Breaking TOR security presentation on Black Hat Cancelled

<div dir="ltr" style="text-align: left;" trbidi="on"> <div class="separator" style="clear: both; text-align: center;"> <a href="http://4.bp.blogspot.com/-sTbOIWahDc0/U865ZPMEcZI/AAAAAAAADTI/evRQxmGAOgA/s1600/torbreach-650x330.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="Black Hat presentation on unmasking TOR, Breaking TOR security presentation on Black Hat Cancelled, Black Hat presentation on TOR has been withdrawn, Talk on cracking Tor cancelled, tor and black hat" border="0" src="http://4.bp.blogspot.com/-sTbOIWahDc0/U865ZPMEcZI/AAAAAAAADTI/evRQxmGAOgA/s1600/torbreach-650x330.jpg" title="Breaking TOR security presentation on Black Hat Cancelled" /></a></div> Two researcher who have <a href="http://www.cyberkendra.com/2014/07/two-hackers-claims-to-break-tor-security.html" target="_blank">claimed to break the security of the TOR</a> anonymity Network in the low budget of $3,000, which was going to demonstrate in the up coming hackers conference Black Hat 2014, had been cancelled.<br /> <br /> The Black Hat organizers recently <a href="https://www.blackhat.com/latestintel/07212014-a-schedule-update.html" target="_blank">announced</a> that a talk entitled “You Don’t Have to be the NSA to Break Tor: Deanonymizing Users on a Budget” by researchers <b>Alexander Volynkin</b> and <b>Michael McCord</b> from Carnegie Mellon University’s Computer Emergency Response Team (CERT) was canceled at the request of the legal counsel of the university’s Software Engineering Institute because it had not been approved for public release.<br /> <div style="text-align: center;"> <script async="" src="//pagead2.googlesyndication.com/pagead/js/adsbygoogle.js"></script> <!-- Nick --> <br /> <ins class="adsbygoogle" data-ad-client="ca-pub-1618281995222563" data-ad-slot="2512029935" style="display: inline-block; height: 60px; width: 468px;"></ins><script> (adsbygoogle = window.adsbygoogle || []).push({}); </script></div> <a href="http://www.cyberkendra.com/search/label/TOR%20Network" target="_blank"><b>Tor</b></a>, commonly called The Onion Router, started out as a project of the U.S. Naval Research Laboratory, but is now developed and maintained by a nonprofit organization called The Tor Project. The software allows users to access resources on the Internet masking their real IP (Internet Protocol) addresses, a feature that is uses by both cyber criminals and  those with legitimate interests in preserving their anonymity.<br /> <div> <br /></div> On Monday, <b>Roger Dingledine</b>, a co-founder of the TOR organization, <a href="https://lists.torproject.org/pipermail/tor-talk/2014-July/033954.html" target="_blank">wrote</a> on the mailing list that some of the research materials of researcher <b>Volynkin</b> informally shared with the TOR Projects. TOR Project have not requested for the talk to cancelled - <b>Dingledine </b>added. He says that they have not received any slides or description about the Volynkin research.<br /> <div> <br /></div> <div> Dingledine have appreciated the researcher and encourage research on the Tor network along with responsibledisclosure of all new and interesting attacks. </div> <blockquote class="tr_bq"> Researchers who have told us about bugs in the past have found us pretty helpful in fixing issues, and generally positive to work with - he added</blockquote> </div>

Breaking TOR security presentation on Black Hat Cancelled

Two researcher who have claimed to break the security of the TOR anonymity Network in the low bu...

