, too.<br /> * Actionable responses are cryptographically strong.<br /> * Telemetry can be used to prioritize sample processing.<br /> * Today Artemis should gain about 1.5 million new users.<br /><br />You can find the blog posting McAfee Security Insights blog and Project Artemis can be found here.<br /><br />-AbhizAbhizhttp://www.blogger.com/profile/16736298656356071129noreply@blogger.com0tag:blogger.com,1999:blog-3065660161328240477.post-34568646673497832892008-10-07T09:29:00.000-07:002009-01-19T07:41:31.268-08:00Ganguly Announced Retirement<div xmlns='http://www.w3.org/1999/xhtml'><span style='border-collapse: separate; color: rgb(37, 37, 37); font-family: arial; font-size: 12px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: 2; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px;' class='Apple-style-span'><p><font face='Arial' size='2'>This was a decision everyone knew was coming, but no one expected it to come when it eventually did.</font></p><p><font face='Arial' size='2'>Sourav Ganguly<span class='Apple-converted-space'> </span><font style='font-family: verdana; font-size: 10px; color: rgb(117, 117, 119);'>[</font><a style='text-decoration: none;' target='_new' href='http://search.rediff.com/imgsrch/default.php?MT=sourav%20ganguly'><font style='font-family: verdana; font-size: 10px;'>Images</font></a><font style='font-family: verdana; font-size: 10px; color: rgb(117, 117, 119);'>]</font><span class='Apple-converted-space'> </span>sent shockwaves throughout the country when he announced his decision to call it quits after the upcoming four-Test series against Australia<font style='font-family: verdana; font-size: 10px; color: rgb(117, 117, 119);'>[</font><a style='text-decoration: none;' target='_new' href='http://search.rediff.com/imgsrch/default.php?MT=australia'><font style='font-family: verdana; font-size: 10px;'>Images</font></a><font style='font-family: verdana; font-size: 10px; color: rgb(117, 117, 119);'>]</font>.</font></p><p><font face='Arial' size='2'>The decision, which comes just two days ahead of the high-profile series against Australia, beginning on Thursday, caught everyone by surprise.</font></p><ul><li><a style='text-decoration: none;' href='http://www.rediff.com/cricket/2008/oct/03stats.htm' class=''><strong><font face='Arial' size='2'>Ganguly has poor record against Australia</font></strong></a></li></ul><p><font face='Arial' size='2'>"This is going to be my last series, I have decided to quit," he told reporters in Bangalore on Thursday.</font></p><p><font face='Arial' size='2'>"I have told my team mates before coming here that this four-Test series would be my last. I thank everyone for the support they have given me. I hope I will end my career on a winning note," the former India captain added.</font></p><ul><li><a style='text-decoration: none;' href='http://www.rediff.com/cricket/2008/sep/09stats.htm' class=''><strong><font face='Arial' size='2'>Ganguly best, but no place in Rest</font></strong></a></li></ul><p><font face='Arial' size='2'>Ganguly was a surprise inclusion in the squad for the Australia series after being left out of the Rest of India team for the Irani Trophy match against Delhi<span class='Apple-converted-space'> </span><font style='font-family: verdana; font-size: 10px; color: rgb(117, 117, 119);'>[</font><a style='text-decoration: none;' target='_new' href='http://search.rediff.com/imgsrch/default.php?MT=delhi'><font style='font-family: verdana; font-size: 10px;'>Images</font></a><font style='font-family: verdana; font-size: 10px; color: rgb(117, 117, 119);'>]</font>.</font></p><p><font face='Arial' size='2'>"Honestly, I didn't expect to be picked for this series," said the left-hand batsman, who aggregated less than 100 runs in the recent series against Sri Lanka<span class='Apple-converted-space'> </span><font style='font-family: verdana; font-size: 10px; color: rgb(117, 117, 119);'>[</font><a style='text-decoration: none;' target='_new' href='http://search.rediff.com/imgsrch/default.php?MT=sri%20lanka'><font style='font-family: verdana; font-size: 10px;'>Images</font></a><font style='font-family: verdana; font-size: 10px; color: rgb(117, 117, 119);'>]</font>.</font></p><p><font face='Arial' size='2'>The 36-year-old Bengal stalwart, who staged a spectacular entry into Tests with a debut ton at Lord's in 1996, made a storming return to the five-day game in South Africa<span class='Apple-converted-space'> </span><font style='font-family: verdana; font-size: 10px; color: rgb(117, 117, 119);'>[</font><a style='text-decoration: none;' target='_new' href='http://search.rediff.com/imgsrch/default.php?MT=south%20africa'><font style='font-family: verdana; font-size: 10px;'>Images</font></a><font style='font-family: verdana; font-size: 10px; color: rgb(117, 117, 119);'>]</font><span class='Apple-converted-space'> </span>in late 2006 after losing his place earlier that year.