FBI : A Parent's Guide to Internet Safety

A must read guide from  The Federal Bureau of Investigation (FBI), an agency of the United States Department of Justice for all the parents in the world, advising & trying to make them understand the complexities of online child exploitation.....please click HERE

Case of Albert Gonzalez : The Largest Online Fraud in U.S. History

1. This case that I recently read in brief pertains to an interesting online fraud case against Albert Gonzalez.I have made it in a sequential point to compress the complete story for easy reading and grasping :

(a) Albert started using computers at an early age, and while in high school, managed to hack into the Government of India's website[ :( ]. Sadly, he was not charged at this stage and only warned to stay away from computers for six months.

(b) At the age of 19, he started his own group of hackers, named ShadowCrew, which trafficked over a million credit card numbers for use in online fraud. When the FBI finally managed to shut the group down, Albert was charged. However, he worked with the investigators and gave away vital information on his cohorts and did not need to serve a sentence. 

(c) Still on,Albert after two years worth of hardwork(????) compromised on sensitive data including 45.6 million credit and debit cards.

(d) TJX Companies notified the authorities of their data leakage. Albert had the abilities to crack and hack his way through, but the low security measures didn't help TJX. Albert was able to install his malware and sniffing software onto the networks of TJX and all the stores operating under them, even outside of the United States. TJX discovered the breach in December of 2006 and was under the belief that they had only been losing data for the past six to seven months, dating back to May 2006. After further investigation, they found that they were losing sensitive data since 2005. Albert had already moved on to bigger and better operations by the time TJX had even started discovering the extent of their security breach.

(e) Gonzalez and his accomplices used SQL injection techniques to create malware backdoors on several corporate systems in order to launch packet sniffing (specifically, ARP Spoofing) attacks which allowed him to steal computer data from internal corporate networks.

(f) During his spree he was said to have thrown himself a $75,000 birthday party and complained about having to count $340,000 by hand after his currency-counting machine broke.(ha ha ha.....wow!!!!anyway)

(g) Gonzalez had three federal indictments:

- May 2008 in New York for the Dave & Busters case (trial schedule September 2009)

- May 2008 in Massachusetts for the TJ Maxx case (trial scheduled early 2010)

- August 2009 in New Jersey in connection with the Heartland Payment case.

(h). On March 25, 2010, Gonzalez was sentenced to 20 years in federal prison.

2. For details of the case with many links please visit HERE

Operation Pay Back & LOIC

A good one to read about the link between Mega D Botnet,Operation Pay Back with the aid of LOIC @ here

Full stop from being tracked online :An attempt from FIREFOX

1.  Firefox is working on a system which will provision web surfers to stop from being tracked online.We all know how  behemoths viz Google,Facebook and a plethora of OWMs use such information to sell targeted adverts and make money without ever asking the consent of the user.Such a move would be welcomed by privacy campaigners who have long complained that Google & Facebook are taking indecorums with the information .Currently these information seeking companies make use of 'cookies' that automatically save themselves onto users computer when they surf the web, and then keep a track of the browsing history.This data is then sold on to advertisers who put highly lucrative targeted ads on the individual's screen, depending on what internet pages they have recently been looking at. 

2.  Vice president of engineering at Mozilla,Mike Shaver,summed up the plan by saying the aim was to "put the user in control but not overwhelm them".And this would not only be a welcome step being used against information thefts but also actually be a booon for users who have been taken on a ride for so long on which they never ever desired to also......

Removing METADATA from JPEG & IMAGE FILES

1.    Invariably we all find various images from the net for our routine use,download them,modify them and use them in our sites and posts....but are we authorised to do so?...coz each jpeg and image file by a digital camera holds info in form of metadata and in few cases...the images may be copy right which may inadvertently rule against the user....so what to do to ensure safe...simple ...remove metadata from the image....but how?...here comes jhead for your help.Read and follow the instructions below :

- Press Start & Run or Windows key + R to open Run menu, type cmd.exe and press OK

- Type cd\     [To reach root directory]

- Type C:\md removemetadata     [To create a new directory by the name removemetadata]

- Type C:\cd removemetadata      [To reach the directory and Copy all pictures whose metadata is to be removed to this directory ]

- Download the program file jhead.exe to C:\removemetadata

- Type cd removemetadata

- To remove all metadata of all JPEG files in "this dir, type: jhead -purejpg * and press enter

- Done

2.    So doing this small,boring but important function will avoid case study like the mumbai case mentioned at an earlier post.

