IndianPad - Security

Class 4 Gurgaon student’s doodle to feature on Google

goutami — Sun, 15 Nov 2009 11:17:21 -0600

A Class 4 student of Gurgaon will have his doodle featured on Google all day Nov 14. This is the first time that a ‘made in India’ doodle will be featured on the popular search engine.

Beating a good 4,000 other competitors, Puru Pratap Singh’s doodle is based on the theme ‘My India – Full of Life’.

A Google doodle is a creative Google logo that appears on some special days, to commemorate scientific and artistic achievements, historic or seasonal events, and other local occasions.

1 Reason Why I Downgraded Firefox 3.5 To Firefox 3.0 On My Work PC

GopinathM — Tue, 27 Oct 2009 08:34:30 -0500

Couple of days ago I wrote about the five reason why we should download and install the latest version of Firefox, version 3.5. I upgraded browser on personal laptop to Firefox 3.5 and the browsing experience is more fun than ever.

As there is lot of value addition in the new version, I upgraded Firefox at work place too. All the fun with the new browser ended when I saw a flashing message showing Firebug plugin is not compatible with the new version of Firefox. I extensively use Firebug for web development and without that web development came to stand still. I was left with no option other than downgrading Firefox 3.5 to 3.0.

30000 GMail, Yahoo, Hotmail, AOL Accounts Compromised. Safe Guard Your Account Now

GopinathM — Sat, 10 Oct 2009 23:17:24 -0500

Yesterday there were reports that 10,000 + Hotmail accounts were compromised when the details of user name & passwords are published online. I was not concerned about the report as my Hotmail account is very less relevant to my everyday digital life.

Be one of the first to try Norton AntiVirus 2010

soujee — Fri, 21 Aug 2009 00:17:19 -0500

You can now download the Norton 2010 Beta and you qualify for a chance to win prizes. Its easy! You stand to win attractive prizes worth up to S$7,000 with the virus protection.

A new Secure Code is a must for online shopping

tarak — Mon, 10 Aug 2009 23:00:19 -0500

A recent directive by the Reserve Bank of India makes it mandatory to have an additional authentication passcode verified by Visa or MSC (Mastercard Secure Code). This is in addition to the other information already there on the credit card or debit card like name, card number, expiry date and CVV (card verification value) number to be effective from 1 August, 2009.
How do you get this new password ….

INS Arihant – India’s First Nuclear Powered Submarine

GopinathM — Sat, 01 Aug 2009 04:34:16 -0500

With the launch of INS Arihant nuclear submarine, India has joined the elite group of nations that are capable of building nuclear submarines – USA, Russia, France, China and the UK.

At Vishakapattanam dock yard, Prime Minister Manmohan Singh launched the submarine for sea trails and said…

ImageShack hacked, fixed!

tarak — Mon, 20 Jul 2009 11:51:17 -0500

Popular Image hosting and sharing website ImageShack was hacked by a group named ‘Anti-sec’ which replaces all ImageShack hosted images with a manifesto for the movement .
ImageShack is now hack free, fixed.

How To Access Blocked GMail From School or Office

GopinathM — Wed, 08 Apr 2009 02:17:23 -0500

Are you a GMail addict and tired of your office or school administration blocking access to GMail? Here is a guide with various tricks to unblock your favorite GMail and enjoy the full mail access at your organization.

Conficker Set to Strike: Protect Yourself with These Tips and Tools

goutami — Thu, 02 Apr 2009 08:00:25 -0500

Security watchdogs warn that millions could be affected by the Conficker worm tomorrow – unfortunately this is not in an April Fool’s Day joke. Over nine million PCs are already infected and a new variant of the virus could threaten those who didn’t patch their PCs with the latest security updates.

Symantec warns that on April 1st Conficker “will simply start taking more steps to protect itself.” After tomorrow, machines infected with the new “C strain” of Conficker may not be able to get security updates or patches from Microsoft and other security products vendors, says the company. Known also as Downadup or Kido, Conficker is a worm whose purpose security researchers couldn’t decipher yet.

