Welcome

Website counter
website hit counter
website hit counters

Thursday, December 23, 2010

FW: [CCCNews] CCCNews Newsletter - dated 2010 December 20




Date: Mon, 20 Dec 2010 20:10:46 +0530
From: sysman01@mtnl.net.in
Subject: [CCCNews] CCCNews Newsletter - dated 2010 December 20
To: sysman01@mtnl.net.in

 NEWS LETTER
Centre for Research and Prevention of Computer Crimes, India
Courtesy - Sysman Computers Private Limited, Mumbai (www.sysman.in)

December 20, 2010

Editor - Rakesh Goyal (rakesh@sysman.in)



In today's Edition -                                                                             (This is a news-letter and not a SPAM)
*Direct Circulation - 99,500+

CONTROL : Trai moves to curb mobile phone theft
MITIGATION : New Google service identifies hacked sites
BEWARE : New Malware Kit Available on the Underground Market
TRUST? : Sr. Executives at Dell, AMD sold inside information
IT Term of the day
Quote of the day
 

* Direct Circulation in 4 Google groups (control-computer-crimes@googlegroups.com and IT-Sec-NSE@googlegroups.com) and 2 more groups
Approved Organizations can get a two months free fully functional E-Secure-IT subscription, providing focused IT-Security and Industry Business Risk Intelligence Alerts at: http://2mthsfree.e-secure-it.com/
 

 P Please don't print this newsletter unless you really need to. Save Tree. 
SAY NO TO PLASTIC WATER BOTTLES. 



--
You received this message because you are subscribed to the Google Groups "control-computer-crimes" group.
To post to this group, send email to control-computer-crimes@googlegroups.com.
To unsubscribe from this group, send email to control-computer-crimes+unsubscribe@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/control-computer-crimes?hl=en.


--Forwarded Message Attachment--

Message body

IT and Related Security News Update from

Centre for Research and Prevention of Computer Crimes, India

(www.cccnews.in)

Courtesy - Sysman Computers Private Limited, Mumbai (www.sysman.in)

December 20, 2010


Today�s edition � 

 

CONTROL : Trai moves to curb mobile phone theft

MITIGATION : New Google service identifies hacked sites

BEWARE : New Malware Kit Available on the Underground Market

TRUST? : Sr. Executives at Dell, AMD sold inside information

IT Term of the day

Quote of the day

 

(Click on heading above to jump to related item. Click on �Top� to be back here)

 

Top


CONTROL : Trai moves to curb mobile phone theft

Deccan Chronicle

Dec 20 2010

http://www.deccanchronicle.com/node/207313/print

http://www.deccanchronicle.com/business/trai-moves-curb-mobile-phone-theft-313

 

New Delhi, Dec. 19: Mobile phone thefts could soon become unprofitable for thieves if telecom regulator TRAI has its way. The regulator had proposed blocking the international mobile equipment identity (IMEI) number of stolen handsets. Telecom operators have also signalled that this is technically feasible.

 

Once this measure is accepted, stolen mobile phones will be automatically blocked and will be of no use. This could bring down incidence of mobile phone thefts, which run into lakhs.

 

The mobile operators have suggested the creation of a central data base of IMEI numbers of stolen phones, which could be shared by the service providers. IMEI is a unique 15-digit code that comes with every mobile handset and helps in identification. If this number gets blocked, stolen mobile phones will not be of any use. They have also proposed to bring a legislation to prevent cloning of IMEI numbers so that the stolen phones are not reprogrammed with duplicate IMEI numbers of existing subscribers without the knowledge of the service providers.

 

�The blocking of IMEI is an effective solution to discourage mobile theft. This is important considering the fact that the mobile industry is adding a monthly subscriber base of approximately 18-19 million and there has to be a mechanism to curb mobile theft thereby reducing the security risk,� said Bharti Airtel.

 

The company has said that blocking of the IMEI should be chargeable as there will be additional cost involved to upgrade the network to support the new requirement.

 

In its consultation paper Trai had said that presently, there is no mechanism in place to block a lost mobile phone. �The theft of mobile phones is a serious problem world over.

 

In India with the increased penetration of mobile services, (theft) is becoming an issue especially in urban areas where market place, malls, cinema halls, buses, trains and metro stations have become some of the hunting grounds for mobile phone lifters,� Trai said, and added that while there are mechanisms to prevent the misuse of the stolen mobile connection, service providers don�t take any action either for blocking the handsets or for tracking its usage.

 

In 2004 also Trai had issued a consultation paper in this regard. However, at that time, many service providers had no capability to track or block IMEI.

 

But the situation has changed since 2008 when the telecom department asked telcos to disconnect mobile phones which do not have IMEI numbers as they could be misused by terrorists or criminals. Thereafter telecom service providers put Equipment Identity Register (EIR) in their systems so that calls from mobile handsets without IMEI are rejected.

