Welcome

Website counter
website hit counter
website hit counters

Thursday, June 10, 2010

FW: [CCCNews] CCCNews Newsletter - dated 2010 June 09




Date: Fri, 4 Jun 2010 14:43:08 +0530
From: sysman01@mtnl.net.in
Subject: [CCCNews] CCCNews Newsletter - dated 2010 June 09
To: sysman01@mtnl.net.in

 NEWS LETTER
Centre for Research and Prevention of Computer Crimes, India
Courtesy - Sysman Computers Private Limited, Mumbai (www.sysman.in)

June 09, 2010

Editor - Rakesh Goyal (rakesh@sysman.in)



In today's Edition -                                                                             (This is a news-letter and not a SPAM)
 *Direct Circulation - 95,000+

HACKED : Ecuador Government Web Site Attack
PRELOADED : Malware in Olympus Stylus Tough camera
VICTIM : Most businesses are cybercrime victims
5 RISKS : The top five social media risks for businesses
IT Term of the day
Quote of the day
 

* Direct Circulation in 4 Google groups (control-computer-crimes@googlegroups.com and IT-Sec-NSE@googlegroups.com) and 2 more groups
Approved Organizations can get a two months free fully functional E-Secure-IT subscription, providing focused IT-Security and Industry Business Risk Intelligence Alerts at: http://2mthsfree.e-secure-it.com/
 

 P Please don't print this newsletter unless you really need to. Save Tree. 
SAY NO TO PLASTIC WATER BOTTLES. 



--
You received this message because you are subscribed to the Google Groups "control-computer-crimes" group.
To post to this group, send email to control-computer-crimes@googlegroups.com.
To unsubscribe from this group, send email to control-computer-crimes+unsubscribe@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/control-computer-crimes?hl=en.


--Forwarded Message Attachment--

CCCNews-Newsletter-2010-06-09

IT and Related Security News Update from

Centre for Research and Prevention of Computer Crimes, India

(www.cccnews.in)

Courtesy - Sysman Computers Private Limited, Mumbai (www.sysman.in)

June 09, 2010


Today�s edition ��

 

HACKED : Ecuador Government Web Site Attack

PRELOADED : Malware in Olympus Stylus Tough camera

VICTIM : Most businesses are cybercrime victims

5 RISKS : The top five social media risks for businesses

IT Term of the day

Quote of the day

 

(Click on heading above to jump to related item. Click on �Top� to be back here)

 

Top


HACKED : Ecuador Government Web Site Attack

Jorge Mieres blog

ESET Latin America

http://www.eset.com/blog/2010/06/08/ecuador-government-web-site-attack?

http://blogs.eset-la.com/laboratorio/2010/06/08/sitio-gobierno-ecuatoriano-comprometido-ataque/

 

Criminal activity that exploits web sites is commonplace these days; nevertheless, when the affected Web site belongs to a governmental organization, the event takes on more relevance and impact, and reinforces the need to maintain strong and positive controls in order to keep data safe.

 

A while ago we posted an alert pertaining to a phishing attack that deposited fraudulent files on a site relating to a governmental organization in Colombia. Of course we advised the people in charge of the site of the need to take action against the threat.

 

In this instance, a similar situation has arisen in a governmental site in Ecuador. Taking advantage of a vulnerability on the server where the Web site is hosted, the attackers succeeded in accessing the system remotely.

 

The attackers belong to a group called the Hacker-Newbie Crew that dedicates itself to gaining unauthorized access by exploiting vulnerabilities in the server, and specialize in web defacement.

 

These malicious files are uploaded through a backdoor usually written in PHP, which gives them the means to obtain total control of the Web site and in this way they can upload any kind of file to the server.

 

ESET NOD32 detects this malware as PHP/IRCBot.NAA, PHP/IRCBot.NAD and Perl/Shellbot.B. Nevertheless, it is important to emphasize the importance of protecting file servers, whether they're based on Windows platforms or GNU/Linux, using proactive security solutions of security like ESET Gateway Security.

 

In addition, it's important to keep monitoring servers and networks so as to detect this� type of activity as early as possible, since, as in many similar and high-profile cases, the compromised Web site can be used as a staging post from which to mount other other attacks on other sites.