3.    Another easy way is to simply take a screen shot of the image and paste it in paint brush.But this would be cumbersome to do when the images are in bulk quantity.To download JHEAD...click here

Get Paid to Hack GOOGLE

1.    Google has made it official now vide which Google willl pay $500 and $3,133 to people who discover security vulnerabilities in its websites and online applications.......Google calls the program "experimental," but says it gives security researchers new incentives to report Web flaws directly and in real time to Google's security team thereby improving upon zero day exploit matters.

2.    This provisions  Google a chance to fix the vulnerabilities before it is exploited the way it should be. So, in order to qualify, security researchers must privately disclose new flaws to Google first before they go public with their research. Thus depending on the extent and scale of vulnerability made known to google,so will be the prize money awarded....And Google says that participants shouldn't use automated tools to search for flaws

 

MICROSOFT & Failures!!!

1.     For a IT giant like MicroSoft,this would not sync well,but for Microsoft,the year 2010 has seen more of closures of major projects launched with lots of promises and fanfare but somehow unfortunately it did not go the way microsoft desired tooo...and so had to be shut down in the same year....the list goes like this with some details in few lines ....

• February 2010 saw Microsoft announcing discontinuation of "Xbox Live service for original Xbox consoles and games.

• April 2010, Microsoft confirmed stopped working on tablet project, codenamed Courier which was touted to be an Apple iPad rival. 

• September 2010, Microsoft announced that the Windows Live Spaces blogging service will be Terminate gradually in favour of WordPress.com.

• May 2010, Microsoft announced halt on the Response Point phone system. 

• June 2010 saw Microsoft announcing discontinuation its new generation of smartphones.

• September 2010, Microsoft announced closure of Vine, a service built to help keep friends and family in touch during emergencies. 

2.      Thanks TimesofIndia

Mozilla @ Prone again!!!!

1.    Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x through 3.6.11, when JavaScript is enabled, allows remote attackers to execute arbitrary code via vectors related to nsCSSFrameConstructor::ContentAppended, the appendChild method, incorrect index tracking, and the creation of multiple frames, which triggers memory corruption, as exploited in the wild in October 2010 by the Belmoo malware.

2.    Thanks http://www.us-cert.gov

Bredolab grabs Attention

1.    A 27-year-old Armenian man has been charged as being the mastermind behind the Bredolab botnet, a network of millions of compromised computers worldwide.Main features of this trojan botnet are enumerated below for info : 

• Users of computers with viruses from this network will receive a notice of at the time of next login with information on the degree of infection. 
• Bredolab, known for spreading spam and rogue antivirus, is thought by some experts to have infected at least 30 million computers.
• Spread via drive-by attack websites and spam email attachments.
• Infecting machines with a backdoor that downloads additional malware without the victim's knowledge. 
• Sends out spoofed password reset messages to Facebook users in an attempt to spread malware and infect users of the social network.
• Has the power to obtain information on the user's computer including the ability to copy, change or delete files and other information," 
• Pushdo botnet uses Facebook to spread malicious email attachment: A phony message warns users that their Facebook password has been reset.
• Majority of infections are in the U.S. and the U.K. and many Western European countries.
• Discovered by the Dutch High Tech Crime Team in the late summer.
• Capable of infecting 3 million computers a month. The botnet network used servers hired in the Netherlands from a reseller of LeaseWeb, which is the largest hosting provider in the Netherlands, and one of the largest hosts in Europe.
• Able to constantly change its appearance to avoid detection by traditional antivirus signatures. Like other botnets, the Trojan communicated with the command-and-control server using encrypted messages.

Adobe flash Player hit!!!!

1.    A critical vulnerability has been exposed in Adobe Acrobat 9.4 and earlier 9.x versions for Windows and Macintosh operating systems & Adobe Flash Player 10.1.85.3 and prior versions for Windows, Macintosh, Linux and Solaris operating systems; Adobe Flash Player 10.1.95.2 and earlier versions for Android; and the authplay.dll component .

2.   This exploit (CVE-2010-3654) could cause a crash and provision attacker into the drivers seat to take control of the affected system. 

3.   Adobe has released recommendations of how to avoid becoming a target on the subject matter but is still working in labs to find a fix.....click here for more