How To Identify And Remove Conficker Virus From Your Computer

GopinathM — Wed, 01 Apr 2009 13:17:25 -0500

Conficker is one of the most dangerous virus threats that we have seen. Right now it is spreading to millions of computers across the globe and it is expected to explode on April 1st.
What harm this virus do?
Well if you ask “What harm does this virus do?”. There is no answer to this question. The bad guys who created this virus never triggered the switch of Conficker and it is just spreading to millions of PCs and sleeping. Don’t mistake that it is going to just sleep and keep quite. In fact the virus is waiting for the commands from it’s bosses and ready to do anything. Anything means?? – It may play a April fool prank, simply steal all your personal information, totally vanish all the files on your computers or anything that is possible to do by a computer software. It all depends on what commands are Conficker going to receive when it is trigger. That’s scary right?

Hackers in China infiltrate PCs of Dalai, Indian embassy

shayan4u123 — Mon, 30 Mar 2009 10:51:24 -0500

A vast cyber spy network controlled from China has infiltrated government and private computers in 103 countries, including those of Indian embassy in Washington and the Tibetan spiritual leader Dalai Lama, a media report said on Sunday.

A Great Reason for Using internet Explorer...

shayan4u123 — Sat, 28 Mar 2009 00:51:25 -0500

Some Great Reasons for Using internet Explorer… Internet Explorer is always best for Downloading Mozilla…
more…
http://dailylinked.blogspot.com/2009/03/great-reason-for-using-internet.html

Awesome Lamborghini Gallardo for traffic patrols by the Police

shayan4u123 — Fri, 20 Mar 2009 21:51:23 -0500

Doha in Dubai is one of the most richest cities in the world. Now, they have put their effort to control the traffic by the police. The rapid growing of Bad Speed Racers increased a lot Road crime over there, which was causing a huge problems to the Traffic Police, but the Government of Doha now had provided a Fastest Traffic Cops’ Cars and implemented an awesome Lamborghini Gallardo. I think, this could compete any type of cars of the criminals….
more…
http://dailylinked.blogspot.com/2009/03/awesome-lamborghini-gallardo-for.html

Latest malware attack spoofs Facebook page

goutami — Mon, 16 Mar 2009 03:34:23 -0500

A fake video malware attack is circulating under the guise of a Facebook message. Security firm Websense said that the attack spreads via emails posing as personal messages on Facebook, and uses the familiar ‘fake codec’ infection method.

The attack begins when the user is sent an email signed as a Facebook message with headlines such as ‘dancing girl drunk in the pub’ and ‘super beautiful girl dancing’. The email then offers a link which appears to be from Facebook.
Advertisement

On clicking the link, users are directed to a third-party site designed to look like Facebook. The page loads what appears to be a video of a woman dancing, and then attempts to download an executable file under the name ‘Adobe_Player11’.

F-Secure Joins the List of Compromised Antivirus Websites

goutami — Thu, 05 Mar 2009 23:17:24 -0600

fter previously compromising websites belonging or related to Kaspersky and Bitdefender, the Romanian hackers from the HackersBlog crew launched a new successful SQL injection attack against the website of an antivirus vendor. This time around, it was F-Secure, however, the security breach did not have the potential of disclosing sensitive information.

In a new post published on the HackersBlog, one of the website’s admins, Tocsixu, discloses a SQL injection attack against the statistics section of the website belonging to Finnish security company F-Secure. In addition to being vulnerable to SQL injection, the http://stats.f-secure.com website also allowed for code injection through cross-site scripting (XSS).

Successful poisoning of SQL SELECT statements through URL manipulation exposed the tables of what it looked like a Microsoft SQL Server 2000 database running on a Windows Server 2003 with Service Pack 2.

The compromised tables were: MailboxInfo, VirusUpdated, dtproperties, Country, sysconstraints, VirusTrends, Virus_Top50_24h, Virus_Top50_30days, Virus_Top50_7days, Virus_Top50_90days, Virus_Top50_Month, Virus_Top50_Week, VirusDateTotal, VirusDate, VirusMonthTotal, VirusReports, VirusReportsTemp, VirusTrends.

