New Virus In Android Phone Can Steal Passwords

According to Times of India Cyber security has alerted about the infectious Trojan virus which attacks Android-based smart phone users. This virus is named as “AndroidSmssend” and it can acquire as many as four aliases to hoodwink the user and perpetrate its destructive activities on a personal Android enabled phone.

Android/SmsSend is a premium service abuser family malware that arrives bundled with legitimate Android applications and infects Android based smart phones.

“Once infected, it sends text messages (typically with a link to itself or a different threat) to a specific number, typically to numbers on the contact list and is also capable to send SMS to premium rate numbers,” the Computer Emergency Response Team of India (CERT-In) said in its latest advisory to Android phone users in the country.

The virus is so notorious, the agency said, that it “steals contacts and pictures, tracks the location, steals passwords, illegally accesses text messages, crashes a complete system, steals personal banking information when logged in, installs other sort of spyware and disables firewall and anti-virus program to defend itself.”

“Do not download and install applications from untrusted sources, install applications downloaded from reputed application market only, run a full system scan on device with mobile security solution or mobile anti-virus solution, check for the permissions required by an application before installing, exercise caution while visiting trusted/untrusted sites for clicking links, install Android updates and patches and use device encryption or encrypting external SD card feature available with most of the android OS (operating system),” it said.

And also, avoid using unsecured, unknown Wi-Fi networks and make a practice of taking regular backup of the Android device, the advisory said.

Appin Ara

Russian hackers read Barack Obama's emails during White House cyber-attack

Russian hackers were able to read the confidential email correspondence of US President Barack Obama during a cyber attack on the White House.

The attack on the White House email system was first reported back in October but at the time officials claimed it was not a big deal and only affected unclassified content. Now however a report in the New York Times quoting sources within the Obama regime suggests the breach was "far more intrusive and worrisome than has been publicly acknowledged".

On 22 April, security company Kaspersky Lab revealed details of the group behind the attack - a group of hackers known as CozyDuke - revealing the social engineering methods used to breach the White House systems.

While Kaspersky didn't go so far as to point the finger of blame at any one state, there was a lot of corroborating evidence which strongly suggested that the Russian government was involved in the attack.

Earlier in April, White House officials admitted that the hackers had gotten access to President Obama's schedule, which, while not classified is still highly sensitive information, seen as highly prized by foreign intelligence agencies.

The latest report suggests the hackers were not able to access the well-guarded servers which contain messages sent by Obama's BlackBerry - which he always carries with him - but they were able to access accounts which contained email correspondence of people with whom Obama communicated regularly.

"From those accounts, they reached emails that the president had sent and received, according to officials briefed on the investigation," the New York Times report says.

Particularly worrisome

It is unsurprising that the White House email systems would be a major target for hackers, but the strong indication that this is the work of Russian hackers will be hugely controversial.

Calling it "one of the most sophisticated attacks" they have seen on its network, a senior White House official added: "It's the Russian angle to this that's particularly worrisome".

Obama or his officials have been surprisingly reticent to point the finger of blame for the attack on the White House, refusing to publicly discuss the findings of its investigations.

In recent months the White House and Obama have not been shy about pointing the finger of blame when it comes to state-sponsored cyber attacks against the US. Back in May, 2014 the US government charged five Chinese military officials with carrying out cyber attacks against six US companies.

Earlier this year Obama authorised new sanctions against North Korea after the White House publicly backed claims that the dictatorship was behind a devastating cyberattack on Sony Pictures.

Spear phishing

According to the Kasper sky Lab report, the CozyDuke group goes after "blatantly sensitive high profile victims and targets" utilizing "evolving crypt and anti-detection capabilities".

The main attack vector was spear phishing campaigns some of which contain links to high profile, legitimate websites such as "diplomacy.pl" which hosted a Zip archive.

Once downloaded the extracted Zip archive contains a file which installs the malware as well as a decoy file showing an empty PDF.

Another "highly successful" attack saw the hackers send a phone flash videos attached to the phishing emails, one of which was a video called "Office Monkeys LOL Video.zip". When the victim clicks on the link the video plays, but in the background the malware is installed on the system.

Appin, Ara

About Hacking? Why we need Security?

About Hacking....

In the truest sense of the word, a "hacker" is a dedicated programming expert who believes in sharing his expertise and experiences with other hackers. A hacker does not believe in vandalizing or maliciously destroying data, or in stealing data of any kind. A "cracker" is a cyber burglar or vandal - an individual or group intent on causing malicious harm to a network or computer, or to steal information beneficial to themselves like passwords, credit card numbers and the like. For ease of use, the term "hacker" is used here to refer to either a hacker or cracker, as someone who enters or tries to enter your computer or network without authorization. In other words Hackers are people who try to gain unauthorised access to your computer. This is normally done through the use of a 'backdoor' program installed on your machine. You can protect yourself from these by using a firewall and a good up-to-date anti-virus program.

Why we need Security....

In the ever changing world of global data communications, inexpensive Internet connections, and fast-paced software development, security is becoming more and more of an issue. Security is now a basic requirement because global computing is inherently insecure. As your data goes from point A to point B on the Internet, for example, it may pass through several other points along the way, giving other users the opportunity to intercept, and even alter it. It does nothing to protect your data center, other servers in your network, or a malicious user with physical access to your EnGarde system.

Security is about defense in depth. Providing physical security as well as a well-designed network, control over the users and processes on the host itself, and regular maintenance can go a long way towards providing good security.

In the most basic sense, a system is secure if it does what it's supposed to do, even if its users attempt to do something they're not supposed to do. It protects the information stored in it from being modified either maliciously or accidentally or read or modified by unauthorized users.

Consider the security of your household. Perhaps you have an alarm system, but does it work if the intruder cuts the system power? Security involves trade offs. How much is your data worth? Does it make sense to protect your system with the level of security you might find protecting Fort Knox, or would that cost more than the data itself? Guardian Digital provides an extremely functional e-commerce server, while still retaining all the reliability, configuration, and availability you have come to expect with the Linux operating system.