Read more »

Google Announced Email notification for Webmaster tools Message

<div dir="ltr" style="text-align: left;" trbidi="on"> <div class="separator" style="clear: both; text-align: center;"> <a href="http://4.bp.blogspot.com/-rkKY_C3DT8c/U86sJkwDblI/AAAAAAAADS4/niz0Z_AvaIs/s1600/BtKo4xQCEAA4uij.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="Google Webmaster tools Message , Webmaster tools features, free Webmaster tools , Google SEO guide" border="0" src="http://4.bp.blogspot.com/-rkKY_C3DT8c/U86sJkwDblI/AAAAAAAADS4/niz0Z_AvaIs/s1600/BtKo4xQCEAA4uij.png" title="Google Announced Email notification for Webmaster tools Message " /></a></div> This is a good news for all blogger and Google webmaster tool users, that Google have <a href="https://support.google.com/webmasters/answer/140528" target="_blank">added a new features</a> on it webmaster tool service. Now Google will send a email notification to your associated email about the error that Google finds with your site.<br /> <br /> Whenever Google finds a error with your site, which may be Error in crawling, broken links, spam or optimization issue, you will get the alert message in the inbox of your webmaster account. But now Google will also forward same error message to your associated email accounts also.<br /> <br /> For the setting up the email notification and want to <b>Forward your Webmaster tools message to email</b> just follow below simple steps-<br /> <ol style="text-align: left;"> <li>On the Webmaster Tools home page, click the gear icon <img src="https://storage.googleapis.com/support-kms-prod/SNP_3111921_en_v0" />.</li> <li>Click <b>Webmaster Tools Preferences</b>.</li> <li>In the <b>Forward messages</b>, select the email address you want to use. You can also change the language of the messages you receive.</li> </ol> Google will only display the email addresses associated with your <a href="http://www.google.com/accounts">Google Account</a>. If the email address you want to use is not listed, you should add it to your Google Account.<br /> <b>For Add an email address to your Google Account </b>just follow simple steps-<br /> <ol style="text-align: left;"> <li>Sign in to Google Accounts.</li> <li>Under <b>Personal settings</b>, in the <b>Email addresses</b> section, click <b>Edit</b>.</li> <li>Add your email address.</li> </ol> </div>

Google Announced Email notification for Webmaster tools Message

This is a good news for all blogger and Google webmaster tool users, that Google have added a new...

Read more »

Alleged Windows 9 Screenshot Leaked shows new Start Menu

<div dir="ltr" style="text-align: left;" trbidi="on"> <div class="separator" style="clear: both; text-align: center;"> <a href="http://3.bp.blogspot.com/-L1BEFiHuknc/U83helxv-GI/AAAAAAAADSo/_oOD1ruKKl8/s1600/windows9leak1-640x480.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="Windows 9, Download windows 9, Free download Windows 9, Windows 9 leaked" border="0" src="http://3.bp.blogspot.com/-L1BEFiHuknc/U83helxv-GI/AAAAAAAADSo/_oOD1ruKKl8/s1600/windows9leak1-640x480.jpg" title="Alleged Windows 9 Screenshot Leaked" /></a></div> It is confirmed that Microsoft is working with the next upcoming version of the Windows operating system, which may be Windows 9. And in the coming version of Windows, Microsoft will have some new features and looks for it. It is been rumor that Microsoft is giving a UI flat design and Metro style in Start Menu.<br /> <br /> According to the recent <a href="http://www.myce.com/news/new-threshold-screenshots-show-start-menu-and-windowed-apps-72259/" target="_blank">leaks screenshots</a> of the latest windows developing version which shows build Windows 8.1 pro, which may be <a href="http://www.cyberkendra.com/2014/01/microsoft-reportedly-planning-windows-9.html" target="_blank">Windows 9 can be release next year</a>.<br /> <br /> The <a href="http://www.cyberkendra.com/2013/04/some-looks-of-upcoming-window-9.html" target="_blank">leak Screenshots</a> confirm about the metro style of the Start menu, and operating system have flat UI designed. It is being says that one new feature that Microsoft could be implementing could be <b><a href="http://www.cyberkendra.com/2014/04/cortana-microsoft-virtual-assistant-for.html" target="_blank">Cortana</a></b> which would see the Windows Phone voice assistant brought onto PCs.<br /> <br /> Microsoft is expected to<a href="http://www.cyberkendra.com/2014/05/leaked-image-revealed-windows-9-and.html" target="_blank"> release latest Windows</a> "Threshold" in early 2015, alongside improvements to the Xbox One operating system and a combined version of Windows Phone and Windows RT. The combination of Windows RT and Windows Phone will finally drop the desktop mode, and focus on "Metro-style" apps over traditional x86 desktop applications.</div>

Alleged Windows 9 Screenshot Leaked shows new Start Menu

It is confirmed that Microsoft is working with the next upcoming version of the Windows operating...

