Skip to main content


Showing posts from January, 2016

How to Avoid Tracking by Your Internet Service Provider?

The final version of the proposed “three strikes” anti-piracy code for Australian internet service providers (ISPs) has been published recently. Under the Copyright Notice Scheme code (PDF), residential Internet users that are found pirating content will be subject to a series of "escalating" warning notices from rights holders, sent via ISPs. The notices will warn users that they are infringing copyright, and that they will face legal action if they get three strikes recorded against their IP address -- that is, if they receive an Education, Warning and Final notice -- within a 12 month period. If a user gets three warning letters, or "strikes", in a 12-month period, ISPs will help copyright owners identify them for potential legal action after a hearing in a prescribed court. Up to 200,000 notices can be processed and sent each year. An industry code has to be in place by January 1

Over the past few months, thousands of Canadians have received ‘PiracyNotices’ in t…

LastPass Password Manager Details Vulnerable to Hack

LastPass is one of the popular password managers, which stores user’s passwords in the cloud in an encrypted vault. This user’s database is protected by a single username/password pare and various forms of two-factor authentication. However, some security researcher has recently issued a tool able to steal the login details and two-factor authentication key for the manager, thus leaving users potentially exposed. The instrument in question enables hackers to mimic the look and feel of the LastPass browser plugin and website, imitating the way the password manager requests a user’s password and two-factor authentication key.

The security researcher presented the attack at the hacker convention ShmooCon in Washington, calling it LostPass. The attack works because ordinary users can’t tell the difference between a fake and a real message. The fake message shows up if a user visits a malicious website. Once the malware detects that the browser is using LastPass, it mimics a LastPass notifi…

In 2015 google gave $2 million in rewards to over 300 people, largest single payment of $37,500 made to an Android security researcher.

Google said researchers from all over the world, coming from countries like Great Britain, Poland, Germany, Romania, Israel, Brazil, the US, China, Russia and India, participated in its security rewards programme. “Tomasz Bojarski found 70 bugs on Google in 2015, and was our most prolific researcher of the year. He found a bug in our vulnerability submission form,” the blog posted by Eduardo Vela Nava from Google Security team, said.
 In 2015, the company gave $2 million in rewards to over 300 people. The programme which was started in 2010 has seen Google giving out over $6 million in rewards so far. It said it has paid more than $200,000 to researchers for their work under Google’s Android (mobile operating system) VRP programme launched in June. This includes the largest single payment of $37,500 made to an Android security researcher. “We also injected some new energy into these existing research programs and grants. In December, we announced that we’d be dedicating one million dol…

Google reveals what it paid man, who owned for 1 min

Google has paid Sanmay Ved, the man who owned for a minute, $ 6,006.13 (about Rs 4.07 lakh) and later doubled the amount when he donated his reward to charity. In September last year, the ex-Googler, while searching Google Domains, found that (domain name) was available for purchase. He bought the domain for $12 and gained access to its webmaster tools before Google cancelled the sale. “You may have read about Sanmay Ved, a researcher who was able to buy for one minute on Google Domains. Our initial financial reward to Sanmay – $6,006.13 – spelled-out Google, numerically (squint a little and you’ll see it!). We then doubled this amount when Sanmay donated his reward to charity,” Google said in a blog post.

Ved, in a post on LinkedIn, had said he chose his award to be donated to the Art of Living’s education programme which runs 404 free schools across 18 states in India, providing free education to more than 39,200 children living in slums, tribal and rur…

New Book - 'Hacked Again' - It can Happened to Anyone... Even a Cyber Security Expert

Snap-Happy Trojan Targets Linux Servers

ISIS offering Indian hackers $10,000 a jobs

ISIS is luring Indian hackers with top dollar to hack into government websites and steal sensitive data. Hackers are also being asked to identify and create a database of potential recruits from Twitter and Facebook. For each 'job', a hacker would be paid upwards of $10,000. This is by far the most lucrative offer from the hacking community in India, experts say "There are various underground communities online where hackers interact regularly. Our investigation reveals that for the past six months, lucrative offers for stealing government data came pouring in and hackers were offered a huge sum. Such amount has never been offered to any Indian hacker before. We found that the offers were being made to spread ISIS reach in the country," said Kislay Choudhary, a cyber crime expert who works with several security agencies. Stealing government data is part of ISIS' intelligence gathering exercise and helps in formulating their India strategy, Choudhary added. ISIS s…