Date: Mon, 10 May 2010 15:21:09 +0530
From: sysman01@mtnl.net.in
Subject: [CCCNews] CCCNews Newsletter - dated 2010 May 10
To: sysman01@mtnl.net.in
May 10, 2010
Editor - Rakesh Goyal (rakesh@sysman.in)
In today's Edition - (This is a news-letter and not a SPAM)
HACKED : Indian Army officer's computer hacked
ARREST : Army Colonel held in Mumbai for uploading child porn
TREND : Complex IM Worm Infects Yahoo! Messenger and Skype Users
NIGHTMARE : 'I live in a world of nightmares,' - French Cyber Expert
IT Term of the day
Quote of the day
* Direct Circulation in 4 Google groups (control-computer-crimes@googlegroups.com and IT-Sec-NSE@googlegroups.com) and 2 more groups
--
You received this message because you are subscribed to the Google Groups "control-computer-crimes" group.
To post to this group, send email to control-computer-crimes@googlegroups.com.
To unsubscribe from this group, send email to control-computer-crimes+unsubscribe@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/control-computer-crimes?hl=en.
--Forwarded Message Attachment--
IT and Related Security News Update from
Centre for Research and Prevention of Computer Crimes, India
Courtesy - Sysman Computers Private Limited, Mumbai (www.sysman.in)
May 10, 2010
Today�s edition ��
HACKED : Indian Army officer's computer hacked
ARREST : Army Colonel held in Mumbai for uploading child porn
TREND : Complex IM Worm Infects Yahoo! Messenger and Skype Users
NIGHTMARE : �I live in a world of nightmares,� - French Cyber Expert
(Click on heading above to jump to related item. Click on �Top� to be back here)
HACKED : Indian Army officer's computer hacked
Press Trust Of India
May 07, 2010
http://ibnlive.in.com/news/army-officers-computer-hacked-govt/114782-3.html?from=tn
New Delhi: An Army investigation has found that the information e-mailed from a Major�s computer was a case of "cyber security breach" and not espionage, said Defence Minister A K Antony on Friday.
"It is a case of alleged misuse of computer by an officer of the Army. The moment we got information, the government took action and we ordered an inquiry. The Army itself ordered the inquiry, which is still going on," he said in New Delhi.
"One thing is clear, established (that) there is a clear case of breach of cyber security. That is proven beyond doubt."
Antony was replying to questions about the investigation against the officer, who is posted in Andaman and Nicobar Islands and from whose computer critical information was allegedly e-mailed to a Pakistani agent.
Noting that the officer was questioned by the Army and security agencies, Antony said nothing else has been proved so far. "They have not got any proof (on espionage)," he said.
Hacking was a "serious problem" and there were many complaints that computers containing sensitive information in various organisations had been hacked.
"After that, the government as a whole and the Defence Ministry in particular has taken sufficient precautionary steps to prevent this kind of misuse and hacking," he said.
ARREST : Army Colonel held in Mumbai for uploading child porn
Rediff news
May 07, 2010
http://news.rediff.com/report/2010/may/07/child-pornography-army-officer-arrested-in-mumbai.htm
A senior Army officer has been arrested for allegedly uploading obscene photographs and video clips involving children on the Internet, nearly two months after Interpol alerted Indian authorities about the matter.
Lt Colonel Jagmohan Balbir Singh (42), hailing from Punjab and posted in the city, was nabbed from his residence in South Mumbai on Thursday evening. He was on Friday produced before a local court, which remanded him in police custody till May 12, police said.
Singh, who was staying with his wife and two children, has been booked under Section 67 (B) (Punishment for publishing or transmitting of material depicting children in sexually explicit act, etc. in electronic form) of Information Technology Act, they said.
A computer and two hard disks containing hundreds of obscene photographs and video clips have been seized from him, Joint Police Commissioner (Crime) Himanshu Roy told PTI.
While looking for Internet-related offences, German police came across the obscene contents being uploaded on a child pornography site from Mumbai. They brought the issue before Interpol, which informed CBI in Delhi in March 2010, Roy said.
"CBI informed about it to us. We were working on this for the last four weeks and traced the Internet Protocol (IP) to Singh, who is working with the Army's Supply and Transport wing in Colaba, South Mumbai," Roy said.
"We are probing if Singh downloaded the objectionable contents from the Internet or obtained them from someone else. After getting the contents, he uploaded them on a foreign-based child pornography site. He confessed to have indulged in such act for a quite sometime now," he added.
"The children seen in the clips and photographs appear to be aged between three to nine years," Roy said.
Singh, associated with Army for the last 20 years, was posted here two years ago. "We have informed his bosses about the arrest," Roy said.
When Singh was produced in the court, his lawyer Milind Sawant argued that his client's custody was not required, as police had already seized the required evidence.
"Singh is a serving Army officer and a respectable man and would not abscond and fully cooperate with the police," Sawant said.
If the charges are proved, the Army officer may face imprisonment up to seven years and a fine up to Rs 10 lakh.
"Lt Colonel Jagmohan Singh is on study leave at Mumbai since June 2009. Details regarding his arrest are being ascertained from police authorities," Captain M Nambiar, PRO of Ministry of Defence, said.
"A bail application has been moved (in the court) so that the case can be dealt with by the Army authorities," he said.
TREND : Complex IM Worm Infects Yahoo! Messenger and Skype Users
Employs advanced social engineering
By Lucian Constantin, Security News Editor
May 7th, 2010
http://news.softpedia.com/news/Complex-IM-Worm-Infects-Yahoo-Messenger-and-Skype-Users-141588.shtml
Security researchers warn that a new worm is targeting instant messaging users. Spotted on Yahoo! Messenger (YM) and Skype, the attacks use sophisticated social engineering techniques to trick users into infecting themselves.
