COMEXPO CYBER SECURITY

A man who used to hack train ticket booking website IRCTC to generate fake tickets was arrested from Dakshan Darwaza area in eastern Uttar Pradesh's Basti town on Thursday by a joint team of the Central Bureau of Investigation and railway's vigilance department, police said. Hamid was arrested by a team of officials from CBI's Bengaluru branch and the Central Railway, which camped in Basti for three days, following an information that he had created a software to sell tickets by hacking the IRCTC website, police officer Rohit Mishra said.  Hamid had tied up with a number of people engaged in the fake ticket racket all over the country and used to book railway tickets using the software, Mishra said, adding that 10 laptops, 16 ATM cards, two PAN cards and Rs 50 lakh in cash were recovered from him. He was taken on transit remand by the CBI and the Central Railway vigilance team for further questioning, the police officer added. A senior official said the online sa...

WhatsApp could have accidentally entered into troubled waters here in India by enabling its end-to-end encryption for all. The new security feature by WhatsApp is not what is required by the Indian telecom rules and WhatsApp could face a ban, if the rules are not adhered to. But not yet. In India, companies need to follow the country’s rules and adhere to specific types of encryption, which WhatsApp does not currently use. WhatsApp’s end-to-end encryption on its chat service means that WhatsApp or anyone else won’t be able to crack open its contents.  Only the sender and the recipient are able to read the encrypted data. WhatsApp uses a 256-bit key for encryption of all chat messages, which is only known to the sender and the recipient. Why is it not possible for WhatsApp to help decrypt users’ messages? "No one can see inside that message. Not cybercriminals. Not hackers. Not oppressive regimes. Not even us," WhatsApp founders Jan Koum and Brian Acton wrote on ...

The stolen usernames, as well as passwords of up to 18 million internet users, have been identified on a server that is owned by a Japanese Company and it is said that it have provided this information to the Chinese hackers. Even the Japanese Newspaper, The Yomiuri Shimbun  reported  that the Metropolitan Police Department of Tokyo have been arrested the company president as well as various employees at the Tokyo-based Nicchu Shinsei Corp. in November. And the authorities of that Japanese Company determined the company’s server that it has more than the 18 million login credentials in which at least 1.78 million users that belong to Yahoo Japan(90%), Twitter, Facebook as well as of an e-commerce company Rakuten and many other sites.  Yahoo Japan have reset the passwords for all the affected users accounts. And it is also said that the Japanese Company provided illegally those stolen credentials as well as the proxy services to the Chinese hackers. Then hac...

A group of Cyber Attackers of  Pakistan were making target to the Indian Military Force for stealing their personnel data through a data-theft campaign in which not only social engineering but also malicious malware involved.  When the researchers of Trend Micro observes the attacks, then they found the information about this operation which is known as  “C-Major". Even researchers added that they discovered about the operation of those attackers that the hackers want to steal at least 160 military officer's information, their consultants, attaches and also information about the Indian re-sellers in which not only including their personal photographs, confidential documents, information about their financial records, strategies, passports and also photo IDs. The security firms said that the attackers initiated their attacks through fake emails that will be sent to the targeted user individually. And this would be possible because the attackers use the ...

The US government has unsealed an indictment against Iranian hackers, who were charged with hacking the US banks along with a small dam between 2011 and 2013. The US authorities believe that the hackers are working on behalf of the Iranian government. The development of events marked a shift in the relations between Iran and the United States after the countries negotiated a nuclear treaty. Media reports did link the hack to the Islamic Republic, but the indictment against the Iranians has been sitting on Justice Department shelves for more than a year before being partly released. It turned out that specific Iranians were accused of engaging in cyber attacks against critical infrastructure of the United States. The men, linked to Iranian tech firms, were accused of blocking access to 46 American financial institution websites, including PNC, Bank of America, NYSE and Capital One. The DDoS attacks were carried out by bombarding the bank sites with useless traffic from dron...

This post is about a simple vulnerability found on Facebook which could have been used to hack into other user's Facebook account easily without any user interaction. This gave Anand Prakash full access of another users account by setting a new password. He was able to view messages, his credit/debit cards stored under payment section, personal photos etc. Facebook acknowledged the issue promptly, fixed it and rewarded $15,000 USD considering the severity and impact of the vulnerability. Description: Whenever a user Forgets his password on Facebook, he has an option to reset the password by entering his phone number/ email address on https://www.facebook.com/login/identify?ctx=recover&lwv=110 ,Facebook will then send a 6 digit code on his phone number/email address which user has to enter in order to set a new password. He tried to brute the 6 digit code on www.facebook.com and was blocked after 10-12 invalid attempts. Then He looked out for the same issue on beta....

