SlideShare a Scribd company logo

News Bytes June 2012

Download as PPT, PDF
n|u - The Open Security Community
n|u - The Open Security Community

null Banglore June - 2012 Meet

EducationTechnology
1 of 46
Newsbytes Null Meet - 16th June 2012 Sumeer Kumar Freelance RFiD Consultant sumeer.kumar@gmail.com
• 6.5 million LinkedIn passwords apparently leaked ; over 60% of stolen passwords already cracked • Passwords that are reset will now be stored in salted hashed format viz. a string that is added to your password before it is cryptographically hashed. • It means that password lists cannot be pre-computed based on dictionary attacks or similar techniques.
• Google warns Gmail users of state-sponsored attacks ; to offer cyberwar defence advice to Gmail users • The warning: • “We believe state-sponsored attackers may be attempting to compromise your computer”, is intended to spur users to take immediate measures to secure their account. • Such steps include creating a strong password for the account,enable two-step account verification, and keep all software up-to-date.
• Phishing with help from Google Docs • If you're a scammer,you can use Google Docs to phish for passwords and sensitive information. • For example: • An email asks the recipient to confirm their account details or risk having it shut down. • The message reads: • Confirm your e-mail account please enter your Mailbox Details by clicking the link below: • [LINK] • Failure to provide details correctly will result to immediate closure of your mailbox account from our database. • The link points to a page on Google Docs (docs.google.com) that gives the link a false aura of legitimacy. • But what the link can't do is tell you whether the Google account holder is legitimate or up to no good.
• Siemens enhances security of industrial networks • Stuxnet: How USA and Israel created anti-Iran virus, and then lost control of it • Flame worm - Iran claims to discover new Stuxnet-like malware • Kaspersky says Stuxnet and Flame are related • The Flame computer virus which has been raging in the Middle East has strong links to Stuxnet, a malware program widely believed to have been developed by the United States or Israel, a security firm said Monday. • Kaspersky, the Russian computer security firm credited with discovering Flame last month, said its research shows the two programs share certain portions of code, suggesting some ties between two separate groups of programmers. • A program of the computer virus known as Flame
• Mobile workspace offers a secure Windows OS on any computer • Imation announced Stealth Zone 2.1 boot-from-USB secure mobile workspace. • This new version enhances data security by making it easier and more convenient for business travelers, teleworkers and contractors to carry a secure, managed Microsoft Windows 7 operating system and an encrypted data transfer solution on a single, fully managed USB device.
• Microsoft speaks out on Flame malware certificate forgery • Flame malware tricks you into installing apparently-trusted software signed with a fraudulent digital certificate. • MS has gone public with additional information about the cryptographic trickery used in this case. • For pre-Vista versions of Windows, it seems that the certificate spoofing didn't rely on any sort of cryptographic forgery. • But for Vista and later, the attackers needed to forge a certificate. They did this using an MD5 collision. • Flame malware used man-in-the-middle attack against Windows Update • MS has released an emergency update for all versions of Windows to address a certificate flaw that was used to spread the Flame malware from machine to machine.
• MySQL flaw allows attackers to easily connect to server • Security researchers have released details about a vulnerability in the MySQL server that could allow potential attackers to access MySQL databases without inputting proper authentication credentials. • Facebook unveils new mobile security measures • has introduced three security updates for protecting its mobile users: a code generator, the ability to report unwanted content on your phone, and improved mobile recovery flows. • Free mobile security eBook from Veracode • Veracode released a free eBook that outlines the ten steps that can be taken by individuals and organizations to protect against potential security risks brought on by the bring your own device (BYOD) to work trend.
• World's first secure private mobile carrier • Gold Line Group appears to be the first company to have developed a completely secure carrier grade switch. • The firm still holds $250,000 in unclaimed gold that was put up as a reward for any hackers, spies or intelligence agencies which could decipher a message encrypted by Gold Lock’s mobile encryption. After attempts by over 5,000 individuals and groups, the challenge ended with none of them able to break the code. • Apple's iOS 6 to add privacy controls for user contacts • Apple will offer users a way to manage which applications have permission to access their contact information as part of a new privacy control panel that's coming in iOS 6.
• Researchers Unveil New Way to Trust Certificates • The rise of Tumblr and Google Play spam campaigns • Google, Facebook, Twitter take on bad ads • Facebook account cancellation malware poses as Adobe Flash update
• ATTACKS • Global Payments: data theft compromised fewer than 1.5 million cards • Olympics fans targeted with lottery scam • Father's Day spam floods in, pointing to gambling websites • Giant snakes eating zookeepers and unwatchable videos - Facebook hit again by clickjacking scams
• League of Legends online game joins the League of the Hacked • Attacks Targeting US Defense Contractors and Universities Tied to China • UGNazi attack 4chan, CloudFlare • Report: North Korea Accused Of DDoS Attack On South Korean Airport • Millions of Last.fm passwords leaked • Tiny New Tinba Banker Trojan Found Stealing Financial Data
• Things to Ponder • People would rather lose their wallet than their phone • A SecurEnvoy study “what people would most fear losing from their back pocket” • 37% said their personal phone, 20% their company phone, 25% said £50, with just 18% citing credit cards. Confirmation that we’re gripped by nomophobia – the fear of being out of mobile contact. • NSA launches cyber security program for college students • The US National Security Agency has launched a National Centers of Academic Excellence in Cyber Operations Program to ultimately yield a larger pool of professionals with expertise in this area
• OOPS! • Yahoo leaks its own private key via new Axis Chrome extension • A new Yahoo browser for iPad and iPhone, dubbed "Axis," is supposed to tightly integrate search with web browsing and has a built-in feature to synchronize one's mobile and desktop experience. • Yahoo mistakenly bundled its private key inside the Chrome extension version of Axis. • Ex MI5 chief gets her laptop stolen at airport • Former Director-General of UK's internal security service MI5 has had her laptop stolen at London's Heathrow airport Dame Stella Rimington, who headed the agency from 1992 to 1996, has since then become a well-known spy thriller author. • "....seems to have forgotten the tricks of her tradecraft since leaving MI5," commented a source for The Sun. •
• TOOLS / RELEASES / UPDATES • LinkedIn provides breach update -- sort of • Facebook Issues Security Updates for Mobile App • Firefox 13 Fixes Seven Security Vulnerabilities • Firefox 14 Beta promises improved security • Ruby on Rails patches more SQL injection holes • Apple quietly reveals iOS security innards • Absinthe 2.0 Jailbreak for iOS 5.1.1 Devices Released • Microsoft fixes 28 security bugs ; Issues FixIt For XML Flaw ; Automatic Updater for Certificate Revocation Lists, Plans to Invalidate Short RSA Keys • Microsoft says IE10 will support Do Not Track by default ; violates new specs • Oracle Issues Patch to Fix 14 14 critical Java SE holes