 

Top


MITIGATION : New Google service identifies hacked sites

Dan Kaplan

December 17, 2010

http://www.scmagazineus.com/new-google-service-identifies-hacked-sites/article/193028/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+SCMagazineNews+%28SC+Magazine+News%29

Google has launched a new service that notifies web surfers in search results if a website they may visit has been hacked.

 

The capability � which displays the warning: "This site may be compromised" � is distinct from Google's already existing malware detection system that inserts an alert � "This site may harm your computer" � beside a search result if a site may be serving malware.

 

According to Google, the new service seeks to identify those sites in which a hacker has compromised the site to change the content of pages or add new links and pages. The motive of the intruders, Google said, may be to phish visitors of their private information or embed spam links that can be used to improve the search results of a hacker-owned site, a tactic known as black hat search engine optimization (SEO).

 

Maxim Weinstein, executive director of StopBadware, a nonprofit anti-malware organization, which vets Google data to ensure the malware detection system is accurate, warned that even though the new feature does not necessarily call out sites that could harm a user's computer, they eventually may.

 

"I get the sense that [it is identifying] the same basic mechanism of how someone may insert malware into a site," Weinstein told SCMagazineUS.com on Friday. "The underlying security problem that could lead to one could very likely lead to the other."

 

He added that this service helps both web surfers and site owners.

 

"[Google is] saying, 'Look, we have the capability of figuring this out,'" Weinstein told SCMagazineUS.com on Friday. "'Instead of say just lowering the site in the search rankings a bit, we're actually going to flag it in a more aggressive, public way.'"

Google encourages users who see the alert to notify webmasters and ask them to correct the compromise.

 

In years past, Google has announced separate services specifically designed to help webmasters keep their sites secure.

 

Top


BEWARE : New Malware Kit Available on the Underground Market

Researchers discover new crimeware toolkit

December 19th, 2010

By Lucian Constantin

http://news.softpedia.com/news/New-Malware-Distribution-Crimeware-Kit-Surfaces-on-the-Underground-Market-173591.shtml

 

Security researchers from Symantec have spotted a new crimeware toolkit being sold on the underground market, which generates a trojan that is exclusively used to distribute malware.

 

Crimeware toolkits are programs that can be used to create customized versions of trojans along with their command and control (C&C) software.

 

ZeuS or SpyEye are some of the most well known examples of crimeware toolkits, but compared to this new one, which is called "Dream Loader," they are significantly more complex.

 

"The pack, version 0.3, is relatively new and seems to be originating from Russia; it was first found in November and is designed to be modular and load plugins," notes Symantec security researcher Andrea Lelli.

 

The pricing model is a bit different from that of other toolkits. Cyber criminals can buy a customized version of the trojan and associated Web interface for $550, but not the builder itself.

 

This allows the Dream Loader authors to charge an additional $30 for any subsequent modification required by customers. However, the trojan builder seems to have leaked it and can now be downloaded for free.

 

It can be used to configure two C&C domain, the gateway page which infected computers access and a password used to encrypt the communication.

 

The C&C software allows the botnet herders to see statistics about their bots, the countries where they are located and the commands sent to them.

 

The backdoor, which Symantec detects as Trojan.Karagany, can't do much except download and run executables or update itself, which suggests that it is being used in pay-per-install schemes.

 

In such operations, malware and scareware authors pay botnet runners to deploy their creations on as many computers as possible.

 

"The bot uses some known tricks in order to bypass security products and conceal its presence on the infected machine, although the end result is still a pretty basic executable which is easily detectable and removable," Lelli concludes.

 

Top


TRUST? : Sr. Executives at Dell, AMD sold inside information

By Robert McMillan

IDG News Service

December 16, 2010

http://www.computerworld.com/s/article/9201427/FBI_Executives_at_Dell_AMD_sold_inside_information

 

Four executives at publicly traded technology companies have been arrested on charges they sold inside information about their employers, sometimes for hundreds of thousands of dollars.

 

The executives allegedly pocketed hefty consulting fees for selling data to Primary Global, a Mountain View, California, market research company. Primary Global recruits experts from a number of industries, including the technology sector, to provide information about trends that it then sells to money managers. But according to the U.S. Department of Justice, one of the firm's salesmen -- James Fleishman -- crossed the line and sold insider information to hedge funds.

 

"The information trafficked by the four 'consultants' went way beyond permissible market research," the U.S. Federal Bureau of Investigation said Thursday.

 

Primary Global declined to comment, except to confirm that the four insiders had worked for it as consultants, and to say that Fleishman, who has been with the company since June 2006, has now been placed on leave.

 

A former Dell global supply manager named Daniel Devore pleaded guilty to fraud charges on Dec. 10, the FBI said. He made US$145,750 from Primary Global between 2007 and 2010.