</font></p><p><font face='Arial' size='2'>He amassed over 1100 runs, with 239 his career-best score against Pakistan in Bangalore in late 2007, at a fantastic average of 61.44 last year, which compares very favourably with his career average of 41.74 in 109 Tests.</font></p><p><font face='Arial' size='2'>He was unable to maintain that high in the current year, though he came up with important knocks, like the 87 against the visiting South Africans at Kanpur, that helped India level the three-Test rubber in April.</font></p><p><font face='Arial' size='2'>This, however, was followed by his poor run in Sri Lanka, where his best score was 35 in six innings.</font></p><p><font face='Arial' size='2'>Ganguly is among the few Indians who have played over 100 Tests but has a poor record against Australia, especially at home, where he averages only 27.35 in nine matches, with a best innings of 66</font></p></span>-Abhiz<br/><p class='scribefire-powered'>Powered by <a href='http://www.scribefire.com/'>ScribeFire</a>.</p></div>Abhizhttp://www.blogger.com/profile/16736298656356071129noreply@blogger.com0tag:blogger.com,1999:blog-3065660161328240477.post-70146350393259724712008-10-04T11:07:00.000-07:002009-01-19T07:41:31.285-08:00Diapose your old IT equipments properly<div xmlns='http://www.w3.org/1999/xhtml'>Check out ebay and there are lots of old Firewalls and other hardware<br />waiting to be sold. We have seen in the past when old second hand hard<br />drives were bought on ebay and then data recovery was performed which<br />did land up giving up a lot of juicy information and many a times<br />government details were found which was very critical and did raise<br />data privacy concerns but this same ebay experiment was performed on<br />other hardware device which was a Cisco VPN box and guess what ? The<br />device was configured to connect back directly to the previous owners<br />VPN device without any authentication. the previous owner was none<br />other than Kirklees council. The new owner had complete access to the<br />Kirklees Council network which is a big threat concerning the data they<br />would have stored on file servers.<br/><br/>So friends please make it a<br />habit to shred the data, wipe disks according to DoD standards and<br />reset other devices to default configuration so that such blunders<br />don't happen with your company.<br/><br/>Read the <a href='http://news.bbc.co.uk/2/hi/technology/7635622.stm'>story here</a><br/><br/>-Abhiz<br/><p class='scribefire-powered'>Powered by <a href='http://www.scribefire.com/'>ScribeFire</a>.</p></div>Abhizhttp://www.blogger.com/profile/16736298656356071129noreply@blogger.com0tag:blogger.com,1999:blog-3065660161328240477.post-53383140711283908442008-10-04T11:06:00.000-07:002009-01-19T07:41:31.313-08:00Phishing Protection in GMail - Red Warning Google<div xmlns='http://www.w3.org/1999/xhtml'>Spam and Phishing attempts can be found in abundance on the internet<br/>and here I got one from alert@google.com which originally seems to be<br/>coming from 193.67.82.17 IP and the hostname of this IP is veronica and<br/>the username is anupam.<br/><br/>So this guy anupam@veronica is an Indian Spammer but anyways the interesting things about the email are :<br/><br/>1) The email was in my spam folder - Good spam detection<br/>2) Phishing attempted detected - SPF is working for me and Google<br/>3) Red Warning label to make me aware that it is a phishing attempt. - New and Nice feature<br/><br/>The<br/>red warning does not show up when you receive a spam email but it shows<br/>up when an email is being forged and to enable the check your domain<br/>must have SPF checking enabled. You can look at my previous post on how<br/>to enable SPF for Google Apps.<br/><br/>You can see the screenshot of the new red warning phishing notification from Google.<br/><br/>It is not of great help to the geeks but of course for the normal human beings it is definitely a good feature.<br/><br/><a href='http://3.bp.blogspot.com/_WBx9s8CXdeA/SNkwy35ooEI/AAAAAAAAAqM/EyPgNP5i6YQ/s1600-h/Google+adwords+phishing.jpg' onblur='try {parent.deselectBloggerImageGracefully();} catch(e) {}'><img border='0' id='BLOGGER_PHOTO_ID_5249280491234304066' alt='' src='http://3.bp.blogspot.com/_WBx9s8CXdeA/SNkwy35ooEI/AAAAAAAAAqM/EyPgNP5i6YQ/s400/Google+adwords+phishing.jpg' style='margin: 0px auto 10px; display: block; text-align: center; cursor: pointer;'/></a><p class='scribefire-powered'>Powered by <a href='http://www.scribefire.com/'>ScribeFire</a>.</p></div>Abhizhttp://www.blogger.com/profile/16736298656356071129noreply@blogger.com0