• Google Fixes Persistent XSS Flaw in Gmail • Google Patches 13 Flaws in Chrome 19 • Adobe delivers sandboxed Flash Player for Firefox users • Patches Photoshop, Illustrator for CS5 Users ; Flash update closes several critical holes • IBM releases software for developing secure mobile apps • McAfee upgrades cloud security and Intel identity kit • AVG spreads its mobile shield • Security analysis tool Trisul 2.4 released • Critical updates for IE, RDP, .NET, Flash and Java • Major shift in strategy for ZeroAccess rootkit malware, as it shifts to user-mode • Dell SecureWorks unveils new managed security services • Lancope unveils new StealthWatch threat intelligence dashboards
UPCOMING EVENTS/CONFERENCES http://securityconferences.net nullcon Delhi 2012 26-29 Sept 2012 http://www.nullcon.net/website/
Acknowledgements • Ashwin Patil - for template,sources etc. • Riyaz Walikar – for template,format etc. • Comments/feedback : sumeer.kumar@gmail.com Cell: 9900 266 539
Quiz Time
Id the person and his claim to fame.
ANSWER
• Kevin Mitnick • an American computer security consultant, author, and hacker. • In the late 20th century, he was convicted of various computer and communications-related crimes. At the time of his arrest, he was the most-wanted computer criminal in the United States. • Tsutomu Shimomura,an American scientist and computer security expert based in the US together with computer journalist John Markoff, tracked down and helped the FBI arrest hacker Kevin Mitnick. • Takedown, his 1996 book on the subject, was later adapted for the screen in Takedown in 2000.
Connect the two pictures.
ANSWER
• On the right is a blue box built by Steve Wozniak, on display at the Computer History Museum,USA. • A blue box is an unauthorized electronic device that generates the same tones employed by a telephone operator's dialing console to switch long-distance calls. • Emerging in the 1960s and 70s, it allowed users to route their own calls by emulating the in-band signaling mechanism that then controlled switching in long distance dialing systems. • The most typical use of a blue box was to place free telephone calls. • Steve Wozniak and Steve Jobs, founders of Apple Computer were frequent pranksters using the device. • On one occasion Wozniak dialed Vatican City and identified himself as Henry Kissinger (imitating Kissinger's German accent) and asked to speak to the Pope (who was sleeping at the time).
How does this connect with Computer Systems ?
ANSWER
• Kerberos is a computer network authentication protocol which works on the basis of "tickets" to allow nodes communicating over a non-secure network to prove their identity to one another in a secure manner. • MIT developed Kerberos and named it after the character Kerberos (or Cerberus) from Greek mythology which was a monstrous three-headed guard dog of Hades.
Id the group. What’s the story behind the masks?
ANSWER
• Anonymous is a loosely associated hacktivist group that originated in 2003 representing the concept of many online and offline community users simultaneously existing as an anarchic, digitized global brain. • It strongly opposes Internet censorship and has hacked various government websites. • It has also targeted major security corporations. • The Guy Fawkes mask is a stylised depiction of Guy Fawkes, the best-known member of the Gunpowder Plot, an attempt to blow up the English Palace of Westminster in London in 1605. • A stylised mask came to represent broader protest after it was used as a major plot element in V for Vendetta, published in 1982, and its 2006 film adaptation. • After appearing in internet forums, the mask was worn by participants in real-life protests and has become widespread internationally among groups protesting against politicians, banks and financial institutions, such as the Occupy movement.
Id this movie with a stellar cast about a group of hackers.
ANSWER
• Sneakers (1992) • Minor plot element: • "...Martin, now using the alias "Bishop", runs a tiger team of security specialists who use unorthodox methods of testing physical and electronic security for companies in San Francisco. • The team includes: Donald Crease, a former CIA officer and high-strung family man; Darryl "Mother" Roskow, a conspiracy theorist with unsurpassed technical skills and dexterity; Carl Arbogast, a young genius; and Erwin "Whistler" Emory, a blind phone phreak with perfect pitch and an acute sense of hearing..."
Two different covers for the same book. What real life incident is it about?
ANSWER
• A first-person account of the hunt for a computer cracker who broke into a computer at the Lawrence Berkeley National Laboratory (LBL) at UC Berkeley. • In 1986,Clifford Stoll (the author) was trying to resolve a USD$ 0.75 accounting error in the computer usage accounts. • He traced the error to an unauthorized user who had apparently used up 9 seconds of computer time and not paid for it, and eventually realized that the unauthorized user was a cracker who had acquired root access to the LBL system by exploiting a vulnerability in the movemail function of the original GNU Emacs.
How are these guys famous in the Cyber security World ?
ANSWER
• RSA is an algorithm for public-key cryptography that is based on the presumed difficulty of factoring large integers, the factoring problem. • RSA stands for Ron Rivest, Adi Shamir and Leonard Adleman (pictured), who first publicly described it in 1978. • A user of RSA creates and then publishes the product of two large prime numbers, along with an auxiliary value, as their public key. • The prime factors must be kept secret. Anyone can use the public key to encrypt a message, but with currently published methods, if the public key is large enough, only someone with knowledge of the prime factors can feasibly decode the message. • Whether breaking RSA encryption is as hard as factoring is an open question known as the RSA problem.
• The _____ worm or Internet worm of November 2, 1988 was one of the first computer worms distributed via the Internet. • It resulted in the first conviction in the US under the 1986 Computer Fraud and Abuse Act. • It was written by a student at Cornell University and launched on November 2, 1988 from MIT.
ANSWER
• Morris worm by Robert Tappan Morris. • Robert Tappan Morris is an American computer scientist, best known for creating the Morris Worm in 1988 • He went on to co-found the online store Viaweb, one of the first web-based applications, and later the funding firm Y Combinator - both with Paul Graham. • He is a tenured professor in the department of Electrical Engineering and Computer Science at MIT. • His father was the late Robert Morris, a coauthor of UNIX and the former chief scientist at the National Computer Security Center, a division of the National Security Agency (NSA).
• X in computing slang refers to an ethical hacker, penetration tester, cracker or security consolidator. • X hackers are computer security experts, who specialize in penetration testing, and other testing methodologies, to ensure that a company's information systems are secure. • X hackers are also called "sneakers",red teams, or tiger teams. • Y is often used figuratively, especially in computing slang, where it refers to a computer security hacker that breaks into networks or computers, or creates computer viruses. • In Western movies, Y is the villain or bad guy, in which such a character would wear a Y in contrast to the hero's X. • Z in the hacking community, refers to a skilled hacker whose activities fall somewhere between X and Y hackers on a variety of spectrums. • It may relate to whether they sometimes arguably act illegally, though in good will, or to how they disclose vulnerabilities. They usually do not hack for personal gain or have malicious intentions, but may be prepared to technically commit crimes during the course of their technological exploits in order to achieve better security. • X,Y and Z ?
ANSWER
• X - White hat • Y - Black hat • Z - Grey hat

