COMEXPO CYBER SECURITY

Want to stay in-the-know when it comes to all matters regarding your safety and security online? Then be sure to check our selection of the  Top 15 Cyber Security Influencers . It’s not easy to stay up-to-date with all the security news in today’s rapidly changing tech world, but with all the on-going threats that arise , it is extremely important to stay current! With that being said, we’ve gone ahead and done the research for you, and put together a list of the 15 top cyber security influencers. Follow them for the latest industry news and to always stay safe and secure online! The Top Cyber Security Influencers: 1. Kim Zetter –  @ KimZetter Kim Zetter is a Senior staff writer at Wired and author of “Countdown to Zero Day”- a book that reveals the story behind  Stuxnet, a virus that sabotaged Iran’s nuclear efforts. Kim has written over 100 articles for Wired and has also appeared as a guest on NPR and CNN. If you’re a Mr. Robot fan, be su...

When Edward Snowden met with reporters in a Hong Kong hotel room to spill the NSA’s secrets, he famously asked them put their phones in the fridge to block any radio signals that might be used to silently activate the devices’ microphones or cameras. So it’s fitting that three years later, he’s returned to that smartphone radio surveillance problem. Now Snowden’s attempting to build a solution that’s far more compact than a hotel mini-bar. On Thursday at the MIT Media Lab, Snowden and well-known hardware hacker Andrew “Bunnie” Huang plan to present designs for a case-like device that wires into your iPhone’s guts to monitor the electrical signals sent to its internal antennas. The aim of that add-on, Huang and Snowden say, is to offer a constant check on whether your phone’s radios are transmitting. They say it’s an infinitely more trustworthy method of knowing your phone’s radios are off than “airplane mode,” which people have shown can be hacked and spoofed. Snowden and Huang ...

People all over have been trying to enjoy the new  Pokémon Go  app, which released this week to so much fanfare that it’s experiencing massive  server overload . The hype was so real that people were passing around APK files so that people outside the countries where it’s available could side-load it on Android, something We saw in my own friend groups. Security firm Proofpoint is now cautioning those who couldn’t wait for an official app store release, saying that one specific APK was modified to install a backdoor called DroidJack. The app is different form the official version, but is close enough to fool anyone who may have picked it up. The firm discovered the infected Android version of the app less than 72 hours after the game was released in New Zealand and Australia on July 4. Proofpoint highlights some ways to tell if this particular version has been installed. For example, in the list of permissions (which you can access by going to your Settings, t...

Gujarat Secondary Education Board (GSEB) official website  www.gseb.org  is hacked by anonymous hacker with nick name "M4573R 5N1P3R" and changed the home page of the website. GSEB 12th Results of 2016 are likely to be declared on the 17th May 2016 and website is hacked on 13 may in the evening. Authorities are worried about this bad incidence happened to the gseb.org website. GSEB is the official website of Gujarat Secondary and Higher Secondary education board. It is responsible to manage the various examination, recruitment and results in Gujarat state. Most of the news related to education in Gujarat are published on the same portal. It is also displaying the various madhyamik schools update on the website. All the GSEB Examination Results are displayed on the single platform called gseb.org. Website is hacked by anonymous hacker with nick name "M4573R 5N1P3R" who is member of pak cyber experts group . This group already hacked more th...

IRCTC is India's largest e-commerce website, lakhs of transactions are conducted every day. Customers provide details like PAN card, DoB, etc while filling up online reservation forms. A senior railway official said, "Somebody can create forged documents on the basis of the stolen data." Personal data of around 1 crore customers is feared to have been stolen from the server of the e-ticketing portal Indian Railway Catering and Tourism Corporation (IRCTC), thus raising fears of safety and security. An IRCTC source said, "The data is a valuable asset and can be sold to corporations who may use it for targeting potential consumers." IRCTC officials say the Maharashtra government has been alerted. Indian Railway Catering and Tourism Corporation (IRCTC) has denied reports claiming that the e-ticketing portal of Indian Railways has been hacked. "We deny all reports claiming that IRCTC website was  hacked . It is running perfectly fine," IRCTC PRO ...

A man who used to hack train ticket booking website IRCTC to generate fake tickets was arrested from Dakshan Darwaza area in eastern Uttar Pradesh's Basti town on Thursday by a joint team of the Central Bureau of Investigation and railway's vigilance department, police said. Hamid was arrested by a team of officials from CBI's Bengaluru branch and the Central Railway, which camped in Basti for three days, following an information that he had created a software to sell tickets by hacking the IRCTC website, police officer Rohit Mishra said.  Hamid had tied up with a number of people engaged in the fake ticket racket all over the country and used to book railway tickets using the software, Mishra said, adding that 10 laptops, 16 ATM cards, two PAN cards and Rs 50 lakh in cash were recovered from him. He was taken on transit remand by the CBI and the Central Railway vigilance team for further questioning, the police officer added. A senior official said the online sa...