The 5 Dumbest & Deranged Home Booby Traps

digitalfever — Sun, 01 Mar 2009 09:51:23 -0600

In our modern civilized world we face the threat of intrusion, theft, and other predatory crimes. In some cases certain among us are inspired to respond with “clever” if deadly booby traps they’ve convinced themselves are fair and reasonable child’s play.

Brief History of Booby Traps

By definition a “booby trap” is “An explosive device designed to be triggered when an unsuspecting victim touches or disturbs a seemingly harmless object….” (Answers.com)

The Booby Trap Mentality

Today if you subscribe to the hard-core booby trap school of thought, most people think you’re a survivalist, an anti-government crusader (4) or just plain nuts for your off-kilter tactics that usually involve duct tape and a sawed off shotgun or some foolish fishing-line contraption and a homemade grenade.

Do home security booby traps work?

Check out the list below. Unfortunately the results seem to be that the truly effective booby traps often land their inventors in the news and in jail – certainly not at the top of any list for heroism.

DIY Home Security

DIY, or do-it-yourself home security kits and gadgets answer the innate urge to create, cobble, and otherwise mash-up your own defensive homebrew with the legal sting removed.

We’re in the high-tech, internet age which not only offers you endless gadgetry, but also puts you in touch with online handbooks, guides and video tutorials that lead you step-by-step through home security installations. And you’ll find legions of gear-heads more than willing to collaborate and share tips and tricks for ultra-cool home security systems that far outsmart the barbarian booby contraptions.

Avira Premium Security Suite 3 Months Free License

goutami — Tue, 24 Feb 2009 23:17:23 -0600

The new Avira Premium Security Suite protects you in a comprehensive way against the dangers from the Internet. It offers you numerous advantages from the Avira AntiVir Premium. In addition, the integrated firewall wards off attacks such as Dos attacks (Denial of Service attacks) or port scans.

How to use : Enter your Name, Email address and Country. The License will be sent to your Email address and this license will also work with Avira Antivir Premium.

5 handy tips when you are going to edit the Registry

soujee — Wed, 11 Feb 2009 20:17:22 -0600

You can edit windows Registry upto some extent without any professional traing or experience.
Editing the Windows Registry is done to improve your system’s performance, but making a mistake can destroy Windows OS . Here are five essential handy tips for keeping yourself anxiety-free—and for keeping your PC alive, while you are playing with the Registry.

New Technology Allows Police to Control Your Car with Text Messages

digitalfever — Sat, 24 Jan 2009 08:17:21 -0600

According to reports, the Home Office is currently trialing technology that could enable police to control stolen cars using text message.

Should it be deemed successful, police would have the power to stop cars remotely, providing an alternative to the use of more crude vehicle-capturing techniques such as stingers, and reducing the need for high speed car chases.

Protecting you PC using Windows built in features and software

GopinathM — Mon, 09 Feb 2009 04:51:23 -0600

Often we find our computers to be infected with virus and malware. We believe we need to buy and install expensive anti virus and internet security software programs. Yes, I do agree it’s a good way too. But it’s not feasible for everyone of us to buy and use these programs. We have some built in software programs within our windows operating system which would help us not to get infected in most of cases when we use the internet. This article will discuss in detail about them. if you have not done enabling these built in programs, do it, so that you can be safe (How much is safe always an argument).

Worst virus in years infects 6.5 mn computers

indianboy — Sun, 18 Jan 2009 11:17:20 -0600

A computer virus attack that has infected more than 6.5 million Windows PCs this week is one of the worst in years, internet security firm F-Secure said on Friday.

In total the worm, which is known as Downadup or Conficker, has infected nearly nine million PCs since its first version was unleashed two years ago.

Weak Password Brings 'Happiness' to Twitter Hacker

TollywoodBollywood — Wed, 07 Jan 2009 23:34:21 -0600

An 18-year-old hacker with a history of celebrity pranks has admitted to Monday’s hijacking of multiple high-profile Twitter accounts, including President-Elect Barack Obama’s, and the official feed for Fox News.

The hacker, who goes by the handle GMZ, told Threat Level on Tuesday he gained entry to Twitter’s administrative control panel by pointing an automated password-guesser at a popular user’s account. The user turned out to be a member of Twitter’s support staff, who’d chosen the weak password “happiness.”