Read more »

Vodafone India Official Twitter account Hacked

<div dir="ltr" style="text-align: left;" trbidi="on"> <div class="separator" style="clear: both; text-align: center;"> <a href="http://2.bp.blogspot.com/-Iwoo3xVWx7Q/U83bVUihrII/AAAAAAAADSY/8ov0hodKrao/s1600/vodafone-twitter-hack7.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="Vodafone India, twitter account hacked, phishing attack" border="0" src="http://2.bp.blogspot.com/-Iwoo3xVWx7Q/U83bVUihrII/AAAAAAAADSY/8ov0hodKrao/s1600/vodafone-twitter-hack7.png" title="Vodafone Official Twitter account Hacked" /></a></div> Last weekend. the official twitter account of Vodafone Indian (@vodafoneIN) have been hacked by the unknown hacker. With the compromised account hacker have posted some inappropriate tweets and message to its followers.<br /> <br /> Vodafone Twitter account is a verified account, having the more then 195k followers. This if the hackers have post some phishy link or some malicious link then there would be number of users get the victim. But hacker have just posted the inappropriate text continuously.<br /> <br /> The tweet message reads as-<br /> <blockquote class="tr_bq"> @Alejopxiis Hey this Horny chick on KIK wants to chat with you ;) her username is kizzydreamz2</blockquote> The spam tweets was last for more than two hours before the Vodafone twitter handler came to notice about the compromised. But within these two hours thousands of its followers have started making fun with the Vodafone India, and comments some kickout tweets.<br /> <br /> After gaining back the twitter account Vodafone India have confirmed about the hack and deleted all the spam tweets.<br /> <div style="text-align: center;"> <blockquote class="twitter-tweet" lang="en"> Earlier today, our Twitter account was briefly compromised & some inappropriate messages were sent. These comments have been removed. (1/2)<br /> — Vodafone India (@VodafoneIN) <a href="https://twitter.com/VodafoneIN/statuses/490854480775098368">July 20, 2014</a></blockquote> <script async="" charset="utf-8" src="//platform.twitter.com/widgets.js"></script></div> <div style="text-align: center;"> <blockquote class="twitter-tweet" lang="en"> We assure you that our customer service is happy to help as always on any service related queries. (2/2)<br /> — Vodafone India (@VodafoneIN) <a href="https://twitter.com/VodafoneIN/statuses/490854532948049920">July 20, 2014</a></blockquote> <script async="" charset="utf-8" src="//platform.twitter.com/widgets.js"></script></div> This is not been cleared that how hackers have managed to gain access to the twitter account, but there may be a chance of weak password or a phishing attack could be the  reason of hack. </div>

Vodafone India Official Twitter account Hacked

Last weekend. the official twitter account of Vodafone Indian (@vodafoneIN) have been hacked by t...

Read more »

