Motley cabal of online hacker and librarians. All about online hacking and more ...

Posts in category Online hacking

Computer Forensics to Counter Online Hacking and other Cybercrimes

Sep15
2011 Leave a Comment Written by blogadmin

Online hacking has become the bane of any business that has a presence online. However, the threat posed by online hacking is but a small part of the unfolding scenario. There are so many possibilities of different kinds of electronic attacks that may harm a business in myriad forms, from crippling data systems to stealing top-secret business relevant data.

A New Way to Fight Online Hacking

Computer forensics is a specialized branch of computer security and much like the police forensic specialists who investigate a crime scene, digital forensic experts examine a online hacking break-in or security compromise incident for clues that might point to the perpetrator or at least to the method used, so as to avoid any hacker using the same online hacking method or other modus operandi in the future.

Countering Hacking with Computer ForensicsBefore you call in the cavalry, however, there are some things you need to know. When it comes to security compromises — as a result of online hacking or otherwise — in the corporate world, there’s no if; there’s only the when and the how bad. Trying to control the when is only a matter of delaying the inevitable, but you can control the latter by being a little careful.

The Enemy Within

Security compromises need not always be by access from a remote location. Employees who recently left are a big security risk simply for the fact that they can gain access to the building on some pretext or the other; chances are that they’d still be carrying a pass-card that the folks in IT forgot to render invalid. Then again, there’s not much you can do about the employees who actually are working for you; strict information security policies can act as a deterrent, but only so far. You could tell yourself that you should have done a better job by hiring ethically sound people, but is there really a reliable way to test one’s moral fiber? In a large concern especially, there’s no knowing where a compromise attempt will come from.

That is why, while it is all very well to invest in building as online hacking proof a system as possible, it is equally crucial to pay attention when the security policies and related legal issues are revised. That will help you learn tidbits regarding post-incident what-to-dos regarding damage control once the system has been compromised. Keeping track of online hacking news and developments also helps. Also, this is where the science of computer forensics comes in.

Defining Computer Forensics

A textbook definition of computer forensics is: the maintenance, classification, retrieval, analysis, and documentation of computer evidence. Some authoritative works on the digital forensics define it as the scientific collection, scrutiny, and maintenance of data contained in electronic media whose information can be admissible as evidence in a court of law. This last rider of the evidence being usable in a court of law adds certain technicalities to the mix: the collection part being particularly dicey as there are a lot of ways of gathering electronic data that may amount to illegal (or unauthorized) surveillance and intrusion of privacy, wiretaps being an example.

Ethically and legally speaking, there’s a very thin line that separates computer forensic investigations from criminally motivated online hacking, and the former have to tread that line with utmost care.

Posted in Ethical Hacking, Hacking News - Tagged , , , , ,

Ethical Hacking: Think Like a Hacker

Aug03
2011 Leave a Comment Written by blogadmin

Ethical Hacking: A Contradiction Unto Itself?

There are those of you for whom the term ‘ethical hacking’ is an oxymoron. Hollywood and pop culture stereotypes have made sure that any ‘hacking’ activity is seen as negative and even criminally motivated. Well, it is true that hacking is, fundamentally, taking advantage of unprotected or weakly guarded sites or systems. It is equally true that this can be used to the hacker’s advantage for personal gain, often at the cost of others. It is these criminal-minded, often pointlessly destructive individuals who’re frequently referred to as hackers which, though technically incorrect, should be persisted with now if we are to even begin defining what ethical hacking is all about. So, it is already pretty clear that hackers (the criminal sort, anyway) can be a real menace due to the fact that they’re expert programmers, something that makes them superhuman as long as they have a computer close by.

Enter the Good Guys: Ethical Hacking

Ethical Hacking

Ethical Hackers: Detectives for the Information Age

Because of these super-powered villains, others (often companies,) who want to strengthen the protection of their online systems turn to professionals for help. These professional hackers (the good guys, sometimes known as “white hats,”) use an ethical hacking style to help build a stronger defense against real hacking threats. By purposely “attacking” the system, they can quickly discover its security holes, and then begin to come up with ways to stall, avoid or eliminate the hacking attacks of the sinister sort.