Recommended

Lumension Security - Adjusting our defenses for 2012
Lumension Security - Adjusting our defenses for 2012Lumension Security - Adjusting our defenses for 2012
Lumension Security - Adjusting our defenses for 2012Andris Soroka
 
Private Date and PRYING Eyes - Talking Cybersecurity at After Work Network
Private Date and PRYING Eyes - Talking Cybersecurity at After Work NetworkPrivate Date and PRYING Eyes - Talking Cybersecurity at After Work Network
Private Date and PRYING Eyes - Talking Cybersecurity at After Work NetworkITP - Information Technology Professionals
 
Symantec Mobile Security Whitepaper June 2011
Symantec Mobile Security Whitepaper June 2011Symantec Mobile Security Whitepaper June 2011
Symantec Mobile Security Whitepaper June 2011Symantec
 
C0c0n 2011 mobile security presentation v1.2
C0c0n 2011 mobile security presentation v1.2C0c0n 2011 mobile security presentation v1.2
C0c0n 2011 mobile security presentation v1.2Santosh Satam
 
Mobile Security
Mobile SecurityMobile Security
Mobile SecurityXavier Mertens
 
Outlook Briefing 2016: Cyber Security
Outlook Briefing 2016: Cyber SecurityOutlook Briefing 2016: Cyber Security
Outlook Briefing 2016: Cyber SecurityMastel Indonesia
 
Eset cybersecurity awareness (laxman giri)
Eset cybersecurity awareness (laxman giri)Eset cybersecurity awareness (laxman giri)
Eset cybersecurity awareness (laxman giri)लक्ष्मण गिरी
 
Mobile Security: The 5 Questions Modern Organizations Are Asking
Mobile Security: The 5 Questions Modern Organizations Are AskingMobile Security: The 5 Questions Modern Organizations Are Asking
Mobile Security: The 5 Questions Modern Organizations Are AskingLookout
 

Recommended

Lumension Security - Adjusting our defenses for 2012
Lumension Security - Adjusting our defenses for 2012Lumension Security - Adjusting our defenses for 2012
Lumension Security - Adjusting our defenses for 2012Andris Soroka
 
Private Date and PRYING Eyes - Talking Cybersecurity at After Work Network
Private Date and PRYING Eyes - Talking Cybersecurity at After Work NetworkPrivate Date and PRYING Eyes - Talking Cybersecurity at After Work Network
Private Date and PRYING Eyes - Talking Cybersecurity at After Work NetworkITP - Information Technology Professionals
 
Symantec Mobile Security Whitepaper June 2011
Symantec Mobile Security Whitepaper June 2011Symantec Mobile Security Whitepaper June 2011
Symantec Mobile Security Whitepaper June 2011Symantec
 
C0c0n 2011 mobile security presentation v1.2
C0c0n 2011 mobile security presentation v1.2C0c0n 2011 mobile security presentation v1.2
C0c0n 2011 mobile security presentation v1.2Santosh Satam
 
Mobile Security
Mobile SecurityMobile Security
Mobile SecurityXavier Mertens
 
Outlook Briefing 2016: Cyber Security
Outlook Briefing 2016: Cyber SecurityOutlook Briefing 2016: Cyber Security
Outlook Briefing 2016: Cyber SecurityMastel Indonesia
 
Eset cybersecurity awareness (laxman giri)
Eset cybersecurity awareness (laxman giri)Eset cybersecurity awareness (laxman giri)
Eset cybersecurity awareness (laxman giri)लक्ष्मण गिरी
 
Mobile Security: The 5 Questions Modern Organizations Are Asking
Mobile Security: The 5 Questions Modern Organizations Are AskingMobile Security: The 5 Questions Modern Organizations Are Asking
Mobile Security: The 5 Questions Modern Organizations Are AskingLookout
 
Mobile security
Mobile securityMobile security
Mobile securityhome
 
Internet of things, New Challenges in Cyber Crime
Internet of things, New Challenges in Cyber CrimeInternet of things, New Challenges in Cyber Crime
Internet of things, New Challenges in Cyber CrimeMurray Security Services
 
Mobile Security for Smartphones and Tablets
Mobile Security for Smartphones and TabletsMobile Security for Smartphones and Tablets
Mobile Security for Smartphones and TabletsVince Verbeke
 
Briskinfosec - Threatsploit Report Augest 2021- Cyber security updates
Briskinfosec - Threatsploit Report Augest 2021- Cyber security updatesBriskinfosec - Threatsploit Report Augest 2021- Cyber security updates
Briskinfosec - Threatsploit Report Augest 2021- Cyber security updatesBriskinfosec Technology and Consulting
 
Mobile Security 101
Mobile Security 101Mobile Security 101
Mobile Security 101Lookout
 
The Evolution of Cybercrime
The Evolution of CybercrimeThe Evolution of Cybercrime
The Evolution of CybercrimeStephen Cobb
 
New trends in Payments Security: NFC & Mobile
New trends in Payments Security: NFC & MobileNew trends in Payments Security: NFC & Mobile
New trends in Payments Security: NFC & MobileSISA Information Security Pvt.Ltd
 
Cybersecurity Awareness Session by Adam
Cybersecurity Awareness Session by AdamCybersecurity Awareness Session by Adam
Cybersecurity Awareness Session by AdamMohammed Adam
 
Security and privacy
Security and privacySecurity and privacy
Security and privacyMohammed Adam
 
Securing the Internet of Things
Securing the Internet of ThingsSecuring the Internet of Things
Securing the Internet of ThingsChristopher Frenz
 
Study on Zeus Banking Malware
Study on Zeus Banking MalwareStudy on Zeus Banking Malware
Study on Zeus Banking MalwareShaik Anisa
 
2015 Cybersecurity Predictions
2015 Cybersecurity Predictions2015 Cybersecurity Predictions
2015 Cybersecurity PredictionsLookout
 
Internet of Things - Privacy and Security issues
Internet of Things - Privacy and Security issuesInternet of Things - Privacy and Security issues
Internet of Things - Privacy and Security issuesPierluigi Paganini
 
2010: Mobile Security - WHYMCA Developer Conference
2010: Mobile Security - WHYMCA Developer Conference2010: Mobile Security - WHYMCA Developer Conference
2010: Mobile Security - WHYMCA Developer ConferenceFabio Pietrosanti
 
IT Security and Wire Fraud Awareness Slide Deck
IT Security and Wire Fraud Awareness Slide DeckIT Security and Wire Fraud Awareness Slide Deck
IT Security and Wire Fraud Awareness Slide DeckDon Gulling
 
2014CyberSecurityProject
2014CyberSecurityProject2014CyberSecurityProject
2014CyberSecurityProjectKaley Hair
 
BlackHat Europe 2013 - Practical Attacks against Mobile Device Management (MDM)
BlackHat Europe 2013 - Practical Attacks against Mobile Device Management (MDM)BlackHat Europe 2013 - Practical Attacks against Mobile Device Management (MDM)
BlackHat Europe 2013 - Practical Attacks against Mobile Device Management (MDM)Lacoon Mobile Security
 
Sholove cyren web security - technical datasheet2
Sholove cyren web security - technical datasheet2Sholove cyren web security - technical datasheet2
Sholove cyren web security - technical datasheet2SHOLOVE INTERNATIONAL LLC
 
AECF: A Look into Cyber Crime - Doomsday Preppers for the Naked and Afraid
AECF: A Look into Cyber Crime - Doomsday Preppers for the Naked and AfraidAECF: A Look into Cyber Crime - Doomsday Preppers for the Naked and Afraid
AECF: A Look into Cyber Crime - Doomsday Preppers for the Naked and AfraidPhil Agcaoili
 
2012 State of Mobile Survey Global Key Findings
2012 State of Mobile Survey Global Key Findings2012 State of Mobile Survey Global Key Findings
2012 State of Mobile Survey Global Key FindingsSymantec
 
AFCEA Cybersecurity through Continuous Monitoring: SolarWinds Survey Results ...
AFCEA Cybersecurity through Continuous Monitoring: SolarWinds Survey Results ...AFCEA Cybersecurity through Continuous Monitoring: SolarWinds Survey Results ...
AFCEA Cybersecurity through Continuous Monitoring: SolarWinds Survey Results ...SolarWinds
 