Researcher Identifies Suspicious 'backdoors' Running on Every iOS Device

<div dir="ltr" style="text-align: left;" trbidi="on"> <div class="separator" style="clear: both; text-align: center;"> <a href="http://4.bp.blogspot.com/-Opd7LWCy-Yo/U81gRoTVtdI/AAAAAAAADSI/e6De9OQFikA/s1600/Apple-Logo11.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="Apple backdoor, Apple iOS spying, ioS hacked, Apple ios backdoor" border="0" src="http://4.bp.blogspot.com/-Opd7LWCy-Yo/U81gRoTVtdI/AAAAAAAADSI/e6De9OQFikA/s1600/Apple-Logo11.png" title="Researcher Identifies Suspicious 'backdoors' Running on Every iOS Device" /></a></div> Researcher <a href="http://www.zdziarski.com/blog/">Jonathan Zdziarski</a>, who is also a forensic scientist and author have identifies that there are many <b>hidden service in Apple iOS device</b> that are being used to <b>bypass the backup encryption on iOS device</b>, and with a backdoor also. On the <a href="http://www.zdziarski.com/blog/wp-content/uploads/2014/07/iOS_Backdoors_Attack_Points_Surveillance_Mechanisms.pdf" target="_blank">Slide/ paper</a> that he published at the <a href="http://www.hope.net/">Hackers On Planet Earth</a> (HOPE/X) conference in New York called Identifying Backdoors, Attack Points, and Surveillance Mechanisms in iOS Devices reveals many undocumented and hidden features and services on Apple iOS device.<br /> <br /> <span style="font-size: large;"><b>Who is Zdziarski</b></span><br /> Zdziarski, also known as the hacker "NerveGas" in the iPhone development community, worked as dev-team member on many of the early iOS jailbreaks and is the author of five iOS-related O’Reilly books including "Hacking and Securing iOS Applications."<br /> <div> Zdziarski found that there are many service on the iOS device which don't have any reason to be on the device and several such service have the ability to bypass the iOS backup encryption. </div> <div style="text-align: center;"> <script async="" src="//pagead2.googlesyndication.com/pagead/js/adsbygoogle.js"></script> <!-- Nick --> <br /> <ins class="adsbygoogle" data-ad-client="ca-pub-1618281995222563" data-ad-slot="2512029935" style="display: inline-block; height: 60px; width: 468px;"></ins><script> (adsbygoogle = window.adsbygoogle || []).push({}); </script></div> <div> <span style="font-size: large;"><b>file_relay Backdoor</b></span>  </div> <div> One of the services in iOS, called mobile file_relay, can be accessed remotely or through a USB connection can be used to bypass the backup encryption. If the device has not been rebooted since the last time the user entered the PIN, all of the data encrypted via data protection can be accessed, whether by an attacker or law enforcement, Zdziarski said.</div> <div> <br /></div> <div> <span style="font-size: large;"><b>HTTP Packet Capturing</b></span></div> <div> Moreover, Zdziarski have designed several methods to get the forensic data from iOS device, have also noted that there is a packet capturing tool present in every of the iOS device. This tool dump all the inbound and outbound HTTP data of device and it run silently in backgrounds without the prior notice of users. </div> <div> <br /></div> <div> There is an another tool called file_relay, which have the ability to dump a list of email and social media accounts and the address book which contains screenshots , keyboard typing cache, copy paste data and other personal data too. The tool can also provide a log of periodic location snapshots from the device.</div> <div> <br /> Undocumented iOS services exposed by Zdziarski (like "lockdownd," "pcapd" and "mobile.file_relay") can bypass encrypted backups and be accessed via USB, wifi and "maybe cellular." Most suspicious about the undocumented services is that they're not referenced in any Apple software.</div> <div> <div style="text-align: center;"> <script type="text/javascript"><!-- google_ad_client = "ca-pub-1618281995222563"; /* Likes */ google_ad_slot = "7085300730"; google_ad_width = 468; google_ad_height = 15; //--> </script> <script src="http://pagead2.googlesyndication.com/pagead/show_ads.js" type="text/javascript"> </script></div> </div> <div> In the last slides of the <a href="http://www.zdziarski.com/blog/wp-content/uploads/2014/07/iOS_Backdoors_Attack_Points_Surveillance_Mechanisms.pdf" target="_blank">published PDF</a>, points that</div> <ul style="text-align: left;"> <li>Apple is dishing out a lot of data behind users backs</li> <li>It’s a violation of the customer’s trust and privacy to bypass backup encryption</li> <li>There is no valid excuse to leak personal data or allow packet sniffing without the user’s knowledge and permission.</li> <li>Much of this data simply should never come off the phone, even during a backup.</li> <li>Apple has added many conveniences for enterprises that make tasty attack points for .gov and criminals</li> </ul> <div> Researcher says that some of the undocumented service is similar to the <a href="http://www.cyberkendra.com/2014/01/DROPOUTJEEP-NSA-Apple-iPhone-hacking-tool.html" target="_blank">NSA tool DROPOUTJEEP</a> , which was reveal by the Edward Snowden leaks. </div> <div> <br /></div> <div> <span style="font-size: large;"><b>Users to Follow</b></span></div> <div> For the security concerns Zdziarski recommend several points as like </div> <div> <ul style="text-align: left;"> <li>Users have to set the complex password </li> <li>Aked to install the Apple Configurator application</li> <li>set enterprise Mobile Device Management (MDM) restrictions on your device</li> </ul> <div> At this time Apple have not commented anything about this reveals, but as we get further details on this will update the post.</div> </div> </div>

Researcher Identifies Suspicious 'backdoors' Running on Every iOS Device

Researcher Jonathan Zdziarski , who is also a forensic scientist and author have identifies that ...