Cracking the site was easy, because Twitter allowed an unlimited number of rapid-fire log-in attempts.

“I feel it’s another case of administrators not putting forth effort toward one of the most obvious and overused security flaws,” he wrote in an IM interview. “I’m sure they find it difficult to admit it.”

Microsoft Deployment Toolkit 2010 for Windows 7

goutami — Mon, 29 Dec 2008 21:34:21 -0600

Moving forward with the evolution of the Business Desktop Deployment, Microsoft is now cooking the next iteration of what is at the present the Microsoft Deployment Toolkit. Moreover, according to the Redmond company, the next version of the MDT solution accelerator is almost ready to be made available for download.

Having gone from Business Desktop Deployment (BDD) 2007 to the Microsoft Deployment Toolkit (MDT) 2008, the software giant is now readying the Microsoft Deployment Toolkit 2010. According to Microsoft, the solution accelerator will be tailored to the next releases of the Windows client and Server operating systems.

“The latest version of the Microsoft Deployment Toolkit, MDT 2010, is currently being developed. This new version, which is due to be released shortly after the Windows 7 release, will offer: support for Windows 7 and Windows Server 2008 R2; deployment Workbench and script architecture improvements; documentation improvements,” revealed a member of the MDT team.

How hackers break into your PC

ria — Sun, 28 Dec 2008 01:17:21 -0600

For a hacker common methods for finding your IP address is through chatrooms, looking up domain names on a domain name registrar site, or running programmes that can create a log of all valid IP addresses.

In a chatroom, all a hacker has to do is right click on a chat ID and get the IP address. A domain registrar can yield a website’s employees’ names, phone numbers, fax numbers, physical addresses and IP addresses. In ‘social engineering’ a hacker verbally chats up the user and gets his IP address and other important information. Here’s looking into how a hacker can break into a PC and misuse it.

Firefox Browser Tops The List Of Most Vulnerable Windows Applications of 2008

GopinathM — Sat, 20 Dec 2008 07:17:22 -0600

Firefox browser tops the list of most vulnerable Windows applications of the year 2008. Can you believe this? I did not believe until I read a report released by the security firm bit9.

1. Mozilla Firefox 2. Adobe Flash & Acrobat 3. EMC VMware Player,Workstation and other products 4. Sun Java Runtime Environment (JRE) 5. Apple QuickTime, Safari & iTunes 6. Symantec 7. Trend Micro 8. Citrix Products 9. Aurigma, 10. Lycos 11. Skype 12. Microsoft Windows Live (MSN) Messenger

Indian infotech sector in Bangalore is main focus of Chinese spying

amiable_indian — Fri, 19 Dec 2008 01:17:21 -0600

A few months ago, a major Bangalore-based infotech company lost out on a $8 million contract. The company was expecting a business delegation to visit India before signing the contract, but 15 days before the date set for the deal, the meeting was abruptly called off.

The same team went to China instead. When the Indian firm investigated the matter, it discovered a gaping hole in its security. The computers of several of its top executives had been compromised by Chinese hackers and privileged information leaked to a Chinese competitor, who walked away with the deal by quoting a lesser price.

Welcome to war of another kind – corporate espionage. Chinese companies are increasingly spying on the Indian IT industry, the only major business area where India leads the Chinese by several years. With many companies reportedly becoming victims of Chinese espionage, Indian intelligence officers are beginning to take a close, hard look at the influx of Chinese nationals into Bangalore, India’s IT hub.

The Chinese presence in the Bangalore-Mysore belt largely comprises students in Mysore University. Besides, there are several Chinese citizens who are training or working at Indian IT firms.

Intelligence officers are probing whether the sudden surge of Chinese interest in Bangalore and Mysore is part of a larger game plan to steal India’s IT advantage through massive industrial espionage. The main aim, obviously, is to replicate Indian IT’s successes in mainland China, grab major contracts, and gain the upper hand in a hostile future competitive scenario.

Investigators are tight-lipped on the progress of their inquiry. But a source says they are looking at parallels between the presence of Chinese nationals in Karnataka and what has been reported about Chinese espionage in industrial complexes around the world.