Appsec XSS Case Study
Appsec XSS Case StudyAppsec XSS Case Study
Appsec XSS Case StudyMohamed Ridha CHEBBI, CISSP
 

More Related Content

What's hot

Mobile security
Mobile securityMobile security
Mobile securityhome
 
Internet of things, New Challenges in Cyber Crime
Internet of things, New Challenges in Cyber CrimeInternet of things, New Challenges in Cyber Crime
Internet of things, New Challenges in Cyber CrimeMurray Security Services
 
Mobile Security for Smartphones and Tablets
Mobile Security for Smartphones and TabletsMobile Security for Smartphones and Tablets
Mobile Security for Smartphones and TabletsVince Verbeke
 
Briskinfosec - Threatsploit Report Augest 2021- Cyber security updates
Briskinfosec - Threatsploit Report Augest 2021- Cyber security updatesBriskinfosec - Threatsploit Report Augest 2021- Cyber security updates
Briskinfosec - Threatsploit Report Augest 2021- Cyber security updatesBriskinfosec Technology and Consulting
 
Mobile Security 101
Mobile Security 101Mobile Security 101
Mobile Security 101Lookout
 
The Evolution of Cybercrime
The Evolution of CybercrimeThe Evolution of Cybercrime
The Evolution of CybercrimeStephen Cobb
 
Cybersecurity Awareness Session by Adam
Cybersecurity Awareness Session by AdamCybersecurity Awareness Session by Adam
Cybersecurity Awareness Session by AdamMohammed Adam
 
Security and privacy
Security and privacySecurity and privacy
Security and privacyMohammed Adam
 
Securing the Internet of Things
Securing the Internet of ThingsSecuring the Internet of Things
Securing the Internet of ThingsChristopher Frenz
 
Study on Zeus Banking Malware
Study on Zeus Banking MalwareStudy on Zeus Banking Malware
Study on Zeus Banking MalwareShaik Anisa
 
2015 Cybersecurity Predictions
2015 Cybersecurity Predictions2015 Cybersecurity Predictions
2015 Cybersecurity PredictionsLookout
 
Internet of Things - Privacy and Security issues
Internet of Things - Privacy and Security issuesInternet of Things - Privacy and Security issues
Internet of Things - Privacy and Security issuesPierluigi Paganini
 
2010: Mobile Security - WHYMCA Developer Conference
2010: Mobile Security - WHYMCA Developer Conference2010: Mobile Security - WHYMCA Developer Conference
2010: Mobile Security - WHYMCA Developer ConferenceFabio Pietrosanti
 
IT Security and Wire Fraud Awareness Slide Deck
IT Security and Wire Fraud Awareness Slide DeckIT Security and Wire Fraud Awareness Slide Deck
IT Security and Wire Fraud Awareness Slide DeckDon Gulling
 
2014CyberSecurityProject
2014CyberSecurityProject2014CyberSecurityProject
2014CyberSecurityProjectKaley Hair
 
BlackHat Europe 2013 - Practical Attacks against Mobile Device Management (MDM)
BlackHat Europe 2013 - Practical Attacks against Mobile Device Management (MDM)BlackHat Europe 2013 - Practical Attacks against Mobile Device Management (MDM)
BlackHat Europe 2013 - Practical Attacks against Mobile Device Management (MDM)Lacoon Mobile Security
 
Sholove cyren web security - technical datasheet2
Sholove cyren web security - technical datasheet2Sholove cyren web security - technical datasheet2
Sholove cyren web security - technical datasheet2SHOLOVE INTERNATIONAL LLC
 
AECF: A Look into Cyber Crime - Doomsday Preppers for the Naked and Afraid
AECF: A Look into Cyber Crime - Doomsday Preppers for the Naked and AfraidAECF: A Look into Cyber Crime - Doomsday Preppers for the Naked and Afraid
AECF: A Look into Cyber Crime - Doomsday Preppers for the Naked and AfraidPhil Agcaoili
 
2012 State of Mobile Survey Global Key Findings
2012 State of Mobile Survey Global Key Findings2012 State of Mobile Survey Global Key Findings
2012 State of Mobile Survey Global Key FindingsSymantec
 

What's hot (20)

Mobile security
Mobile securityMobile security
Mobile security
 
Internet of things, New Challenges in Cyber Crime
Internet of things, New Challenges in Cyber CrimeInternet of things, New Challenges in Cyber Crime
Internet of things, New Challenges in Cyber Crime
 
Mobile Security for Smartphones and Tablets
Mobile Security for Smartphones and TabletsMobile Security for Smartphones and Tablets
Mobile Security for Smartphones and Tablets
 
Briskinfosec - Threatsploit Report Augest 2021- Cyber security updates
Briskinfosec - Threatsploit Report Augest 2021- Cyber security updatesBriskinfosec - Threatsploit Report Augest 2021- Cyber security updates
Briskinfosec - Threatsploit Report Augest 2021- Cyber security updates
 
Mobile Security 101
Mobile Security 101Mobile Security 101
Mobile Security 101
 
The Evolution of Cybercrime
The Evolution of CybercrimeThe Evolution of Cybercrime
The Evolution of Cybercrime
 
New trends in Payments Security: NFC & Mobile
New trends in Payments Security: NFC & MobileNew trends in Payments Security: NFC & Mobile
New trends in Payments Security: NFC & Mobile
 
Cybersecurity Awareness Session by Adam
Cybersecurity Awareness Session by AdamCybersecurity Awareness Session by Adam
Cybersecurity Awareness Session by Adam
 
Security and privacy
Security and privacySecurity and privacy
Security and privacy
 
Securing the Internet of Things
Securing the Internet of ThingsSecuring the Internet of Things
Securing the Internet of Things
 
Study on Zeus Banking Malware
Study on Zeus Banking MalwareStudy on Zeus Banking Malware
Study on Zeus Banking Malware
 
2015 Cybersecurity Predictions
2015 Cybersecurity Predictions2015 Cybersecurity Predictions
2015 Cybersecurity Predictions
 
Internet of Things - Privacy and Security issues
Internet of Things - Privacy and Security issuesInternet of Things - Privacy and Security issues
Internet of Things - Privacy and Security issues
 
2010: Mobile Security - WHYMCA Developer Conference
2010: Mobile Security - WHYMCA Developer Conference2010: Mobile Security - WHYMCA Developer Conference
2010: Mobile Security - WHYMCA Developer Conference
 
IT Security and Wire Fraud Awareness Slide Deck
IT Security and Wire Fraud Awareness Slide DeckIT Security and Wire Fraud Awareness Slide Deck
IT Security and Wire Fraud Awareness Slide Deck
 
2014CyberSecurityProject
2014CyberSecurityProject2014CyberSecurityProject
2014CyberSecurityProject
 
BlackHat Europe 2013 - Practical Attacks against Mobile Device Management (MDM)
BlackHat Europe 2013 - Practical Attacks against Mobile Device Management (MDM)BlackHat Europe 2013 - Practical Attacks against Mobile Device Management (MDM)
BlackHat Europe 2013 - Practical Attacks against Mobile Device Management (MDM)
 
Sholove cyren web security - technical datasheet2
Sholove cyren web security - technical datasheet2Sholove cyren web security - technical datasheet2
Sholove cyren web security - technical datasheet2
 