So let’s put this charade aside now, for you can now see that not all hacks are bad. However, for the sake of convenience, we’d still have to use the same terminology to distinguish ethical hackers from the harmful hacking (dubbed ‘cracking’ in the elite world of super-programmers). The act of hacking ethically into a system in order to expose possible weak points, ones that real hackers, or “black hats” (due to less savory intentions) can exploit, can help prevent the company from loss of earnings or reputation. Indeed, a lot of companies are now employing the skills of those who can perform this task because they understand that the only way to fight against skilled hackers is with another skilled albeit ethical hacking specialist of their own!

Ethical Hacking: Set a Thief to Catch a Thief?

Well, not always. But considering that ethical hacking modus operandi comprises of breaking into online systems, the likelihood of the really good white hats being hired professionals who have made their bones as black hat hackers. But it’s not always so cloak and dagger; those with a strong proficiency in computer programming can be trained to carry out these services and a fair number of white hat hackers actually are full-time employees of the company who have the desired level of skill.

So long as your actions have been approved by the company that owns the system you break into, whatever mayhem you create during the hacking process will entirely benefit that company provided they follow up and eliminate those weaknesses exposed by you.

Ethical Hacking in a Nutshell

This is not about good or bad hackers, white hats or black hats; ultimately it is about the good of the company, and the safety of sensitive data they have. If you had a rather shady past but have since gotten over your rebel streak and decided to work for the system rather than against it, you will be highly sought after for the services you can now provide.

Ethical hacking is all about getting results when it comes to shielding online systems against break-ins, malicious attacks and date theft. You are concerned only with keeping the assets and interests safe, and only by thinking and acting like a true hacker can this be achieved.

Without a doubt, this is a smart way to safeguard your information assets against online threats. If you’re a company, do not hesitate to employ a white-hat hacker, as they are armed with the requisite level of knowledge and skills to counter a threat from another hacker. On the other hand, if you’re involved in hacking yourself, and would be willing to consider a career on the right side of the law, ethical hacking beckons.

Posted in Ethical Hacking - Tagged , , , ,

Aussies Worried About Phone Hacking

Jul25
2011 Written by blogadmin

A new study has found that people are increasingly concerned about hacking the phone in Australia because of revelations in a British newspaper owned by Rupert Murdoch.

The survey week Essentials Online Research found that 51 percent of respondents are concerned about the phone hacking scandal after news the world has not existed since the British newspaper.

Only five per cent of the 1053 respondents said they were less concerned.

Half of the respondents also said the federal government should not allow one company to own the majority of Australia’s major newspapers.

Mr Murdoch’s group owns the Australian, Herald Sun, Daily Telegraph and Courier Mail mastheads.

Forty-eight percent also supported the need for more regulation of the media, against only six percent who said that there should be less, while 31 percent think current legislation was on the right.

Posted in Hacking News - Tagged ,

Washington Post Website Jobs Section Hacked

Jul16
2011 Written by blogadmin

Hackers last month, the exploitation of jobs maintained by the Washington Post Co., the site aims to touch more than one million user names and e-mail.

In an e-mail Wednesday night, a media company that informs the user of the online jobs that the Board of Directors by a third party had made a number of user names and email addresses for more than two separate events in June. No password or other personal information was accessed according to the company.

The incident affected about 1.27 million user IDs and email addresses. Washington Post said it was investigating the attack to the police and conducting an audit of your workplace.

The attack follows a theft of online travel companies and governments run around the world. Earlier this week, a group of hackers claim to have cleared the 74 sites of the Turkish government. Online Hackers have attacked Sony Corp., the U.S. Senate and AT & T Inc., among others.

Posted in Hacking News - Tagged , ,

Protect Yourself From Hackers, Experts Advise Young People

Jul11
2011 Written by blogadmin

Young people should be aware of ways to protect their identity on the Internet as a threat of violation of privacy is increasing and more and more cases of crimes reported, experts from IIT Kanpur said Saturday.

Internet security experts, including Gaurav Sharma and Tarun Bansal, for students and professionals in a seminar in Bharti Mandapam here.

“As companies increasingly go online, as more and more data being stored on the Internet and attracts Netbanking a growing number of people, the demand for Internet security experts is growing” , Gaurav said, adding that in Western countries, domestic companies are willing to pay a salary very much for the experts in this field.