Mumbai Response - India announces security overhaul

avaksi — Sat, 13 Dec 2008 12:51:20 -0600

The Indian government has announced a number of steps to strengthen internal security after the Mumbai attacks.

Interior Minister P Chidambaram said a national investigative agency would be launched, anti-terror laws beefed up and coastal security strengthened. It is the government’s first detailed response to the public outcry over the attacks which left at least 173 people dead, including nine of the 10 gunmen.

India says militants had Pakistani links and has urged Pakistani action. Pakistan denies any involvement in the attacks, but has promised to co-operate with the Indian investigation.

Chinese Cyber Warriors a Challenge for India

amiable_indian — Sat, 13 Dec 2008 05:00:20 -0600

India’s External Affairs Minister Pranab Mukherjee, in a speech to the National Defense College in New Delhi on November 3, said China posed a new set of challenges to India with its growing capabilities in outer space and its frenzied search for new resources. But an equally potent and dangerous challenge the minister overlooked is the new threat of Chinese cyber-nationalism.

China has in recent times witnessed staggering growth in cyber-nationalism, a new kind of nationalism with immense and sometimes dangerous power. This cyber-nationalism could be also described as a part of China’s psychological warfare. It encapsulates the strategy of China’s Sun Tzu (722-481 BC) of defeating the enemy without waging a war.

Attention Facebook users, Koobface virus on prowl

indianboy — Sat, 06 Dec 2008 06:34:20 -0600

Facebook’s 120 million users are being targeted by a virus dubbed ‘Koobface’ that uses the social network’s messaging system to infect PCs, then tries to gather sensitive information such as credit card numbers.

Kaminsky Finds a A Hole In The Heart Of Internet

drwiz — Thu, 04 Dec 2008 12:00:20 -0600

A Software consultant residing in Seattle named Kaminsky finally revealed the hole which stays at the heart of the Internet. His 80 minute detailed analysis mentions a catastrophic bug threatening of poisoning the machines which translate domain names into Internet protocol addresses.

The abstract point is that there is a major loop hole in the DNS system which Internet relies on since 1983. This problem arose while converting the domain names in to the respective IP address.

Metadata: An Invisible CAPTCHA

TollywoodBollywood — Wed, 03 Dec 2008 07:17:20 -0600

Sanjay Sehgal thinks the average CAPTCHA, that collection of deformed characters that Web sites ask users to type out when registering for an account, is both too easy and too demanding. The image tests designed to weed out spam-spewing bots often annoy real people—and rarely keep out determined spammers.

The company Sehgal founded a year ago, Pramana, takes a different approach. Instead of submitting users to a test, the Atlanta-based company’s technology plugs into Web sites and invisibly analyzes users’ online behavior to determine who’s a human and who’s a bot. “We don’t demand that users prove they’re human,” Sehgal says. “We simply watch them and decide for ourselves.” (Back To Main Article: “Robots In Disguise.”)

Google Reader & Picasa Used the Spread Malware

drwiz — Sun, 02 Nov 2008 00:51:20 -0500

A malicious program that sprang up on Facebook in late July has surfaced again, this time using Google’s websites to sneak around security filters.

Researchers at unified threat management vendor Fortinet said that a program similar to the Koobface worm had started using the Google Reader and Picasa websites to spread. In the attack, criminals host images that look like YouTube videos on the Google sites in hopes of tricking victims into downloading malicious Trojan software.

Hackers initially unleashed Koobface in late July, but Facebook’s security team soon slowed its spread by blocking the websites that were hosting the malicious Trojan software.

Indian IT worker from Infosys arrested for email threats to President

amiable_indian — Thu, 23 Oct 2008 03:17:18 -0500

A software professional working at Indian outsourcer Infosys Technologies was arrested by the police in Chennai in south India after he was found to have sent threatening email messages to the country’s President, Pratibha Patil.

J. Sriram, a 24-year-old engineering graduate working as a programmer at Infosys’ operation in Chennai, told police that he was generally dissatisfied with the political situation in the country, M. Sudhakar, Assistant Commissioner of Police of Chennai’s Cyber Crime Cell said on Friday.