AECF: A Look into Cyber Crime - Doomsday Preppers for the Naked and Afraid
AECF: A Look into Cyber Crime - Doomsday Preppers for the Naked and AfraidAECF: A Look into Cyber Crime - Doomsday Preppers for the Naked and Afraid
AECF: A Look into Cyber Crime - Doomsday Preppers for the Naked and Afraid
 
2012 State of Mobile Survey Global Key Findings
2012 State of Mobile Survey Global Key Findings2012 State of Mobile Survey Global Key Findings
2012 State of Mobile Survey Global Key Findings
 

Viewers also liked

AFCEA Cybersecurity through Continuous Monitoring: SolarWinds Survey Results ...
AFCEA Cybersecurity through Continuous Monitoring: SolarWinds Survey Results ...AFCEA Cybersecurity through Continuous Monitoring: SolarWinds Survey Results ...
AFCEA Cybersecurity through Continuous Monitoring: SolarWinds Survey Results ...SolarWinds
 
NERC Critical Infrastructure Protection (CIP) and Security for Field Devices
NERC Critical Infrastructure Protection (CIP) and Security for Field DevicesNERC Critical Infrastructure Protection (CIP) and Security for Field Devices
NERC Critical Infrastructure Protection (CIP) and Security for Field DevicesSchneider Electric
 
Enter The back|track Linux Dragon
Enter The back|track Linux DragonEnter The back|track Linux Dragon
Enter The back|track Linux DragonAndrew Kozma
 
Lessons Learned From Heartbleed, Struts, and The Neglected 90%
Lessons Learned From Heartbleed, Struts, and The Neglected 90%Lessons Learned From Heartbleed, Struts, and The Neglected 90%
Lessons Learned From Heartbleed, Struts, and The Neglected 90%Sonatype
 
Security testing in critical systems
Security testing in critical systemsSecurity testing in critical systems
Security testing in critical systemsPeter Wood
 

Viewers also liked (6)

AFCEA Cybersecurity through Continuous Monitoring: SolarWinds Survey Results ...
AFCEA Cybersecurity through Continuous Monitoring: SolarWinds Survey Results ...AFCEA Cybersecurity through Continuous Monitoring: SolarWinds Survey Results ...
AFCEA Cybersecurity through Continuous Monitoring: SolarWinds Survey Results ...
 
Appsec XSS Case Study
Appsec XSS Case StudyAppsec XSS Case Study
Appsec XSS Case Study
 
NERC Critical Infrastructure Protection (CIP) and Security for Field Devices
NERC Critical Infrastructure Protection (CIP) and Security for Field DevicesNERC Critical Infrastructure Protection (CIP) and Security for Field Devices
NERC Critical Infrastructure Protection (CIP) and Security for Field Devices
 
Enter The back|track Linux Dragon
Enter The back|track Linux DragonEnter The back|track Linux Dragon
Enter The back|track Linux Dragon
 
Lessons Learned From Heartbleed, Struts, and The Neglected 90%
Lessons Learned From Heartbleed, Struts, and The Neglected 90%Lessons Learned From Heartbleed, Struts, and The Neglected 90%
Lessons Learned From Heartbleed, Struts, and The Neglected 90%
 
Security testing in critical systems
Security testing in critical systemsSecurity testing in critical systems
Security testing in critical systems
 

Similar to News Bytes June 2012

csa2014 IBC
csa2014 IBCcsa2014 IBC
csa2014 IBCapyn
 
Cybercrime trends in last five years
Cybercrime trends in last five yearsCybercrime trends in last five years
Cybercrime trends in last five yearsSABBY GILL
 
NewsByte Mumbai October 2017
NewsByte Mumbai October 2017NewsByte Mumbai October 2017
NewsByte Mumbai October 2017chauhananand17
 
Newsbytes_NULLHYD_Dec
Newsbytes_NULLHYD_DecNewsbytes_NULLHYD_Dec
Newsbytes_NULLHYD_DecRaghunath G
 
cyber attacks in May , breaches in May
cyber attacks in May , breaches in Maycyber attacks in May , breaches in May
cyber attacks in May , breaches in MaySathish Kumar K
 
Security News Bytes (Aug Sept 2017)
Security News Bytes (Aug Sept 2017)Security News Bytes (Aug Sept 2017)
Security News Bytes (Aug Sept 2017)Apurv Singh Gautam
 
Forensic And Cloud Computing
Forensic And Cloud ComputingForensic And Cloud Computing
Forensic And Cloud ComputingMitesh Katira
 
Is6120 data security presentation
Is6120 data security presentationIs6120 data security presentation
Is6120 data security presentationJamesDempsey1
 
Securing the Skies: Navigating Cloud Security Challenges and Beyond
Securing the Skies: Navigating Cloud Security Challenges and BeyondSecuring the Skies: Navigating Cloud Security Challenges and Beyond
Securing the Skies: Navigating Cloud Security Challenges and BeyondPraveen Nair
 
2014 GRC Conference in West Palm Beach-Moderated by Sonia Luna
2014 GRC Conference in West Palm Beach-Moderated by Sonia Luna2014 GRC Conference in West Palm Beach-Moderated by Sonia Luna
2014 GRC Conference in West Palm Beach-Moderated by Sonia LunaAviva Spectrum™
 
Rishabhcyber security.pptx
Rishabhcyber security.pptxRishabhcyber security.pptx
Rishabhcyber security.pptxRishabhDwivedi70
 
Business under cyberassault
Business under cyberassaultBusiness under cyberassault
Business under cyberassaultMohammad Husain
 
Cysec.pptx
Cysec.pptxCysec.pptx
Cysec.pptxjondon17
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptxAkshayKhade21
 
How to Secure Your Mac Based Law Practice
How to Secure Your Mac Based Law PracticeHow to Secure Your Mac Based Law Practice
How to Secure Your Mac Based Law PracticeRocket Matter, LLC
 
Wfh security risks - Ed Adams, President, Security Innovation
Wfh security risks - Ed Adams, President, Security InnovationWfh security risks - Ed Adams, President, Security Innovation
Wfh security risks - Ed Adams, President, Security InnovationPriyanka Aash
 
CyberSecurityPPdddsdsddssdsdssaT_V3_1.pptx
CyberSecurityPPdddsdsddssdsdssaT_V3_1.pptxCyberSecurityPPdddsdsddssdsdssaT_V3_1.pptx
CyberSecurityPPdddsdsddssdsdssaT_V3_1.pptxprtabal_25
 

Similar to News Bytes June 2012 (20)

csa2014 IBC
csa2014 IBCcsa2014 IBC
csa2014 IBC
 
Cybercrime trends in last five years
Cybercrime trends in last five yearsCybercrime trends in last five years
Cybercrime trends in last five years
 
News Bytes - December 2015
News Bytes - December 2015News Bytes - December 2015
News Bytes - December 2015
 
NewsByte Mumbai October 2017
NewsByte Mumbai October 2017NewsByte Mumbai October 2017
NewsByte Mumbai October 2017
 
Newsbytes_NULLHYD_Dec
Newsbytes_NULLHYD_DecNewsbytes_NULLHYD_Dec
Newsbytes_NULLHYD_Dec
 
cyber attacks in May , breaches in May
cyber attacks in May , breaches in Maycyber attacks in May , breaches in May
cyber attacks in May , breaches in May
 
Security News Bytes (Aug Sept 2017)
Security News Bytes (Aug Sept 2017)Security News Bytes (Aug Sept 2017)
Security News Bytes (Aug Sept 2017)
 
