Group items tagged

As Ankit Fadia, 28, works on his laptop, his fingers furiously tapping away, there is silence in the packed auditorium in central Delhi.  His projector throws images of codes and symbols onto a white wall, and then suddenly, the crowd bursts into spontaneous applause. Another website has been successfully hacked and unlocked. But rather than doing something illegal, Mr Fadia, who describes himself as an ethical hacker, says he is trying to protect people and businesses from a rising wave of cyber crime. "The difficulty about tackling cyber crime is that it's increasing all the time," says Mr Fadia. "If we control one set of attacks there are hundreds more the next minute. That's why we need our systems, policing, the law, prepared for this kind of cyber onslaught." Spam manager Continue reading the main story " Start Quote Though India has laws aimed at tackling cyber crime, it isn't used effectively" Ankit Fadia Ethical hacker According to a recent report by global research and accounting firm Ernst and Young, data or information theft was the most committed fraud in India last year. That data can be anything from personal details, to bank accounts, to company contacts and secrets. Ernst and Young warns that it could cost companies as much as 5% of their profits if they are targeted by cyber criminals. At the same time, there has been an increase in nuisance internet issues such as spamming, with India recently overtaking the US to become the top global contributor of junk messages. The BBC's Shilpa Kannan reports on what companies are doing to protect themselves from cyber attacks And while this jams an inbox and is a headache for the consumer, for the government there are also more serious issues, such as national security and trying to avoid a potential cyber attack by a terrorist group. According to the Minister of State for Communications and IT, Sachin Pilot, more than 100 Indian government websites were hacked in the first three months of

A group of hackers who call themselves the Lords of  Dharmaraja, (and is associated with Anonymous) have published the source code of Symantec, a digital security firm know for the Norton antivirus program and pcAnywhere, raising concerns that others could exploit the security holes and try to control the users computer.   The release of the source code came after the 'extortion' attempt failed as Symantec did not comply with their numerous deadlines.   Negotiations through email messages between a representative of the hacker group, YamaTough, and someone from Symantec were also released online. The exchange of messages are about Symantec's offer to pay USD 50,000 for the hackers to stop disclosing the source code and announce to the public that the whole Symantec hack was a fake, which made them a subject of mockery for appearing to buy protection.   Both sides admitted that their participation was just a trick.   The hackers denied any extortion aim, saying that they never intended to take the money and were going to publish the source code whatever happens; they simply want to humiliate them so they played along. While Symantec said that they are not actually the one in communication with the hacker, but a law enforcement agent.   The long negotiation worked to the favor of Symantec as they have been able to come up with patches to their Norton and pcAnywhere programs. Symantec has advised their users to stop using the softwares in the meantime until they have issued more patches for them.   Symantec released a statement saying that they have always been prepared for the leak of the source code so they've made and distributed hotfixes on January to secure their users.   The drawn-out negotiation is an obvious sign of a law enforcer on the other line. Delaying tactics is one of their assets to obtain insight into the enemy. More importantly, it will create more transactions where paper trail will be left along the way - utilizing persons wh

Oracle has fallen dangerously behind the times with the security policies and practices it utilises on its Java platform, according to one of Kaspersky Lab's top researchers. Roel Schouwenberg, a senior antivirus researcher with the Kaspersky Lab global research and analysis team told V3 that Oracle has not kept pace with the security advances made by other companies in recent years. "You can see that Microsoft has gone to sandboxing for Office, Adobe has gone that way, Google has gone that way with Chrome," Schouwenberg noted. "When you look at what Oracle has done, the sad reality is nothing. And I have to ask why we are letting Oracle get away with this?" According to figures from Kaspersky, Java remains a top target for malware writers and cyber criminals. Along with Adobe Reader and Flash, Java vulnerabilities are the most popular for online exploits which lead to malware infections. Adobe has extended the security protections on Reader and Flash. Oracle however has only recently installed basic security measures, says Schouwenberg. "Two years ago I would have been slamming Adobe for its security," the researcher said. "Adobe still makes its mistakes, but with Oracle we don't see anything that they are doing to change something." Oracle did not respond to a request for comment on the matter. While the Java maker was singled out for its practices, Oracle is far from the only vendor Schouwenberg sees ignoring security issues. He noted that Google's loose oversight of its Play market has left Android devices vulnerable to malware, while Apple continues to ignore major security risks on the OS X platform in the wake of the Flashback malware outbreak. Throughout the entire market, Schouwenberg sees the need for better security response time and policies should vendors wish to protect users from malware. "Any program that can be directly accessed from a web browser should be checking for updates every other day, reasonably, and definitely not less than once a week,"