After recent incidents of Internet data theft from companies and other agencies, both government agencies and private companies are extremely conscious about their online safety, Gaurav added.

“Always have an eye for suspicious activity on your online existence. Most of the time hackers create a duplicate website and as soon as you provide your log in address on it, your site is hacked,” said Gaurav. Tarun Bansal, another IIT Kanpur student, warned Internet users against Internet security loopholes.

Organized under the aegis of a web portal, allmycourses.com, the workshop witnessed focused and holistic discussions on various forms of hacking.

“Always exit from your account after each use. If you close your window without success to disconnection, the browser stores your login information, which can be used by hackers to tamper with your account,” say Tarun students.

“One of the most important things to remember is always to delete the browser history when using a public computer, because the cookie, which makes up automatically when you visit the site, hackers could be the way to get the login information. However, there is no need for private computers, “Tarun added yet.

Tagged

Emails Hacked in Europe

Jun13
2011 Written by blogadmin

Taiwanese PC maker Acer investigation into the computer attack that stole customer data from its unit Packard Bell in Europe, according to a statement from the company.

Acer said that the security violation is limited to customer names, addresses, phone numbers, email and serial numbers of the system. No credit card information was stolen, he said. Acer did not provide any other information about the attack and said the investigation was ongoing.

News of the breach was reported earlier this month, after a hacker group Pakistan Cyber Army claimed to have stolen the personal data of about 40,000 people from an Acer server in Europe. Acer did not comment on the attack at the time.

The Hacker News had published screen shots of the personal data and some of the source code that was stolen in the security breach. It also said that the Pakistan Cyber Army would issue a press release detailing more about their motives. But so far, no new information has surfaced from the hacking group.

The hacking group may be the same who had defaced the website of India’s Central Bureau of Investigation in December. Hackers calling themselves the “Pakistan Army Cyber” and left a message stating that the violation was of such revenge attacks on Indian sites in Pakistan.

Posted in Hacking News - Tagged , ,

Nintendo Another Victim of Hacking

Jun06
2011 Written by blogadmin

Nintendo was targeted in a recent online data attack, but no personal or company information was lost, the Japanese maker of the Wii game console said on Sunday.

The server of an affiliate of Nintendo’s US unit was accessed unlawfully a few weeks ago, but there was no damage, company spokesman Ken Toyoda said.

“There were no third-party victims,” Toyoda said, declining to elaborate. “But it is a fact there was some kind of possible hacking attack.”

The damage from what could be part of a recent spate of such data breaches targeting big-name brands was more serious at rival Sony.

Sony has said massive personal information, including email addresses, names and birth dates, and involving more than 100 million users, is suspected of having been stolen after security was compromised in April for its network service for the PlayStation 3 game machine, for other online services and, in the past week, from Sony Pictures’ website.

It is still unclear who is behind the attacks at Sony or Nintendo, based in Kyoto.

Hackers calling themselves Lulz Security – a reference to Internetspeak for “laugh out loud” – claim to have compromised more than 1 million Sony users’ personal information, posting many of the details to the Internet.

Lulz Security also claimed credit for the Nintendo attack, posting what they said was a Nintendo server configuration file to the Web. The group added that they pulled the hack off just for fun.

“We’re not targeting Nintendo,” the group said in a message posted to Twitter over the weekend. “We like the N64 (gaming console) too much – we sincerely hope Nintendo plugs the gap.”

Tokyo-based Sony has said it is strengthening security measures. It has contacted the FBI and other authorities for an investigation into the cyber attacks. – Sapa-AP

Posted in Hacking News - Tagged ,

GMA-7′s Website Hacked

May30
2011 Written by blogadmin

His website of one of the leading television networks in the Philippines has been hacked by a username “D4RKB1T”.

GMA-7’s website – gmanews.tv, its Facebook and Twitter accounts have been simultaneously hacked on Sunday Morning.
Users are redirected to google.com whenever they tried to enter the network’s website.

“GMA HACKED BY D4RKB1T,” was displayed on the network’s official Facebook fan-page.
The hacker however had managed to explain why he hacked the sites.

“This is not about stupidity, but a message to webdevs [website developers]. Learn to secure your sites, user accounts and passwords with personal information are being stored there. We have to be ready for such cyber terrorism,” the hacker’s statement posted at the GMA’s fan-page. “No ‘database’ was altered or removed.

