<$BlogDateHeaderDate$>
Is someone listening in on your calls?
| Do you believe your phone line is secure? Do you believe that no one is listening in on your calls? Do you think that your phone's data, all of your contacts, messages, and photos are safe and that your internet browsing is secure? If you do, maybe you should think again. In a Middle East first, a globally acknowledged security expert will be speaking at the region's only dedicated network security conference, HITBSecConf, about how GSM encryption can be cracked in as little as 30 seconds using technology widely available today, or in 30 minutes through the use of equipment worth only $1,000. Presented by renowned network security specialist and privacy advocate Skyper, the audience will be treated to a unique look at how the security, technology, and protocols of a GSM network operate. Skyper will also detail how to build a GSM scanner for less that $1000, as well as future threats to tomorrow's GSM networks. |
MEA servers hacked, China hand suspected
| The computer network within the Ministry of External Affairs has been broken into, allegedly by Chinese hackers, government sources told Hindustan Times on Thursday. India’s relations with China are delicately poised with the Tibet issue gaining centre-stage internationally, but the alleged hacking predates the current crisis, the sources added. Officially, the MEA refused to either deny or confirm the reports. The hackers broke into MEA’s internal communications network, possibly accessing e-mails through which officials communicate policy and decisions across the ministry’s offices in India and in our foreign missions. |
Bahrain ministry servers hacked
| Hackers have been targeting the servers of the computer network of the external affairs ministry from time to time, but there has been no breach of classified information, official sources said yesterday. The government has traced a recent hacking of the ministry’s computer network to some Chinese IP addresses, but is not sure about the antecedents of hackers or whether they have any links with the Chinese government, the source here said. “There is nothing new in it. It’s been going on for the last five years, but as the government has put safeguards in place no sensitive information has leaked out,” the source added. “Not all of the hackers are Chinese. Some IP addresses were also traced to Americans and Europeans,” he said. The ministry routinely conducts audit of the safety of its computer network to prevent hackers from succeeding. |
Students hack into school computer system in western New York
| Authorities say several current and former students broke into a school districtÂ’s computer system in western New York last month and copied secure files that included the personal information of employees. The computer breach by Williamsville North High School students marks the third incident in the past month. Students in the Grand Island and West Seneca districts have been charged with unauthorized computer use. Amherst Police Chief John Askey tells the Buffalo News that students overrode the security defenses of a classroom computer at Williamsville North and went trolling for information. |
China hackers breach foreign office
| The foreign ministry’s computer networks have been broken into and telltale tracks are pointing to the hand of Chinese hackers. Government sources said the “worrisome security breaches” uncovered during an audit last month had shown that the prime targets were systems of officials handling sensitive communication from Indian missions abroad. The hackers may already have accessed mission plans and policy-related exchanges, the sources cautioned. “More than anything else, what should ring in caution is that there have been breaches, including of some government sites maintained by the National Informatics Centre, in the recent past,” a source said. |
RSA conference shown how web page can take over your router
| Security researchers will demonstrate how a web page can be armed to take control of network routers at today's RSA security conference. Researcher Dan Kaminsky will show how browser flaws can be used to get hackers past corporate firewalls by compromising the Internet's Domain Name System (DNS). At the root of web security is the same origin policy - where web pages run within a sandbox and are prevented from infecting other web pages. This allows most network equipment to communicate with each other only if they come from the same host name. "But one name can be mapped via DNS to many IP addresses, some local and others not. The effect? You come to my webpage, and I can establish a VPN onto your LAN. And that's only the beginning," said Kaminsky. |
The wisdom of white hats
| When cops come up with a brilliant plan to catch more criminals, you can bet your last dollar that some criminals have already figured a way around it. Enterprise security is not that very different. Consider this. Recently researchers unearthed what could be the biggest botnet ever. The core software, called Kraken, is believed to have infected 400,000 machines already and this number is set to rise to 600,000 in the next two weeks. With a code that morphs, Kraken has managed to evade conventional security systems - such as IDSs, IPSs and firewalls - and infected machines in nearly 50 of Fortune 500 companies. What's scarier is that, according to initial estimates, only around 20% of anti-virus programs have been able to detect it. |
Romanian hackers attempted to fool thousands of managers of US financial institutions
| Some 20,000 key-employees of American financial institutions received on Monday morning e-mails sent by a group of Romanians who attempted to find out confidential data that might have been used to obtain financial benefits, Washington Post reads. The newspaper notes that this attack was different due to the large number of people who took the bait. The messages addressed each executive by name, and included their phone number and the name of their company. "Recipients who clicked the link were brought to a Web page that claimed they needed to install a Web browser add-on in order to view the subpoena. Those who agreed were shown an Adobe PDF document that referenced a lawsuit filed in a California district court.
|
Get Your Mac Clone While You Can
| There's a scene late in the film GoodFellas where a young would-be wiseguy named Spider (Michael Imperioli) tells off the violent gangster Tommy DeVito (Joe Pesci), earning him a round of "ooooooo" reactions from the assembled poker players for showing some nerve, only to end up with a half dozen bullets in him a second later. Psystar, Spider. Spider, Psystar. (try saying that out loud) Psystar looks like your average PC hardware reseller, except it also has the brass to sell white box PCs with Mac OS X installed under the Open Computing and OpenPro brand names. They were originally calling the PCs "OpenMac" but changed the name. |
Ideas bank in the making
| The Government wants an institution dedicated to the generation of ideas and products in the areas of science and technology. Minister of Science, Technology and Innovation (Mosti) Datuk Maximus Ongkili said a working group has been set up to establish the National Innovation Foundation. The foundation could also supplement the Government’s efforts to bridge the “digital divide” with help from the private sector. Cultivating an interest in technology among Malaysians will help bridge the divide – that separation between the technology haves and have-nots – in this nation, he said last week.
|
HOW
How it works
|
iPhone DoS attack vulnerability exposed
| A security firm has recently discovered a DoS (Denial of Service) vulnerability in the iPhone’s latest firmware- 1.1.4. The firm, Radware, reports that the iPhone is vulnerable to such attacks because of a design flaw that are caused by a repetition of memory allocation operations in the OS’s dynamic memory pool. Itzik Kotler, security operation center manager at Radware, explained, “While vendors are struggling to push new products and applications, it is evident that security still remains a secondary concern. Hackers continue to misappropriate other people’s software and their job is made easier by design flaws embedded into software products.” (HITB) |