 

Top


PRELOADED : Malware in Olympus Stylus Tough camera

08.06.2010

http://www.net-security.org/malware_news.php?id=1370

 

Samsung is not the only company that has been lately caught shipping malware-infected consumer electronics - Olympus Japan has admitted that a little over 1700 units of the Stylus Tough 6010 digital compact camera that was available for sale in Japan contain a virus on the memory card shipped with it.

 

According to Sophos, the camera itself is not at risk - it is your PC that you have to worry about, since the card also contains an autorun worm that would allow the virus to take residence on the computer when you plug the device into it.

 

For the people who might have bought one of the "infected" cameras, Olympus has provided a widget on their official site where customers can insert the serial number of the camera in order to check if their device is affected:

 

Unfortunately, for those who don't know Japanese the site is pretty much useless - unless they have someone who can translate the results for them.

 

Top


VICTIM : Most businesses are cybercrime victims

By AAP

June 8th, 2010

http://www.zdnet.com.au/most-businesses-are-cybercrime-victims-339303704.htm?feed=rss

 

A majority of small and medium-sized businesses have been victims of cybercrime, a survey has shown.

 

About 56 per cent of Australian small and medium businesses surveyed had been affected by cybercrime, up from 46 per cent in 2008, according to internet security firm Symantec.

 

The survey found the top concern, by 52 per cent of respondents, was malicious software created by cybercriminals.

 

"Cybercrime is a warranted concern for Australian small and medium businesses," Symantec managing director for the Pacific region Craig Scroggie said in a statement.

 

"In 2009, Symantec identified more than 240 million distinct new malicious programs globally, a 100 per cent increase over 2008."

 

The latest survey found that 22 per cent of all emails received by the 510 surveyed firms were spam, and that 23 per cent of respondents had been affected by a phishing scam.

 

Assuming each employee receives 20 spam emails each business day and works 225 days a year, respondents are collectively having to find time to delete nearly 250,000 spam emails a year," Symantec said.

 

Symantec said small and medium-size businesses could protect their information by educating their staff about cybercrime, developing security policies and deploying a comprehensive security solution across their business.

 

Top


5 RISKS : The top five social media risks for businesses

By Sharon Gaudin

08 June 2010

http://www.infoworld.com/d/security-central/the-top-five-social-media-risks-businesses-525

 

As businesses increasingly try to figure out how to use social networking tools in the enterprise, an IT governance group has released a ranking of the top five risks social media poses to companies.

 

The study, which lists the biggest risks businesses need to prepare for when they are using social media, was released on Monday by ISACA, a 43-year-old international organization previously known as the Information Systems Audit and Control Association that researches IT governance and control.

 

John Pironti, an ISACA Certification Committee member, noted that many business executives have considered some of the risks, but few have considered all of them.

 

"I think that the blinders have been on at a lot of enterprises," Pironti told Computerworld . "They're trying to figure out what to do about this. I think companies are as scared as they generally are with any new technology, like Wi-Fi and jump drives.

 

They're taking a different attitude this time. They're not just turning it off but they're acknowledging that they just can't stop the use of it. They understand that it's going to be used so how do they do it safely?" he said.

 

The top risks, which are laid out in an ISACA research paper, are viruses and malware, brand hijacking, and lack of control over corporate content. Rounding out the top five are unrealistic expectations of customer service at "Internet-speed" and non-compliance with record-management regulations.

 

Pironti said ISACA isn't warning companies not to use Web 2.0 tools or to not fully embrace social networking. However, he said they need to go into it with their eyes wide open to the benefits as well as the risks.

 

And he added that most of the risks stem from users not understanding how their own behavior could possibly impact the company. Pironti noted that it comes down to a need for organizations to educate users about how posting something could breach company security, hurt the company's image, or even open the company up to being hit by malware.

 

"With social media, there are so many platforms and environments to learn," said Pironti. "What are the implications of what could happen? People don't think of the damage that could occur to an organization."

 

"They see it as a way to explore relationship with work people. We take some of the social out of their lives by asking people to work longer hours. They're looking for a balance -- to still have a relationship with friends and peers," Pironti said.

 

And since workers, either on their own or with a corporate blessing, will use social networking sites such as Facebook and Twitter, Pironti said they need to understand the line between social and business. They also need to have set corporate guidelines about what information can be shared what needs to stay inside corporate walls.