WhatsApp could have accidentally entered into troubled waters here in India by enabling its end-to-end encryption for all. The new security feature by WhatsApp is not what is required by the Indian telecom rules and WhatsApp could face a ban, if the rules are not adhered to. But not yet. In India, companies need to follow the country’s rules and adhere to specific types of encryption, which WhatsApp does not currently use. WhatsApp’s end-to-end encryption on its chat service means that WhatsApp or anyone else won’t be able to crack open its contents.  Only the sender and the recipient are able to read the encrypted data. WhatsApp uses a 256-bit key for encryption of all chat messages, which is only known to the sender and the recipient. Why is it not possible for WhatsApp to help decrypt users’ messages? "No one can see inside that message. Not cybercriminals. Not hackers. Not oppressive regimes. Not even us," WhatsApp founders Jan Koum and Brian Acton wrote on ...

The stolen usernames, as well as passwords of up to 18 million internet users, have been identified on a server that is owned by a Japanese Company and it is said that it have provided this information to the Chinese hackers. Even the Japanese Newspaper, The Yomiuri Shimbun  reported  that the Metropolitan Police Department of Tokyo have been arrested the company president as well as various employees at the Tokyo-based Nicchu Shinsei Corp. in November. And the authorities of that Japanese Company determined the company’s server that it has more than the 18 million login credentials in which at least 1.78 million users that belong to Yahoo Japan(90%), Twitter, Facebook as well as of an e-commerce company Rakuten and many other sites.  Yahoo Japan have reset the passwords for all the affected users accounts. And it is also said that the Japanese Company provided illegally those stolen credentials as well as the proxy services to the Chinese hackers. Then hac...

A group of Cyber Attackers of  Pakistan were making target to the Indian Military Force for stealing their personnel data through a data-theft campaign in which not only social engineering but also malicious malware involved.  When the researchers of Trend Micro observes the attacks, then they found the information about this operation which is known as  “C-Major". Even researchers added that they discovered about the operation of those attackers that the hackers want to steal at least 160 military officer's information, their consultants, attaches and also information about the Indian re-sellers in which not only including their personal photographs, confidential documents, information about their financial records, strategies, passports and also photo IDs. The security firms said that the attackers initiated their attacks through fake emails that will be sent to the targeted user individually. And this would be possible because the attackers use the ...

The US government has unsealed an indictment against Iranian hackers, who were charged with hacking the US banks along with a small dam between 2011 and 2013. The US authorities believe that the hackers are working on behalf of the Iranian government. The development of events marked a shift in the relations between Iran and the United States after the countries negotiated a nuclear treaty. Media reports did link the hack to the Islamic Republic, but the indictment against the Iranians has been sitting on Justice Department shelves for more than a year before being partly released. It turned out that specific Iranians were accused of engaging in cyber attacks against critical infrastructure of the United States. The men, linked to Iranian tech firms, were accused of blocking access to 46 American financial institution websites, including PNC, Bank of America, NYSE and Capital One. The DDoS attacks were carried out by bombarding the bank sites with useless traffic from dron...

This post is about a simple vulnerability found on Facebook which could have been used to hack into other user's Facebook account easily without any user interaction. This gave Anand Prakash full access of another users account by setting a new password. He was able to view messages, his credit/debit cards stored under payment section, personal photos etc. Facebook acknowledged the issue promptly, fixed it and rewarded $15,000 USD considering the severity and impact of the vulnerability. Description: Whenever a user Forgets his password on Facebook, he has an option to reset the password by entering his phone number/ email address on https://www.facebook.com/login/identify?ctx=recover&lwv=110 ,Facebook will then send a 6 digit code on his phone number/email address which user has to enter in order to set a new password. He tried to brute the 6 digit code on www.facebook.com and was blocked after 10-12 invalid attempts. Then He looked out for the same issue on beta....

Once again the heat was felt by the Los Angeles-based Presbyterian Medical Center when a group of hackers had sealed all its sensitive files and demanded $17,000 USD to regain the access to those compromised data. The devastation of the compromised files can be pitched as: Compromised emails Lockout Electronic Medical Record System [EMR] Encrypted patient data Unable to carry CT Scans of the admitted patients Ferried risky patients to nearby hospitals ...and much more unexplained outcomes. Hospital End up Paying $17,000 As the situation was grown out of wild, the hospital paid 40 Bitcoins (Roughly US $17,000) to the Ransomware Criminals to resume their medical operations after gaining the decryption keys. "The quickest and most efficient way to restore our systems and administrative functions was to pay the ransom and obtain the decryption key," the hospital CEO Allen Stefanek said in a  letter . All the electronic medica...

Recently anonymous hackers have breach South African Government’s website database as part of #OpAfrica campaign. Now the hackivists involved in the #OpAfrica and #OpMonsanto campaigns and have breached South Africa’s Department of Water Affairs (DWA). Hackers have breached the site’s database, stolen all its data and dumped it online. The dumped data on online contains names, emails, ID numbers of over 5,800 government employees and collaborators. It’s not over, even phone numbers, date of birth, addresses, departments where they work, job titles, and hashed passwords  has been dumped online. Hackers got access to the site’s administration panel, and got all the user details.