Once again the heat was felt by the Los Angeles-based Presbyterian Medical Center when a group of hackers had sealed all its sensitive files and demanded $17,000 USD to regain the access to those compromised data. The devastation of the compromised files can be pitched as: Compromised emails Lockout Electronic Medical Record System [EMR] Encrypted patient data Unable to carry CT Scans of the admitted patients Ferried risky patients to nearby hospitals ...and much more unexplained outcomes. Hospital End up Paying $17,000 As the situation was grown out of wild, the hospital paid 40 Bitcoins (Roughly US $17,000) to the Ransomware Criminals to resume their medical operations after gaining the decryption keys. "The quickest and most efficient way to restore our systems and administrative functions was to pay the ransom and obtain the decryption key," the hospital CEO Allen Stefanek said in a  letter . All the electronic medica...

Recently anonymous hackers have breach South African Government’s website database as part of #OpAfrica campaign. Now the hackivists involved in the #OpAfrica and #OpMonsanto campaigns and have breached South Africa’s Department of Water Affairs (DWA). Hackers have breached the site’s database, stolen all its data and dumped it online. The dumped data on online contains names, emails, ID numbers of over 5,800 government employees and collaborators. It’s not over, even phone numbers, date of birth, addresses, departments where they work, job titles, and hashed passwords  has been dumped online. Hackers got access to the site’s administration panel, and got all the user details.

Qihoo 360 buys Opera in $1.2 Billion Opera Software intends to accept a $1.2 billion acquisition offer from a group of Chinese companies. The Chinese consortium includes Internet security company Qihoo 360, Internet firm Beijing Kunlun (which invested roughly   $93 million   into Grindr earlier in the year) and investment group Golden Brick and Yonglian. According to Opera, the $1.2 billion is a 56 percent premium over Opera's share price during the last 30 trading days. Despite   claiming   350 million users, the company's browser has struggled in the oversaturated Western market. China could be a profitable arena for Opera, in part because Google's Chrome browser   does not come preinstalled on Android phones in China like it does elsewhere. In addition, doing business in China without local partners is nigh impossible, but Opera could leverage the networks of Kunlun and Qihoo 360 if the deal goes through. Snapdeal Buys Freecharge in $400Millio...

The White House is seeking to hire its first ever Chief Information Security Officer – this position is a must-have at many companies and local governments, but for some reason not at the federal level – even despite complaints from security experts and lawmakers. In the absence of such position, the US government has sometimes had problems with various agencies as it has sought to respond to the latest breach. The government explained that the Chief Information Security Officer will focus on coordinating cyber security across federal agencies and will be housed within the Office of Management and Budget at the White House. It is also known that the position is expected to fill in 2 to 3 months. Apparently, the US government finally decided to place a greater priority on cyber security, even though the solution to this problem is simply putting someone person in charge of fixing it. Actually, the government already has offices in charge of preventing hackers from breaching...

Suspected Pakistan-based groups have hacked the official website of the Indian Revenue Service (IRS) belonging to the income tax (I-T) department. Officials said the website—irsofficersonline.gov.in—was hacked early on Saturday,6 February 2016 and it has been rendered inaccessible since then. They said messages were posted on the link such as “Pakistan Zindabad” and “we are team Pak cyber attacker”. The website, which acts as an official communicator for official work between the Central Board of Direct Taxes and the I-T department’s field offices in the country, has put up a message saying, “We’ll be back soon! Sorry for the inconvenience but we’re performing some maintenance at the moment.” The technical team handling the website has sent a report in this regard to the Computer Emergency Response Team of India, which is the nodal agency to combat hacking, phishing and to fortify defences of the Indian Internet domain.

Gujarat High Court’s official website www.gujarathighcourt.nic.in has been hacked on 6 February 2016, Pakistan cyber hackers have attacked the Recruitment option of High Court site The site is hacked by PCA FAISAL 1337 Hacked by Faisal 1337 We are Team Pak Cyber Attackers,  High court recruitment website into the message being put option Kashmir Indian troops are killing innocent civilians. Pakistani hackers put the above message to the Indian government and people of India.  Do you know what your so called hero's (soldiers) are doing in Kashmir? Do you know they are killing many innocent poeople in Kashmir? Nothing deleted, or stolen. Just here to deliver my message to the government and the people of India. :) Where is the security? Greets to all Pakistani Hackers. Pakistan Zindabad