The hacker continued, “We have to be vigilant on securing sites or else personal information will be leaked.”

“I did not intend to make damage, just make the devs listen! They never respond to my messages telling them about the security hole,” the hacker said.

The hacking lasted for more than 30 minutes.

The TV Network in a statement on its Twitter account said, “We have re-established control of GMA News Online. Our apologies for the profanities.”

The identity of the said hacker has yet to be determined.

Last year, the government had expressed alarm over the series of hacking incidents on some of its agencies’ websites.

Posted in Hacking News - Tagged

News of the World Phone Hacking Cases to be Heard

May23
2011 Written by blogadmin

Cases concerning phone-hacking against News of the World newspaper will finally start to be heard, although the newspaper are said to be keen to prevent as many cases as possible from going to trial.

The scandal began in 2006 when charges were brought against Clive Goodman, the News of the World’s royal editor, and Glenn Mulcaire, a private investigator, alleging that they had intercepted voicemail messages left for members of the royal household.

It is alleged that over 7000 people have had their phones hacked by News of the World, what is a mass breach of privacy.

The first cases to be heard will include those of actor Jude Law and football pundit Andy Gray High Court judge Mr Justice Vos ruled.

Mr Justice will hear several cases to enable him to decide damages that were properly payable across a selection of alleged situations. He also said it will make it possible to resolve other cases without further hearings.

Others cases to be heard include those of Interior designer Kelly Hoppen, agent Sky Andrew and Labour MP Chris Bryant. It was expected that actress Sienna Miller would have her case heard, but she accepted an out of court settlement of £100,000 from the paper.

News of the World have set aside £20 million to settle the claims, although it is widely thought that the owners of the paper will do all they can to prevent cases from going to court.

“They don’t want a court case, they don’t want a trial, they don’t want their dirty deeds to come out,” journalism professor and former newspaper editor Roy Greenslade said.

The situation doesn’t look good for the News of the World, with a host of other high profile cases set to be laid against the paper for breach of privacy.

With the string of super injunctions that have been granted lately to prevent the private lives of various celebrities being released the case concerning News of the World once again brings up the question of the boundaries of privacy.

It seems in the case of News of the World that, given their willingness to keep cases from court, they know they have breached the privacy of a number of people and are now doing all they can to save their reputation and financial situation.

Posted in Hacking News - Tagged ,

Sony Restarts Internet Services Weeks after Hacking Debacle

May16
2011 Written by blogadmin

Sony has begun to increase its Internet service back online after a week of hacking debacle, which saw millions of users ‘personal information’ stolen.

The company announced a series of pumping actions of the security because it allows customers to return to play any games online to download music.

Moves may be too late for some customers, however, anecdotal reports of dumping their PS3 for Xbox 360 and Xbox Live online community.

The Japanese consumer electronics giant has been humiliated by the technology meltdown, with senior executives literally bowing in apology to customers worldwide.

Sony shut down its PlayStation Network (PSN) and Qriocity music-based service on April 21, after a cyber attack on its San Diego data centre.

The intruders accessed the personal details of more than 77 million user accounts, escaping with details ranging from passwords to home addresses.

Sony has been unable to rule out if the thieves got away with credit cards details as well.

Among the suite of security enhancements announced today was an early-warning system designed to detect unusual activity signalling a cyber attack.

Existing users must change their PSN and Qirocity account passwords as part of the revamped security measures.

Sony deputy chief Kazuo Hirai again apologised to customers.

“I’d like to send my sincere regret for the inconvenience this incident has caused you and want to thank you all for the kind patience you’ve shown as we worked through the restoration process,” he said.

“We are taking aggressive action at all levels to address the concerns that were raised by this incident and are making consumer data protection a full-time, company wide commitment.”

Internet security company Symantec, spokesman Francis deSouza, said there had been a dramatic rise in cyber attacks over the past 18 months along with their sophistication and impact.

“Today’s cyber crime attacks are proving to be more covert, more targeted and better organized than those we’ve seen in years past,” he said.

Posted in Hacking News - Tagged ,
« Older Entries Newer Entries »
wordpress visitor
© 2011 USRlib.info