 

However, Pironti said company execs also need to be aware themselves that workers are using social networking sites and tools so they need to have a hand in it to better protect themselves. Executives can't be aware of what is being said about a company unless someone is paying attention.

 

Top


New IT Term of the day


disintermediation


Removing the middleman. The term is a popular buzzword used to describe many Internet-based businesses that use the World Wide Web to sell products directly to customers rather than going through traditional retail channels. By eliminating the middlemen, companies can sell their products cheaper and faster. Many people believe that the Internet will revolutionize the way products are bought and sold, and disintermediation is the driving force behind this revolution.

 

Top


Quote of the day


Tolerance means to bounce back even when thrown against a very hard wall. The ability to do this comes from sensing that life is a game and that all things move in cycles. What is uncomfortable now will soon change. Tolerance is like saying yes to the game and enjoying it.

 

Rig Ved

 

Top

 

Note -

  1. As a member of this group, you get useful information to protect yourself and your IT assets and processes from various Computer and Related Crimes.
  2. If you think that your other friends/colleagues/acquaintances/relatives/foes/enemies also needs this information, forward the mail to them and request them to send their e-mail addresses and names to us with subject as "Subscribe".
  3. If you or someone has become victim of Computer Crimes or has any query on prevention, you are welcome to write to us.
  4. If you are not interested in it and would like to unsubscribe - send a reply mail with subject as "Unsubscribe".
  5. Disclaimer - We have taken due care to research and present these news-items to you. Though we've spent a great deal of time researching these matters, some details may be wrong. If you use any of these items, you are using at your risk and cost. You are required to verify and validate before any usage. Most of these need expert help / assistance to use / implement. For any error or loss or liability due to what-so-ever reason, CRPCC and/or Sysman Computers (P) Ltd. and/or any associated person / entity will not be responsible.

 



The dark side of terrorists revealed in MSN Internal Security Get it now.

No comments:

मैं नास्तिक क्यों हूं# Necessity of Atheism#!Genetics Bharat Teertha

হে মোর চিত্ত, Prey for Humanity!

मनुस्मृति नस्ली राजकाज राजनीति में OBC Trump Card और जयभीम कामरेड

Gorkhaland again?আত্মঘাতী বাঙালি আবার বিভাজন বিপর্যয়ের মুখোমুখি!

हिंदुत्व की राजनीति का मुकाबला हिंदुत्व की राजनीति से नहीं किया जा सकता।

In conversation with Palash Biswas

Palash Biswas On Unique Identity No1.mpg

Save the Universities!

RSS might replace Gandhi with Ambedkar on currency notes!

जैसे जर्मनी में सिर्फ हिटलर को बोलने की आजादी थी,आज सिर्फ मंकी बातों की आजादी है।

#BEEFGATEঅন্ধকার বৃত্তান্তঃ হত্যার রাজনীতি

अलविदा पत्रकारिता,अब कोई प्रतिक्रिया नहीं! पलाश विश्वास

ভালোবাসার মুখ,প্রতিবাদের মুখ মন্দাক্রান্তার পাশে আছি,যে মেয়েটি আজও লিখতে পারছেঃ আমাক ধর্ষণ করবে?

Palash Biswas on BAMCEF UNIFICATION!

THE HIMALAYAN TALK: PALASH BISWAS ON NEPALI SENTIMENT, GORKHALAND, KUMAON AND GARHWAL ETC.and BAMCEF UNIFICATION! Published on Mar 19, 2013 The Himalayan Voice Cambridge, Massachusetts United States of America

BAMCEF UNIFICATION CONFERENCE 7

Published on 10 Mar 2013 ALL INDIA BAMCEF UNIFICATION CONFERENCE HELD AT Dr.B. R. AMBEDKAR BHAVAN,DADAR,MUMBAI ON 2ND AND 3RD MARCH 2013. Mr.PALASH BISWAS (JOURNALIST -KOLKATA) DELIVERING HER SPEECH. http://www.youtube.com/watch?v=oLL-n6MrcoM http://youtu.be/oLL-n6MrcoM

Imminent Massive earthquake in the Himalayas

Palash Biswas on Citizenship Amendment Act

Mr. PALASH BISWAS DELIVERING SPEECH AT BAMCEF PROGRAM AT NAGPUR ON 17 & 18 SEPTEMBER 2003 Sub:- CITIZENSHIP AMENDMENT ACT 2003 http://youtu.be/zGDfsLzxTXo

Tweet Please

Related Posts Plugin for WordPress, Blogger...