Security & Compliance for Startups
Security & Compliance for StartupsSecurity & Compliance for Startups
Security & Compliance for Startups
 
Forensic And Cloud Computing
Forensic And Cloud ComputingForensic And Cloud Computing
Forensic And Cloud Computing
 
Is6120 data security presentation
Is6120 data security presentationIs6120 data security presentation
Is6120 data security presentation
 
Securing the Skies: Navigating Cloud Security Challenges and Beyond
Securing the Skies: Navigating Cloud Security Challenges and BeyondSecuring the Skies: Navigating Cloud Security Challenges and Beyond
Securing the Skies: Navigating Cloud Security Challenges and Beyond
 
Unit-3.pptx
Unit-3.pptxUnit-3.pptx
Unit-3.pptx
 
2014 GRC Conference in West Palm Beach-Moderated by Sonia Luna
2014 GRC Conference in West Palm Beach-Moderated by Sonia Luna2014 GRC Conference in West Palm Beach-Moderated by Sonia Luna
2014 GRC Conference in West Palm Beach-Moderated by Sonia Luna
 
Rishabhcyber security.pptx
Rishabhcyber security.pptxRishabhcyber security.pptx
Rishabhcyber security.pptx
 
Business under cyberassault
Business under cyberassaultBusiness under cyberassault
Business under cyberassault
 
Cysec.pptx
Cysec.pptxCysec.pptx
Cysec.pptx
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptx
 
How to Secure Your Mac Based Law Practice
How to Secure Your Mac Based Law PracticeHow to Secure Your Mac Based Law Practice
How to Secure Your Mac Based Law Practice
 
Wfh security risks - Ed Adams, President, Security Innovation
Wfh security risks - Ed Adams, President, Security InnovationWfh security risks - Ed Adams, President, Security Innovation
Wfh security risks - Ed Adams, President, Security Innovation
 
CyberSecurityPPdddsdsddssdsdssaT_V3_1.pptx
CyberSecurityPPdddsdsddssdsdssaT_V3_1.pptxCyberSecurityPPdddsdsddssdsdssaT_V3_1.pptx
CyberSecurityPPdddsdsddssdsdssaT_V3_1.pptx
 

More from n|u - The Open Security Community

Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...n|u - The Open Security Community
 

More from n|u - The Open Security Community (20)

Hardware security testing 101 (Null - Delhi Chapter)
Hardware security testing 101 (Null - Delhi Chapter)Hardware security testing 101 (Null - Delhi Chapter)
Hardware security testing 101 (Null - Delhi Chapter)
 
Osint primer
Osint primerOsint primer
Osint primer
 
SSRF exploit the trust relationship
SSRF exploit the trust relationshipSSRF exploit the trust relationship
SSRF exploit the trust relationship
 
Nmap basics
Nmap basicsNmap basics
Nmap basics
 
Metasploit primary
Metasploit primaryMetasploit primary
Metasploit primary
 
Api security-testing
Api security-testingApi security-testing
Api security-testing
 
Introduction to TLS 1.3
Introduction to TLS 1.3Introduction to TLS 1.3
Introduction to TLS 1.3
 
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
 
Talking About SSRF,CRLF
Talking About SSRF,CRLFTalking About SSRF,CRLF
Talking About SSRF,CRLF
 
Building active directory lab for red teaming
Building active directory lab for red teamingBuilding active directory lab for red teaming
Building active directory lab for red teaming
 
Owning a company through their logs
Owning a company through their logsOwning a company through their logs
Owning a company through their logs
 
Introduction to shodan
Introduction to shodanIntroduction to shodan
Introduction to shodan
 
Cloud security
Cloud security Cloud security
Cloud security
 
Detecting persistence in windows
Detecting persistence in windowsDetecting persistence in windows
Detecting persistence in windows
 
Frida - Objection Tool Usage
Frida - Objection Tool UsageFrida - Objection Tool Usage
Frida - Objection Tool Usage
 
OSQuery - Monitoring System Process
OSQuery - Monitoring System ProcessOSQuery - Monitoring System Process
OSQuery - Monitoring System Process
 
DevSecOps Jenkins Pipeline -Security
DevSecOps Jenkins Pipeline -SecurityDevSecOps Jenkins Pipeline -Security
DevSecOps Jenkins Pipeline -Security
 
Extensible markup language attacks
Extensible markup language attacksExtensible markup language attacks
Extensible markup language attacks
 
Linux for hackers
Linux for hackersLinux for hackers
Linux for hackers
 
Android Pentesting
Android PentestingAndroid Pentesting
Android Pentesting
 

Recently uploaded

Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactPECB
 
General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...Poonam Aher Patil
 
The basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptxThe basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptxheathfieldcps1
 
psychiatric nursing HISTORY COLLECTION .docx
psychiatric nursing HISTORY COLLECTION .docxpsychiatric nursing HISTORY COLLECTION .docx
psychiatric nursing HISTORY COLLECTION .docxPoojaSen20
 
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in DelhiRussian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhikauryashika82
 
Role Of Transgenic Animal In Target Validation-1.pptx
Role Of Transgenic Animal In Target Validation-1.pptxRole Of Transgenic Animal In Target Validation-1.pptx
Role Of Transgenic Animal In Target Validation-1.pptxNikitaBankoti2
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...EduSkills OECD
 
Unit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptxUnit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptxVishalSingh1417
 
This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.christianmathematics
 
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptxMaritesTamaniVerdade
 
ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.MaryamAhmad92
 
Food Chain and Food Web (Ecosystem) EVS, B. Pharmacy 1st Year, Sem-II
Food Chain and Food Web (Ecosystem) EVS, B. Pharmacy 1st Year, Sem-IIFood Chain and Food Web (Ecosystem) EVS, B. Pharmacy 1st Year, Sem-II
Food Chain and Food Web (Ecosystem) EVS, B. Pharmacy 1st Year, Sem-IIShubhangi Sonawane
 
Application orientated numerical on hev.ppt
Application orientated numerical on hev.pptApplication orientated numerical on hev.ppt
Application orientated numerical on hev.pptRamjanShidvankar
 
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxBasic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxDenish Jangid
 
ComPTIA Overview | Comptia Security+ Book SY0-701
ComPTIA Overview | Comptia Security+ Book SY0-701ComPTIA Overview | Comptia Security+ Book SY0-701
ComPTIA Overview | Comptia Security+ Book SY0-701bronxfugly43
 
Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104misteraugie
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introductionMaksud Ahmed
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxheathfieldcps1
 
Key note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfKey note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfAdmir Softic
 
Python Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docxPython Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docxRamakrishna Reddy Bijjam
 

Recently uploaded (20)

Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global Impact
 
General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...
 
The basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptxThe basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptx
 
psychiatric nursing HISTORY COLLECTION .docx
psychiatric nursing HISTORY COLLECTION .docxpsychiatric nursing HISTORY COLLECTION .docx
psychiatric nursing HISTORY COLLECTION .docx
 
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in DelhiRussian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
 
Role Of Transgenic Animal In Target Validation-1.pptx
Role Of Transgenic Animal In Target Validation-1.pptxRole Of Transgenic Animal In Target Validation-1.pptx
Role Of Transgenic Animal In Target Validation-1.pptx
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
 
Unit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptxUnit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptx
 
This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.
 
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
 
ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.
 