Sriram said that for all the political problems in the country, the politicians were responsible, Sudhakar said.

About 16 email messages that he sent to the President on Oct. 11 and Oct. 12 were more than expressions of disaffection with the political system in the country, and had very threatening content, Sudhakar said.

On a tip from the police in Delhi, who tracked down the IP (Internet Protocol) address from which the email messages were sent, Sriram was arrested and charged on a number of counts, including intimidation and use of obscene language.

Fake Youtube Sites used to spread malwares, viruses

amiable_indian — Wed, 08 Oct 2008 02:51:41 -0500

A new hacking tool circulating in the Internet now allows malicious users to create fake YouTube pages designed to deliver malware. The said tool, detected by Trend Micro as HKTL_FAKEYOUT, features a user-friendly console in Spanish that a hacker may use to create a pair of Web pages that look eerily identical to legitimate YouTube pages. With a little crafty social engineering, unsuspecting users may be led into the first of the fake pages, INDEX.HTML. Here, users may be disappointed to see that they cannot view their video as they need a new version of Adobe Flash Player or some plugin or codec. A link is handily provided, and clicking the link leads users to the hacker’s file of choice, which could very possibly be something malicious.

Hackers exploit Neosploit to booby trap BBC, US postal service

softinform — Sun, 05 Oct 2008 14:00:41 -0500

200K login credentials found on crimeware server

Top 10 security mistakes

ria — Sun, 05 Oct 2008 01:51:41 -0500

Ever wondered what is it that leads to data leaks, spying, phishing and other forms of hacking? According to experts, it is some common mistakes made by people that lead to biggest security breaches. And, these behavioral risks of employees vary depending on country and culture. Making some coutries more prone to security breaches than others.

A new study by Cisco spotlights the numerous risks taken by employees that can lead to the most prominent security concerns for businesses: the loss of corporate information. The study identifies common data leakage mistakes among workforces around the world and is based on surveys of more than 2,000 employees and IT professionals across 10 countries, including India, China, Germany, France, Italy, UK, Australia and Brazil.

Hotmail and Gmail join Yahoo in password vulnerability

digitalfever — Tue, 23 Sep 2008 10:51:20 -0500

Yahoo Mail isn’t the only webmail service that could be duped into giving up someone else’s account password, the tactic that some have argued was used to break into US Governor Sarah Palin’s email last week.

How The Hacker Got Access To Sarah Palin’s Private E-Mail Account

GopinathM — Sat, 20 Sep 2008 09:51:20 -0500

hack didn’t require any real skill. Instead, the hacker simply reset Palin’s password using her birth date, ZIP code and information about where she met her spouse — the security question on her Yahoo account, which was answered (Wasilla High) by a simple Google search.

Security Alert - Twitter-Orkut Users Hit With Infection Links

devilsworkshop — Mon, 15 Sep 2008 06:17:19 -0500

Spywareguide is reporting a situation where infection links are being sent to twitter users. Twitter users who are also registered with orkut are at a greater risk since the links are malicious in nature.

Spywareguide blog confirmed that pages linked to by the twitter profile either try and get you to download an infection file straight away, or pretend you’re installing a Flash update: Once the files are run on the PC, a variety of malicious files will be installed and various types of data theft may be attempted. One of the executable file will pop open the Orkut website in what is obviously an attempt to get you to fill in your user details.

The Right to Anonymous Speech Frees Spammer

goutami — Sun, 14 Sep 2008 22:34:20 -0500

The Virginia Supreme Court has ruled AOL spammer Jeremy Jaynes should go free, after he was convicted in 2004 and sentenced to serve 9 years in a federal prison. The court’s decision was not taken because Jeremy Jaynes was actually innocent, as he did send spam e-mails, but because the law under which he was convicted conflicted with the rights stipulated in the First Amendment.

Jeremy Jaynes was tried and convicted in 2004 by the Loudoun Circuit Court Judge Thomas D. Horne under Virginia’s anti-spam law enacted in 2003 and, as a result, he has been under house arrest since then. The same ruling was reinforced by the Virginia Supreme Court 6 months ago but, after Jaynes’ attorneys appealed, the Court surprisingly changed it.