Read more »

NASDAQ System hacked through two Zeroday Vulnerability

<div dir="ltr" style="text-align: left;" trbidi="on"> <div class="separator" style="clear: both; text-align: center;"> <a href="http://3.bp.blogspot.com/-i3uyeJNxRqU/U80tAHjRn6I/AAAAAAAADR4/FNt8-8Jx_Ko/s1600/Nasdaq-Futures1.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="NASDAQ hacked, How NASDAQ hacked, NASDAQ zeroday, facebook and NASDAQ " border="0" src="http://3.bp.blogspot.com/-i3uyeJNxRqU/U80tAHjRn6I/AAAAAAAADR4/FNt8-8Jx_Ko/s1600/Nasdaq-Futures1.jpg" title="NASDAQ System hacked through two Zeroday Vulnerability" /></a></div> Four years ago, Russian hackers have hacked into the system of  NASDAQ stock exchange, which have caused several damaged to the sock market and also brought down the entire financial structure of United State. And after the fours years, FBI team and investigator of this incident haven't identified the hackers behind it. But sources says that the attacker was not a teen or a student, but it may be the intelligence agency of other countries.<br /> <br /> After successfully exploiting the NASDAQ server, hackers have used a malware into the attack, which have the capability to extract data from the systems and carry out surveillance as well. However researcher says that the malware was designed to infect the wide spread system of the NASDAQ.<br /> <div style="text-align: center;"> <script async="" src="//pagead2.googlesyndication.com/pagead/js/adsbygoogle.js"></script> <!-- Nick --> <br /> <ins class="adsbygoogle" data-ad-client="ca-pub-1618281995222563" data-ad-slot="2512029935" style="display: inline-block; height: 60px; width: 468px;"></ins><script> (adsbygoogle = window.adsbygoogle || []).push({}); </script> </div> According to the<a href="http://www.businessweek.com/articles/2014-07-17/how-russian-hackers-stole-the-nasdaq#p2" target="_blank"> recent reports  by the Businessweek</a>, reveals that the attack was carried out by leveraging two zero-day vulnerabilities, which allowed the intruders to insert malicious code into the systems of Nasdaq and have access to them for at least three months prior to the detection of the attack.<br /> <br /> The report of the compromise was already given to NASDAQ, but had neglected the issue. After that National Security Agecy (NSA) were called to investigate the hack incident. After the five months of investigation by FBI , NSA and CIA, it was uncovered that the malware used two unnamed Zero-day security flaws, for which there were no patches existed. <br /> <br /> NSA point out that the code of the malware was similar to the malware previously used by the Russia’s espionage agency Russian Federal Security Service. It appears that the ability of the malware is simple spying on the financial activity of the NASDAQ.<br /> <div> <br /></div> Forensic investigator of the hack incidents says that NASDAQ system had a poor security and thus highly vulnerable to the hackers attacks. The investigator also founds evidence  that several outside group have access to the NASDAQ information, but who are they, is not been clear.<br /> <div> <br /></div> <blockquote class="tr_bq"> Bloomberg reports that one of the forensic investigators referred to the Nasdaq’s systems as “the dirty swamp,” because very few records were available that would have revealed daily activities on the servers and would have helped retrace the steps of the intruders.</blockquote> <br /> Nasdaq spokesperson says that the malware did not reach the stock exchange, as originally stated in the cover story headline. "The events of four years ago, while sensationalized by Businessweek, only confirmed what we have said historically: that none of Nasdaq's trading platforms or engines were ever compromised, and no evidence of exfiltration exists from directors' desks," said NASDAQ spokesman Ryan Wells. <br /> <div> <br /></div> <div> The investors also reveals that attacker have not attacked into the other financial business system, as attacker can easily expand its attack with exploiting same vulnerability on other business system too. </div> </div>

NASDAQ System hacked through two Zeroday Vulnerability

Four years ago, Russian hackers have hacked into the system of  NASDAQ stock exchange, which have...