Food Chain and Food Web (Ecosystem) EVS, B. Pharmacy 1st Year, Sem-II
Food Chain and Food Web (Ecosystem) EVS, B. Pharmacy 1st Year, Sem-IIFood Chain and Food Web (Ecosystem) EVS, B. Pharmacy 1st Year, Sem-II
Food Chain and Food Web (Ecosystem) EVS, B. Pharmacy 1st Year, Sem-II
 
Application orientated numerical on hev.ppt
Application orientated numerical on hev.pptApplication orientated numerical on hev.ppt
Application orientated numerical on hev.ppt
 
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxBasic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
 
ComPTIA Overview | Comptia Security+ Book SY0-701
ComPTIA Overview | Comptia Security+ Book SY0-701ComPTIA Overview | Comptia Security+ Book SY0-701
ComPTIA Overview | Comptia Security+ Book SY0-701
 
Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introduction
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptx
 
Key note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfKey note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdf
 
Python Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docxPython Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docx
 

News Bytes June 2012

  • 1. Newsbytes Null Meet - 16th June 2012 Sumeer Kumar Freelance RFiD Consultant sumeer.kumar@gmail.com
  • 2. • 6.5 million LinkedIn passwords apparently leaked ; over 60% of stolen passwords already cracked • Passwords that are reset will now be stored in salted hashed format viz. a string that is added to your password before it is cryptographically hashed. • It means that password lists cannot be pre-computed based on dictionary attacks or similar techniques.
  • 3. • Google warns Gmail users of state-sponsored attacks ; to offer cyberwar defence advice to Gmail users • The warning: • “We believe state-sponsored attackers may be attempting to compromise your computer”, is intended to spur users to take immediate measures to secure their account. • Such steps include creating a strong password for the account,enable two-step account verification, and keep all software up-to-date.
  • 4. • Phishing with help from Google Docs • If you're a scammer,you can use Google Docs to phish for passwords and sensitive information. • For example: • An email asks the recipient to confirm their account details or risk having it shut down. • The message reads: • Confirm your e-mail account please enter your Mailbox Details by clicking the link below: • [LINK] • Failure to provide details correctly will result to immediate closure of your mailbox account from our database. • The link points to a page on Google Docs (docs.google.com) that gives the link a false aura of legitimacy. • But what the link can't do is tell you whether the Google account holder is legitimate or up to no good.
  • 5. • Siemens enhances security of industrial networks • Stuxnet: How USA and Israel created anti-Iran virus, and then lost control of it • Flame worm - Iran claims to discover new Stuxnet-like malware • Kaspersky says Stuxnet and Flame are related • The Flame computer virus which has been raging in the Middle East has strong links to Stuxnet, a malware program widely believed to have been developed by the United States or Israel, a security firm said Monday. • Kaspersky, the Russian computer security firm credited with discovering Flame last month, said its research shows the two programs share certain portions of code, suggesting some ties between two separate groups of programmers. • A program of the computer virus known as Flame
  • 6. • Mobile workspace offers a secure Windows OS on any computer • Imation announced Stealth Zone 2.1 boot-from-USB secure mobile workspace. • This new version enhances data security by making it easier and more convenient for business travelers, teleworkers and contractors to carry a secure, managed Microsoft Windows 7 operating system and an encrypted data transfer solution on a single, fully managed USB device.
  • 7. • Microsoft speaks out on Flame malware certificate forgery • Flame malware tricks you into installing apparently-trusted software signed with a fraudulent digital certificate. • MS has gone public with additional information about the cryptographic trickery used in this case. • For pre-Vista versions of Windows, it seems that the certificate spoofing didn't rely on any sort of cryptographic forgery. • But for Vista and later, the attackers needed to forge a certificate. They did this using an MD5 collision. • Flame malware used man-in-the-middle attack against Windows Update • MS has released an emergency update for all versions of Windows to address a certificate flaw that was used to spread the Flame malware from machine to machine.
  • 8. • MySQL flaw allows attackers to easily connect to server • Security researchers have released details about a vulnerability in the MySQL server that could allow potential attackers to access MySQL databases without inputting proper authentication credentials. • Facebook unveils new mobile security measures • has introduced three security updates for protecting its mobile users: a code generator, the ability to report unwanted content on your phone, and improved mobile recovery flows. • Free mobile security eBook from Veracode • Veracode released a free eBook that outlines the ten steps that can be taken by individuals and organizations to protect against potential security risks brought on by the bring your own device (BYOD) to work trend.
  • 9. • World's first secure private mobile carrier • Gold Line Group appears to be the first company to have developed a completely secure carrier grade switch. • The firm still holds $250,000 in unclaimed gold that was put up as a reward for any hackers, spies or intelligence agencies which could decipher a message encrypted by Gold Lock’s mobile encryption. After attempts by over 5,000 individuals and groups, the challenge ended with none of them able to break the code. • Apple's iOS 6 to add privacy controls for user contacts • Apple will offer users a way to manage which applications have permission to access their contact information as part of a new privacy control panel that's coming in iOS 6.
  • 10. • Researchers Unveil New Way to Trust Certificates • The rise of Tumblr and Google Play spam campaigns • Google, Facebook, Twitter take on bad ads • Facebook account cancellation malware poses as Adobe Flash update
  • 11. • ATTACKS • Global Payments: data theft compromised fewer than 1.5 million cards • Olympics fans targeted with lottery scam • Father's Day spam floods in, pointing to gambling websites • Giant snakes eating zookeepers and unwatchable videos - Facebook hit again by clickjacking scams
  • 12. • League of Legends online game joins the League of the Hacked • Attacks Targeting US Defense Contractors and Universities Tied to China • UGNazi attack 4chan, CloudFlare • Report: North Korea Accused Of DDoS Attack On South Korean Airport • Millions of Last.fm passwords leaked • Tiny New Tinba Banker Trojan Found Stealing Financial Data
  • 13. • Things to Ponder • People would rather lose their wallet than their phone • A SecurEnvoy study “what people would most fear losing from their back pocket” • 37% said their personal phone, 20% their company phone, 25% said £50, with just 18% citing credit cards. Confirmation that we’re gripped by nomophobia – the fear of being out of mobile contact. • NSA launches cyber security program for college students • The US National Security Agency has launched a National Centers of Academic Excellence in Cyber Operations Program to ultimately yield a larger pool of professionals with expertise in this area
  • 14. • OOPS! • Yahoo leaks its own private key via new Axis Chrome extension • A new Yahoo browser for iPad and iPhone, dubbed "Axis," is supposed to tightly integrate search with web browsing and has a built-in feature to synchronize one's mobile and desktop experience. • Yahoo mistakenly bundled its private key inside the Chrome extension version of Axis. • Ex MI5 chief gets her laptop stolen at airport • Former Director-General of UK's internal security service MI5 has had her laptop stolen at London's Heathrow airport Dame Stella Rimington, who headed the agency from 1992 to 1996, has since then become a well-known spy thriller author. • "....seems to have forgotten the tricks of her tradecraft since leaving MI5," commented a source for The Sun. •