THE HIMALAYAN TALK: PALASH BISWAS BLASTS INDIANS THAT CLAIM BUDDHA WAS BORN IN INDIA

THE HIMALAYAN TALK: INDIAN GOVERNMENT FOOD SECURITY PROGRAM RISKIER

http://youtu.be/NrcmNEjaN8c The government of India has announced food security program ahead of elections in 2014. We discussed the issue with Palash Biswas in Kolkata today. http://youtu.be/NrcmNEjaN8c Ahead of Elections, India's Cabinet Approves Food Security Program ______________________________________________________ By JIM YARDLEY http://india.blogs.nytimes.com/2013/07/04/indias-cabinet-passes-food-security-law/

THE HIMALAYAN TALK: PALASH BISWAS TALKS AGAINST CASTEIST HEGEMONY IN SOUTH ASIA

THE HIMALAYAN VOICE: PALASH BISWAS DISCUSSES RAM MANDIR

Published on 10 Apr 2013 Palash Biswas spoke to us from Kolkota and shared his views on Visho Hindu Parashid's programme from tomorrow ( April 11, 2013) to build Ram Mandir in disputed Ayodhya. http://www.youtube.com/watch?v=77cZuBunAGk

THE HIMALAYAN TALK: PALASH BISWAS LASHES OUT KATHMANDU INT'L 'MULVASI' CONFERENCE

अहिले भर्खर कोलकता भारतमा हामीले पलाश विश्वाससंग काठमाडौँमा आज भै रहेको अन्तर्राष्ट्रिय मूलवासी सम्मेलनको बारेमा कुराकानी गर्यौ । उहाले भन्नु भयो सो सम्मेलन 'नेपालको आदिवासी जनजातिहरुको आन्दोलनलाई कम्जोर बनाउने षडयन्त्र हो।' http://youtu.be/j8GXlmSBbbk

THE HIMALAYAN DISASTER: TRANSNATIONAL DISASTER MANAGEMENT MECHANISM A MUST

We talked with Palash Biswas, an editor for Indian Express in Kolkata today also. He urged that there must a transnational disaster management mechanism to avert such scale disaster in the Himalayas. http://youtu.be/7IzWUpRECJM

THE HIMALAYAN TALK: PALASH BISWAS CRITICAL OF BAMCEF LEADERSHIP

[Palash Biswas, one of the BAMCEF leaders and editors for Indian Express spoke to us from Kolkata today and criticized BAMCEF leadership in New Delhi, which according to him, is messing up with Nepalese indigenous peoples also. He also flayed MP Jay Narayan Prasad Nishad, who recently offered a Puja in his New Delhi home for Narendra Modi's victory in 2014.]

THE HIMALAYAN TALK: PALASH BISWAS CRITICIZES GOVT FOR WORLD`S BIGGEST BLACK OUT

THE HIMALAYAN TALK: PALASH BISWAS CRITICIZES GOVT FOR WORLD`S BIGGEST BLACK OUT

THE HIMALAYAN TALK: PALSH BISWAS FLAYS SOUTH ASIAN GOVERNM

Palash Biswas, lashed out those 1% people in the government in New Delhi for failure of delivery and creating hosts of problems everywhere in South Asia. http://youtu.be/lD2_V7CB2Is

THE HIMALAYAN TALK: PALASH BISWAS LASHES OUT KATHMANDU INT'L 'MULVASI' CONFERENCE

अहिले भर्खर कोलकता भारतमा हामीले पलाश विश्वाससंग काठमाडौँमा आज भै रहेको अन्तर्राष्ट्रिय मूलवासी सम्मेलनको बारेमा कुराकानी गर्यौ । उहाले भन्नु भयो सो सम्मेलन 'नेपालको आदिवासी जनजातिहरुको आन्दोलनलाई कम्जोर बनाउने षडयन्त्र हो।' http://youtu.be/j8GXlmSBbbk