Read more »

Wall Street Journal Facebook Page Hacked by Unknown Hacker

<div dir="ltr" style="text-align: left;" trbidi="on"> <div class="separator" style="clear: both; text-align: center;"> <a href="http://1.bp.blogspot.com/-BMfTgYyicaI/U8viCDS6JuI/AAAAAAAADRY/Bjv08VTYrws/s1600/10530752_10152616261228128_2260167385750127595_n.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="WSJ hacked, facebook page hacked, hackers hacked WSJ" border="0" src="http://1.bp.blogspot.com/-BMfTgYyicaI/U8viCDS6JuI/AAAAAAAADRY/Bjv08VTYrws/s1600/10530752_10152616261228128_2260167385750127595_n.jpg" title="Wall Street Journal Facebook Page Hacked by Unknown Hacker" /></a></div> An unknown hacker have hacked the American based media "Wall Street Journal" Facebook page and posted  crash reports of Air Force One. On the same region here Malaysian MH17 shooted down. As the Facebook page of WSJ is actively popular, readers had took the news seriously as the Air Force One ferries the President of United States of America. <br /> <div class="separator" style="clear: both; text-align: center;"> <a href="http://4.bp.blogspot.com/-U4_9NIgwARc/U8viHwUYRiI/AAAAAAAADRg/Y9pz_gUnp6s/s1600/2nR5eFQ.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="" border="0" src="http://4.bp.blogspot.com/-U4_9NIgwARc/U8viHwUYRiI/AAAAAAAADRg/Y9pz_gUnp6s/s1600/2nR5eFQ.png" title="fake news of reports of Air Force One - WSJ" /></a></div> <br /> <div class="separator" style="clear: both; text-align: center;"> <a href="http://3.bp.blogspot.com/-WqgIWh311Uk/U8viH6wALUI/AAAAAAAADRk/A0BOc8nLBvE/s1600/Untitled.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="" border="0" src="http://3.bp.blogspot.com/-WqgIWh311Uk/U8viH6wALUI/AAAAAAAADRk/A0BOc8nLBvE/s1600/Untitled.png" title="news of Vice President Joe Biden" /></a></div> <div style="text-align: center;"> <br /></div> After some time (about 15 minutes) of the first post, hackers have also posted the news of Vice President Joe Biden addressing the nation (USA) in 15 minutes. With this news readers were confused too. The Air Force One is the official air traffic control call sign of a United States Air Force aircraft carrying the President of the United States. In layman terms it refers to the Air Force aircraft specifically designed, built, and used for the purpose of transporting the president.<br /> <br /> After some minutes of the hackers post, Wall Street Journal have confirmed that their Page have been compromised and says all the post were fake. As there were no such damaged caused as non of the major  media have carried such news on the topic.<br /> <div style="text-align: center;"> <div id="fb-root"> </div> <script>(function(d, s, id) { var js, fjs = d.getElementsByTagName(s)[0]; if (d.getElementById(id)) return; js = d.createElement(s); js.id = id; js.src = "//connect.facebook.net/en_US/all.js#xfbml=1"; fjs.parentNode.insertBefore(js, fjs); }(document, 'script', 'facebook-jssdk'));</script> <div class="fb-post" data-href="https://www.facebook.com/wsj/posts/10152643597478128" data-width="466"> <div class="fb-xfbml-parse-ignore"> <a href="https://www.facebook.com/wsj/posts/10152643597478128">Post</a> by <a href="https://www.facebook.com/wsj">The Wall Street Journal</a>.</div> </div> </div> On the apologize post, Wall Street Journal have got tonnes of the comments of their security and one of the member also comment for keeping the password as simple as "newyorktimes".<br /> <br /> This shows that how a social media can make change or bring changes on our daily life. It was good that attacker have not used or post any spam link, which targets Wall Street Journal readers. As page is much popular with the 2.8 millions of likes and with the 135,000 of daily active users, attacker can easily get the tonnes of the victims.<br /> <br /></div>

Wall Street Journal Facebook Page Hacked by Unknown Hacker

An unknown hacker have hacked the American based media "Wall Street Journal" Facebook p...