It certainly looks like IM worms are making a comeback on the threat landscape, as this is the second malware of this kind to emerge in under a week. Just this Monday, the online community was abuzz with news of a worm rapidly spreading through Yahoo! Messenger. The threat was so serious that BitDefender saw fit to release a standalone removal tool.
Security researchers from Vietnamese antivirus vendor Bkis are again amongst the first to report on the new attacks, which, this time, have extended beyond YM and affect Skype too. "Still using the method of inserting malicious URLs into chat windows like [their alias for the worm discovered earlier this week], however, social engineering skill of the Worm, this time, is much more sophisticated than the previous one," they warn.
The messages used to lure potential victims are more enticing and variate with each attack. "Does my new hair style look good? bad? Perfect? ;)" or "My printer is about to be thrown through a window if this pic won't come our right. You see anything wrong with it?" are just two examples. Also, the spammed image URLs end in actual .JPG and point to a RapidShare lookalike website called tinyfilehost.com.
Hitting the download button on the page prompts the download of an archive file called NewPhoto024.JPG.zip. Inside the archive, there is a .COM MS-DOS executable file deceptively called NewPhoto024.JPG_www.tinyfilehost.com, which installs a variant of a backdoor named Tofsee, Flot or Skyhoo, depending on antivirus vendor.
Bkis points out that while Skyhoo installs an IRC botnet client, just as Ymfocard, the new worm is much more complex. For one, it is able to block antivirus software from functioning properly and uses a rootkit component to hide itself. Moreover, it also adds malicious links to any Word and Excel document opened on the computer or any email composed in Outlook. It also infects removable USB drives and creates an autorun.inf file to execute itself.
YM and Skype users are advised to exercise increased caution when choosing to open links received from their friends and, as always, connect to the Internet with a capable and up-to-date antivirus product installed. At the time of writing this article, only 13 out of 41 AV engines on VirusTotal detect the .COM file as being infected.
NIGHTMARE : �I live in a world of nightmares,� - French Cyber Expert
by Michael Cheek
May 6, 2010
International cybersecurity experts recently discussed ways to promote international cooperation on cybersecurity issues at the Worldwide Cybersecurity Summit held in Texas. The experts also raised their concerns regarding the possibility of a catastrophic event that could cause significant damage to computer networks.
�I live in a world of nightmares,�� said Patrick Pailloux, director general of France�s Network and Information Security Agency. �My biggest nightmare is that we don�t have enough time to prepare us for the nightmares.�
�Each subject is a nightmare: electricity, power grids, transportation, airplanes, water supply, finance, the banking system, the health system,� Pailloux said.
Howard Schmidt, the current Cybersecurity Coordinator at the White House, said that his nightmare scenario would involve a loss of communications.
�You have some kind of a physical event � whether it�s a natural disaster, whether it�s a direct attack � and you somehow because of a cyber insecurity do not have an ability to communicate or direct emergency response,� Schmidt said. �As far as a single incident that could take place that�s probably the one I worry about the most.�
Melissa Hathaway, who led the Cyberspace Policy Review, believes that the energy sector in the U.S. is particularly vulnerable.
�The energy sector is really the Achilles heel of every nation and every business and every citizen,� Hathaway said.
New IT Term of the day
ESRB
Abbreviation for Entertainment Software Rating Board.
The Entertainment Software Rating Board (ESRB) is a self-regulatory body for the interactive entertainment software industry established in 1994 by the Entertainment Software Association (ESA). ESRB independently applies and enforces ratings, advertising guidelines, and online privacy principles adopted by the computer and video game industry. Since 1994 the ESRB has rated more than 10,000 games and 400 online games.
ESRB Rating Guide:
EC - Early Childhood have content that may be suitable for ages 3 and older. Contains no material that parents would find inappropriate.
T - Teen have content that may be suitable for persons ages 13 and older. May contain violent content, mild or strong language, and/or suggestive themes.
AO - Adults Only have content suitable only for adults. Titles in this category may include graphic depictions of sex and/or violence. Adult Only products are not intended for persons under the age of 18.
E - Everyone have content that may be suitable for persons ages 6 and older. Titles in this category may contain minimal violence, some comic mischief and/or mild language.
M - Mature have content that may be suitable for persons ages 17 and older. Titles in this category may contain mature sexual themes, more intense violence and/or strong language.
RP - Rating Pending have been submitted to the ESRB and are awaiting final rating.
Thou shalt not be a victim.
Thou shalt not be a perpetrator.
Above all, thou shalt not be a bystander
Holocaust Museum, Washington DC
Note -
- As a member of this group, you get useful information to protect yourself and your IT assets and processes from various Computer and Related Crimes.
- If you think that your other friends/colleagues/acquaintances/relatives/foes/enemies also needs this information, forward the mail to them and request them to send their e-mail addresses and names to us with subject as "Subscribe".
- If you or someone has become victim of Computer Crimes or has any query on prevention, you are welcome to write to us.
- If you are not interested in it and would like to unsubscribe - send a reply mail with subject as "Unsubscribe".
- Disclaimer - We have taken due care to research and present these news-items to you. Though we've spent a great deal of time researching these matters, some details may be wrong. If you use any of these items, you are using at your risk and cost. You are required to verify and validate before any usage. Most of these need expert help / assistance to use / implement. For any error or loss or liability due to what-so-ever reason, CRPCC and/or Sysman Computers (P) Ltd. and/or any associated person / entity will not be responsible.
The battle for the FIH Hockey World Cup Drag n' drop
No comments:
Post a Comment