 

Devore is no longer employed by Dell, said Dell spokesman David Frink. "Dell is committed to the highest standards of ethics and integrity and we'll cooperate fully with law enforcement authorities," he said.

 

Devore also provided inside information concerning Dell suppliers including Western Digital and Seagate, according to court filings.

 

Fleishman was arrested Thursday on wire fraud and conspiracy charges.

 

Also arrested Thursday were Mark Longoria, formerly a supply chain manager with Advanced Micro Devices (AMD); Walter Shimoon, a senior director of business development with Flextronics International; and Manosha Karunatilaka, an account manager with Taiwan Semiconductor Manufacturing Company (TSMC), the DOJ said.

 

All three are facing wire and securities fraud charges.

 

AMD's Longoria made more than $200,000 during a two-year period, prosecutors say.

 

"It appears that AMD is the victim of an insider trading scheme," AMD said Thursday. Longoria resigned from the company on Oct. 22, 2010, and AMD has been cooperating with the investigation, the company said.

 

Shimoon, who worked for Apple partner Flextronics, allegedly "provided highly confidential sales forecast information and new product features for Apple's forthcoming 'iPhone' cellular telephone," the FBI said. He earned $22,000 in consulting fees.

 

Karunatilaka allegedly provided TSMC sales and shipping information.

 

Top


New IT Term of the day


daemon


Pronounced DEE-mun or DAY-mun. A process that runs in the background and performs a specified operation at predefined times or in response to certain events. The term daemon is a UNIX term, though many other operating systems provide support for daemons, though they're sometimes called other names. Windows, for example, refers to daemons as System Agents and services.

 

Typical daemon processes include print spoolers, e-mail handlers, and other programs that perform administrative tasks for the operating system. The term comes from Greek mythology, where daemons were guardian spirits.

 

Top


Quote of the day


Information has never been so free. Even in authoritarian countries information networks are helping people discover new facts and making governments more accountable.

 

Hillary Clinton

US Secretary of State

January 21, 2010

(Is the statement still valid post-Wikileaks?)

 

Top

 

Note -

  1. As a member of this group, you get useful information to protect yourself and your IT assets and processes from various Computer and Related Crimes.
  2. If you think that your other friends/colleagues/acquaintances/relatives/foes/enemies also needs this information, forward the mail to them and request them to send their e-mail addresses and names to us with subject as "Subscribe".
  3. If you or someone has become victim of Computer Crimes or has any query on prevention, you are welcome to write to us.
  4. If you are not interested in it and would like to unsubscribe - send a reply mail with subject as "Unsubscribe".
  5. Disclaimer - We have taken due care to research and present these news-items to you. Though we've spent a great deal of time researching these matters, some details may be wrong. If you use any of these items, you are using at your risk and cost. You are required to verify and validate before any usage. Most of these need expert help / assistance to use / implement. For any error or loss or liability due to what-so-ever reason, CRPCC and/or Sysman Computers (P) Ltd. and/or any associated person / entity will not be responsible.

 

 

No comments:

मैं नास्तिक क्यों हूं# Necessity of Atheism#!Genetics Bharat Teertha

হে মোর চিত্ত, Prey for Humanity!

मनुस्मृति नस्ली राजकाज राजनीति में OBC Trump Card और जयभीम कामरेड

Gorkhaland again?আত্মঘাতী বাঙালি আবার বিভাজন বিপর্যয়ের মুখোমুখি!

हिंदुत्व की राजनीति का मुकाबला हिंदुत्व की राजनीति से नहीं किया जा सकता।

In conversation with Palash Biswas

Palash Biswas On Unique Identity No1.mpg

Save the Universities!

RSS might replace Gandhi with Ambedkar on currency notes!

जैसे जर्मनी में सिर्फ हिटलर को बोलने की आजादी थी,आज सिर्फ मंकी बातों की आजादी है।

#BEEFGATEঅন্ধকার বৃত্তান্তঃ হত্যার রাজনীতি

अलविदा पत्रकारिता,अब कोई प्रतिक्रिया नहीं! पलाश विश्वास

ভালোবাসার মুখ,প্রতিবাদের মুখ মন্দাক্রান্তার পাশে আছি,যে মেয়েটি আজও লিখতে পারছেঃ আমাক ধর্ষণ করবে?

Palash Biswas on BAMCEF UNIFICATION!