Read more »

Kim Dotcom's Mega Blocked by Italian Court

<div dir="ltr" style="text-align: left;" trbidi="on"> <div class="separator" style="clear: both; text-align: center;"> <a href="http://2.bp.blogspot.com/-fmHUy5juBDQ/U8s4A2592UI/AAAAAAAADRI/PWxjBAzhtes/s1600/2012121027mega.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="Mega blocked, Mega Banned, Dotcom's mega seized" border="0" src="http://2.bp.blogspot.com/-fmHUy5juBDQ/U8s4A2592UI/AAAAAAAADRI/PWxjBAzhtes/s1600/2012121027mega.jpg" title="Kim Dotcom's Mega Blocked by Italian Court" /></a></div> The Italian judges seems to be very strict on piracy concerns, as Italian court have ordered to ban Kim Dotcom's Mega over the country. With the so many of the serious <a href="http://www.cyberkendra.com/search/label/Censored" target="_blank">censorship</a> taken against torrents site, now Italian court have censored Dotcom's new project Mega. Mega helps in distribution of the pirated movies over the internet.<br /> <br /> After the seized of its earlier biggest hosting Mega Cloud, Kim Dotcom's have recently<a href="http://www.cyberkendra.com/2013/01/mega-dot-com-launched.html" target="_blank"> started a new project called Mega</a>. It seems that many of the countries authority is still watching Mega for the Piracy concerns.<br /> <div style="text-align: center;"> <script async="" src="//pagead2.googlesyndication.com/pagead/js/adsbygoogle.js"></script> <!-- Nick --> <br /> <ins class="adsbygoogle" data-ad-client="ca-pub-1618281995222563" data-ad-slot="2512029935" style="display: inline-block; height: 60px; width: 468px;"></ins><script> (adsbygoogle = window.adsbygoogle || []).push({}); </script></div> The order for the ban has been taken after a small independent movie distributor in Italy, Eyemoon Pictures, complained to the judges that two of its movies, “The Congress” and “Fruitvale Station” were being distributed on the platform before the films even hit cinemas, <a href="http://torrentfreak.com/dotcoms-mega-blocked-italy-piracy-concerns-140719/">TorrentFreak</a> reports. <br /> <br /> On this issue Mega's lawyer says that this is disproportionate, as just of two movies whole service has been ban over the country. As after the upload of the movie files, Mega have filed a takedown notice, and Mega itself have removed the content without going through the court of law.<br /> <br /> Mega says that it would appeal the court for the ban, as there are still many was for Iranians users to use the service after the ban. Users can use <a href="http://www.cyberkendra.com/2014/03/google-public-dns-server-hijacked.html" target="_blank">Google public DNS</a> or can use VPN service to bypass the ban.<br /> <br /> With the ban of Mega, another banned site was the Russian-based email service Mail.Ru, which amounts to yet another inexplicable decision.<br /> <br /> Along with this the Court of Rome has issued a nation-wide block of two dozen sites that facilitated the distribution of pirated movies. You can <a href="http://censura.bofh.it/elenchi.html" target="_blank">check the list of the domains</a> that were ordered to block.<br /> <div> <br /></div> </div>

Kim Dotcom's Mega Blocked by Italian Court

The Italian judges seems to be very strict on piracy concerns, as Italian court have ordered to b...