  • 15. • TOOLS / RELEASES / UPDATES • LinkedIn provides breach update -- sort of • Facebook Issues Security Updates for Mobile App • Firefox 13 Fixes Seven Security Vulnerabilities • Firefox 14 Beta promises improved security • Ruby on Rails patches more SQL injection holes • Apple quietly reveals iOS security innards • Absinthe 2.0 Jailbreak for iOS 5.1.1 Devices Released • Microsoft fixes 28 security bugs ; Issues FixIt For XML Flaw ; Automatic Updater for Certificate Revocation Lists, Plans to Invalidate Short RSA Keys • Microsoft says IE10 will support Do Not Track by default ; violates new specs • Oracle Issues Patch to Fix 14 14 critical Java SE holes
  • 16. Google Fixes Persistent XSS Flaw in Gmail • Google Patches 13 Flaws in Chrome 19 • Adobe delivers sandboxed Flash Player for Firefox users • Patches Photoshop, Illustrator for CS5 Users ; Flash update closes several critical holes • IBM releases software for developing secure mobile apps • McAfee upgrades cloud security and Intel identity kit • AVG spreads its mobile shield • Security analysis tool Trisul 2.4 released • Critical updates for IE, RDP, .NET, Flash and Java • Major shift in strategy for ZeroAccess rootkit malware, as it shifts to user-mode • Dell SecureWorks unveils new managed security services • Lancope unveils new StealthWatch threat intelligence dashboards
  • 17. UPCOMING EVENTS/CONFERENCES http://securityconferences.net nullcon Delhi 2012 26-29 Sept 2012 http://www.nullcon.net/website/
  • 18. Acknowledgements • Ashwin Patil - for template,sources etc. • Riyaz Walikar – for template,format etc. • Comments/feedback : sumeer.kumar@gmail.com Cell: 9900 266 539
  • 20. Id the person and his claim to fame.
  • 22. • Kevin Mitnick • an American computer security consultant, author, and hacker. • In the late 20th century, he was convicted of various computer and communications-related crimes. At the time of his arrest, he was the most-wanted computer criminal in the United States. • Tsutomu Shimomura,an American scientist and computer security expert based in the US together with computer journalist John Markoff, tracked down and helped the FBI arrest hacker Kevin Mitnick. • Takedown, his 1996 book on the subject, was later adapted for the screen in Takedown in 2000.
  • 23. Connect the two pictures.
  • 25. • On the right is a blue box built by Steve Wozniak, on display at the Computer History Museum,USA. • A blue box is an unauthorized electronic device that generates the same tones employed by a telephone operator's dialing console to switch long-distance calls. • Emerging in the 1960s and 70s, it allowed users to route their own calls by emulating the in-band signaling mechanism that then controlled switching in long distance dialing systems. • The most typical use of a blue box was to place free telephone calls. • Steve Wozniak and Steve Jobs, founders of Apple Computer were frequent pranksters using the device. • On one occasion Wozniak dialed Vatican City and identified himself as Henry Kissinger (imitating Kissinger's German accent) and asked to speak to the Pope (who was sleeping at the time).
  • 26. How does this connect with Computer Systems ?
  • 28. • Kerberos is a computer network authentication protocol which works on the basis of "tickets" to allow nodes communicating over a non-secure network to prove their identity to one another in a secure manner. • MIT developed Kerberos and named it after the character Kerberos (or Cerberus) from Greek mythology which was a monstrous three-headed guard dog of Hades.
  • 29. Id the group. What’s the story behind the masks?
  • 31. • Anonymous is a loosely associated hacktivist group that originated in 2003 representing the concept of many online and offline community users simultaneously existing as an anarchic, digitized global brain. • It strongly opposes Internet censorship and has hacked various government websites. • It has also targeted major security corporations. • The Guy Fawkes mask is a stylised depiction of Guy Fawkes, the best-known member of the Gunpowder Plot, an attempt to blow up the English Palace of Westminster in London in 1605. • A stylised mask came to represent broader protest after it was used as a major plot element in V for Vendetta, published in 1982, and its 2006 film adaptation. • After appearing in internet forums, the mask was worn by participants in real-life protests and has become widespread internationally among groups protesting against politicians, banks and financial institutions, such as the Occupy movement.
  • 32. Id this movie with a stellar cast about a group of hackers.
  • 34. • Sneakers (1992) • Minor plot element: • "...Martin, now using the alias "Bishop", runs a tiger team of security specialists who use unorthodox methods of testing physical and electronic security for companies in San Francisco. • The team includes: Donald Crease, a former CIA officer and high-strung family man; Darryl "Mother" Roskow, a conspiracy theorist with unsurpassed technical skills and dexterity; Carl Arbogast, a young genius; and Erwin "Whistler" Emory, a blind phone phreak with perfect pitch and an acute sense of hearing..."
  • 35. Two different covers for the same book. What real life incident is it about?
  • 37. • A first-person account of the hunt for a computer cracker who broke into a computer at the Lawrence Berkeley National Laboratory (LBL) at UC Berkeley. • In 1986,Clifford Stoll (the author) was trying to resolve a USD$ 0.75 accounting error in the computer usage accounts. • He traced the error to an unauthorized user who had apparently used up 9 seconds of computer time and not paid for it, and eventually realized that the unauthorized user was a cracker who had acquired root access to the LBL system by exploiting a vulnerability in the movemail function of the original GNU Emacs.
  • 38. How are these guys famous in the Cyber security World ?
  • 40. • RSA is an algorithm for public-key cryptography that is based on the presumed difficulty of factoring large integers, the factoring problem. • RSA stands for Ron Rivest, Adi Shamir and Leonard Adleman (pictured), who first publicly described it in 1978. • A user of RSA creates and then publishes the product of two large prime numbers, along with an auxiliary value, as their public key. • The prime factors must be kept secret. Anyone can use the public key to encrypt a message, but with currently published methods, if the public key is large enough, only someone with knowledge of the prime factors can feasibly decode the message. • Whether breaking RSA encryption is as hard as factoring is an open question known as the RSA problem.
  • 41. • The _____ worm or Internet worm of November 2, 1988 was one of the first computer worms distributed via the Internet. • It resulted in the first conviction in the US under the 1986 Computer Fraud and Abuse Act. • It was written by a student at Cornell University and launched on November 2, 1988 from MIT.
  • 43. • Morris worm by Robert Tappan Morris. • Robert Tappan Morris is an American computer scientist, best known for creating the Morris Worm in 1988 • He went on to co-found the online store Viaweb, one of the first web-based applications, and later the funding firm Y Combinator - both with Paul Graham. • He is a tenured professor in the department of Electrical Engineering and Computer Science at MIT. • His father was the late Robert Morris, a coauthor of UNIX and the former chief scientist at the National Computer Security Center, a division of the National Security Agency (NSA).
  • 44. X in computing slang refers to an ethical hacker, penetration tester, cracker or security consolidator. • X hackers are computer security experts, who specialize in penetration testing, and other testing methodologies, to ensure that a company's information systems are secure. • X hackers are also called "sneakers",red teams, or tiger teams. • Y is often used figuratively, especially in computing slang, where it refers to a computer security hacker that breaks into networks or computers, or creates computer viruses. • In Western movies, Y is the villain or bad guy, in which such a character would wear a Y in contrast to the hero's X. • Z in the hacking community, refers to a skilled hacker whose activities fall somewhere between X and Y hackers on a variety of spectrums. • It may relate to whether they sometimes arguably act illegally, though in good will, or to how they disclose vulnerabilities. They usually do not hack for personal gain or have malicious intentions, but may be prepared to technically commit crimes during the course of their technological exploits in order to achieve better security. • X,Y and Z ?
  • 46. • X - White hat • Y - Black hat • Z - Grey hat