THE HIMALAYAN TALK: PALASH BISWAS ON NEPALI SENTIMENT, GORKHALAND, KUMAON AND GARHWAL ETC.and BAMCEF UNIFICATION! Published on Mar 19, 2013 The Himalayan Voice Cambridge, Massachusetts United States of America

BAMCEF UNIFICATION CONFERENCE 7

Published on 10 Mar 2013 ALL INDIA BAMCEF UNIFICATION CONFERENCE HELD AT Dr.B. R. AMBEDKAR BHAVAN,DADAR,MUMBAI ON 2ND AND 3RD MARCH 2013. Mr.PALASH BISWAS (JOURNALIST -KOLKATA) DELIVERING HER SPEECH. http://www.youtube.com/watch?v=oLL-n6MrcoM http://youtu.be/oLL-n6MrcoM

Imminent Massive earthquake in the Himalayas

Palash Biswas on Citizenship Amendment Act

Mr. PALASH BISWAS DELIVERING SPEECH AT BAMCEF PROGRAM AT NAGPUR ON 17 & 18 SEPTEMBER 2003 Sub:- CITIZENSHIP AMENDMENT ACT 2003 http://youtu.be/zGDfsLzxTXo

Tweet Please

Related Posts Plugin for WordPress, Blogger...

THE HIMALAYAN TALK: PALASH BISWAS BLASTS INDIANS THAT CLAIM BUDDHA WAS BORN IN INDIA

THE HIMALAYAN TALK: INDIAN GOVERNMENT FOOD SECURITY PROGRAM RISKIER

http://youtu.be/NrcmNEjaN8c The government of India has announced food security program ahead of elections in 2014. We discussed the issue with Palash Biswas in Kolkata today. http://youtu.be/NrcmNEjaN8c Ahead of Elections, India's Cabinet Approves Food Security Program ______________________________________________________ By JIM YARDLEY http://india.blogs.nytimes.com/2013/07/04/indias-cabinet-passes-food-security-law/

THE HIMALAYAN TALK: PALASH BISWAS TALKS AGAINST CASTEIST HEGEMONY IN SOUTH ASIA

THE HIMALAYAN VOICE: PALASH BISWAS DISCUSSES RAM MANDIR

Published on 10 Apr 2013 Palash Biswas spoke to us from Kolkota and shared his views on Visho Hindu Parashid's programme from tomorrow ( April 11, 2013) to build Ram Mandir in disputed Ayodhya. http://www.youtube.com/watch?v=77cZuBunAGk

THE HIMALAYAN TALK: PALASH BISWAS LASHES OUT KATHMANDU INT'L 'MULVASI' CONFERENCE

अहिले भर्खर कोलकता भारतमा हामीले पलाश विश्वाससंग काठमाडौँमा आज भै रहेको अन्तर्राष्ट्रिय मूलवासी सम्मेलनको बारेमा कुराकानी गर्यौ । उहाले भन्नु भयो सो सम्मेलन 'नेपालको आदिवासी जनजातिहरुको आन्दोलनलाई कम्जोर बनाउने षडयन्त्र हो।' http://youtu.be/j8GXlmSBbbk

THE HIMALAYAN DISASTER: TRANSNATIONAL DISASTER MANAGEMENT MECHANISM A MUST

We talked with Palash Biswas, an editor for Indian Express in Kolkata today also. He urged that there must a transnational disaster management mechanism to avert such scale disaster in the Himalayas. http://youtu.be/7IzWUpRECJM

THE HIMALAYAN TALK: PALASH BISWAS CRITICAL OF BAMCEF LEADERSHIP

[Palash Biswas, one of the BAMCEF leaders and editors for Indian Express spoke to us from Kolkata today and criticized BAMCEF leadership in New Delhi, which according to him, is messing up with Nepalese indigenous peoples also. He also flayed MP Jay Narayan Prasad Nishad, who recently offered a Puja in his New Delhi home for Narendra Modi's victory in 2014.]

THE HIMALAYAN TALK: PALASH BISWAS CRITICIZES GOVT FOR WORLD`S BIGGEST BLACK OUT

THE HIMALAYAN TALK: PALASH BISWAS CRITICIZES GOVT FOR WORLD`S BIGGEST BLACK OUT

THE HIMALAYAN TALK: PALSH BISWAS FLAYS SOUTH ASIAN GOVERNM

Palash Biswas, lashed out those 1% people in the government in New Delhi for failure of delivery and creating hosts of problems everywhere in South Asia. http://youtu.be/lD2_V7CB2Is

THE HIMALAYAN TALK: PALASH BISWAS LASHES OUT KATHMANDU INT'L 'MULVASI' CONFERENCE

अहिले भर्खर कोलकता भारतमा हामीले पलाश विश्वाससंग काठमाडौँमा आज भै रहेको अन्तर्राष्ट्रिय मूलवासी सम्मेलनको बारेमा कुराकानी गर्यौ । उहाले भन्नु भयो सो सम्मेलन 'नेपालको आदिवासी जनजातिहरुको आन्दोलनलाई कम्जोर बनाउने षडयन्त्र हो।' http://youtu.be/j8GXlmSBbbk