Read more »

Critroni, crypto ransomware using Tor Network for Command and Control

<div dir="ltr" style="text-align: left;" trbidi="on"> <div class="separator" style="clear: both; text-align: center;"> <a href="http://2.bp.blogspot.com/--mSwo53lfqE/U8qx7KK3jEI/AAAAAAAADQ4/SVx-VnnLt9c/s1600/ransomware-161113+(1).jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="http://2.bp.blogspot.com/--mSwo53lfqE/U8qx7KK3jEI/AAAAAAAADQ4/SVx-VnnLt9c/s1600/ransomware-161113+(1).jpg" /></a></div> Another new crypto <a href="http://www.cyberkendra.com/search?q=ransomware" target="_blank">ransomware</a> know as <b>Critroni </b>is being sold in underground forums from last month or so and is now being dropped by the Angler exploit kit. This ransomware have some unique features that researcher have not seen on earlier crypto ransomware. The most interesting features of <b>Critroni ransomware is that it uses TOR network for command and control</b>.<br /> <br /> The attack of ransomware malware have been active from last year, and we have seen many of the ransomware incidents, specially the Crypto Locker. As CryptoLocker have the ability to encrypt all the files and data on the infected computers and ask <a href="http://www.cyberkendra.com/search?q=ransomware" target="_blank">ransomware</a> in order to unlock it.<br /> <div style="text-align: center;"> <script async="" src="//pagead2.googlesyndication.com/pagead/js/adsbygoogle.js"></script> <!-- Nick --> <br /> <ins class="adsbygoogle" data-ad-client="ca-pub-1618281995222563" data-ad-slot="2512029935" style="display: inline-block; height: 60px; width: 468px;"></ins><script> (adsbygoogle = window.adsbygoogle || []).push({}); </script></div> <span style="font-size: large;"><b>Details of Critroni Ransomware</b></span><br /> Currently Critroni ransomware is selling for $3,000 in underground forums and researchers says that it is using by numbers of attackers. Many of the attacker is using Angler exploit Kit to spread the spambot on the victim machine. The Spambot then downloads couples of other payloads and with Critroni into the victim machine. Critroni is currently available in English and Russian language, so these language relating countries have more number of infected users.<br /> <br /> <span style="font-size: large;"><b>How it works</b></span><br /> According to the French security researcher who uses the handle <b>Kafeine</b>, is <a href="http://malware.dontneedcoffee.com/2014/07/ctb-locker.html" target="_blank">analyzing the  threats</a>, the a users get infected by Critroni ransomware, it encrypts all the files and data (such as doc files, videos, photos ) of the infected computer. After that is display the dialog box informing the users about the infection and demands a ransom in Bitcoin in order to decrypt the files. Critroni gives 72 hours to the users to pay. Additionally, for those users who don't have bitcoins, Critroni ransomware provides a helpful tips on how to get the Bitcoins.<br /> <br /> As already says, Critroni ransomware unique features is that, it uses <a href="http://www.cyberkendra.com/search?q=TOR" target="_blank">TOR hidden network</a> for the command and control, which is been not seen in any of the earlier crypto ransomware.<br /> <br /> “It uses C2 hidden in the Tor network. Previously we haven’t seen cryptomalware having C2 in Tor. Only banking trojans,” said Fedor Sinitsyn, senior malware analyst at Kaspersky Lab, who has been researching this threat. “Executable code for establishing Tor connection is embedded in the malware’s body. Previously the malware of this type, this was usually accomplished with a Tor.exe file. Embedding Tor functions in the malware’s body is a more difficult task from the programming point of view, but it has some profits, because it helps to avoid detection, and it is more efficient in general.”<br /> <div> <br /></div> <div> Kaspersky Lab is working on Critroni and they have <b>named the ransomware as Onion Ransomware.</b> Kaspersky says that, the research paper will be public in next weeks. So coming week we can have more information about the Critroni ransomware.</div> <div> <br /></div> <div> <span style="font-size: large;"><b>Payment Process</b></span></div> Critroni is nicknamed CTB-Locker, for Curve/Tor/Bitcoin. If a victim’s infected machine can’t connect to the attacker’s server in order to send the Bitcoin payment, the ransomware provides instructions for him to go to another PC and download the Tor browser bundle and then connect to the attacker’s Tor server to complete the transaction.</div>

Critroni, crypto ransomware using Tor Network for Command and Control

Another new crypto ransomware know as Critroni is being sold in underground forums from last mo...

Read more »