Shellshock: 'Deadly serious' new vulnerability found!!!

 

 A "deadly serious" bug potentially affecting hundreds of millions of computers, servers and devices has been discovered.

The flaw has been found in a software component known as Bash, which is a part of many Linux systems as well as Apple's Mac operating system.
The bug, dubbed Shellshock, can be used to remotely take control of almost any system using Bash, researchers said.
Some experts said it was more serious than Heartbleed, discovered in April.
"Whereas something like Heartbleed was all about sniffing what was going on, this was about giving you direct access to the system," Prof Alan Woodward, a security researcher from the University of Surrey, told the BBC.
"The door's wide open."
Some 500,000 machines worldwide were thought to have been vulnerable to Heartbleed. But early estimates, which experts said were conservative, suggest that Shellshock could hit at least 500 million machines.
The problem is particularly serious given that many web servers are run using the Apache system, software which includes the Bash component.
Patch immediately Bash - which stands for Bourne-Again SHell - is a command prompt on many Unix computers. Unix is an operating system on which many others are built, such as Linux and Mac OS.
The US Computer Emergency Readiness Team (US-Cert) issued a warning about the bug, urging system administrators to apply patches.
However, other security researchers warned that the patches were "incomplete" and would not fully secure systems.
Of particular concern to security experts is the simplicity of carrying out attacks that make use of the bug.

‘WHAT LIES BENEATH IS TRUTH’!

                              In this modern era, we people make extremely use of gadgets for sharing of data like of images, songs or any document file but still we are unaware about some facts. You ever thought that you can insert a file in an image? The answer is ‘YES’. You can. From past few years in the world of crime there is a huge extended discussion on ‘STEGANOGRAPHY’ especially when terrorists started making use of steganography in their attacks.
            It is nothing but a sending of a secret message in encrypted form in images, audio, file, etc. This technique is tremendously used by terrorists so that the transfer of their secret data remains unsuspected. It is mainly used to hide send of confidential data during transmission and other won’t able to get access to the hidden file.
            We all know the story about ‘WORLD TRADE CENTRE’ (WTC), where al-Queda hijacked a plane and crashed it over WTC. In that case, al-Queda made use of steganography technique by sending ‘hiding maps and photographs of terrorist and instructions for terrorist activities in pornographic form’. If there's one thing the FBI hates more than Osama bin Laden, it's when Osama bin Laden starts using the Internet.
            For example, if two parties wants to exchange a confidential information and they want that no one should get an idea about this but even if the third party get access to their information, they may see a file or image but not able to collect the hidden data due to copyright protection. The Steganography can be used for  different purposes, some good or some bad. But its not to easy for an average person to detect a steganography file. The technology may be easy to use but difficult to detect. Really, difficult.

                                                                                                                                                Himanshu Chichghare 

“ FACEBOOK POSTINGS..a supplicate”

                    People, there is no such a thing without a touch of invention and passion, which are interwoven in the art and science of technology. Time has changed and technology has also changed, but the niche of protection and security is increasingly turning people towards the exercise of destruction and ruining of our lives. All around this globe there is a neurosis of the word ‘exploiting’ of our personal stuff within fraction of seconds. Yes people! Self space and pictures can lead to the rapid multiplication of pornography by some known/unknown strangers. I am talking about the way networking junkies are pasting our personal pictures and are creating the much needed difference to us. Girls, it’s all for you to get aware how your single picture can be distributed and then significantly coddled just for the sake of entertainment and fun. These network junkies are said to be the leading hunters to create all your nude replicas and stuffs on porn websites. Even this is not enough; they also circulate this amongst your friends and frenemies by creating your fake-id profiles on facebook.  Damn it guys! But, this is the reality which is hard to digest. Every minute, every hour, every second and every week, 10 out of 8 girls have been facing this shameless exploitation. Offcourse, people can’t be stopped for this unhealthy attitude, but it is we who can freeze this by putting a full-stop for these personal postings. This is not all about reading and shutting your PCs, it’s about creating a protective shell just for yourselves.

§      Deeper considerations on  sexual harassments:-

                 Technical aspects such as the presence of metadata can automatically embed your personal pictures, status and posts and can invite vulnerabilities to various threats. Personal grudges, one sided-love, timely infatuation, breakups, conflicts, threatening, insults and still much proximities can urge to the unpredictable consequences. It is just a work of nano seconds and all your personal stuff is spread evenly by your foes, friends or can also be someone from your family. As a result of all these embarrassments, girls end up either by committing suicides and losing their relations. Also hiding the things of being a victim of all these activities and waiting for the things to get clear is still not an appropriate solution to end the problem.  Rather, there are many cyber forensic experts who are there for your help  and will provide you with a quick fix.

§      No privacy maintained:-

Pasting, sharing and then copying the photos have created sexually exploiting stories in the CBIs. Even though, facebook has a setting for your privacy related terms, but all these are short term attempts to secure your accounts, yet they can create awkward postings. The 2012 Boston report brings into the considerations on how our personal photos were exploited and pasted on the pornography websites. Even after maintaining the terms and services by the facebook group, there is still a greater chance of getting sexual exploitation.

§      Personal disputes and grudges are main highlights:-

Even parents posting the pictures of their kids or children don’t realize the disadvantages of getting equally engaged  in all sorts of criminal activities on the web. In 2012, the "New York Daily News" reported that a Washington, D.C., conducted a survey about the facebook pictures on teens and they got to know that there were major personal reasons or disputes or personal grudges who are behind all these harmful activities on web. So, it is basically for the parents not to post their kids or any other pictures of their families. It’s really becoming quiet dangerous to become prone to all such activities.

§      Family pictures can be the reason of quarrels:-

There is definitely a point of maintaining own privacies in terms of pictures. But there are times when parents share the childhood pictures of their kids and this can create troubles and confusions in their own family backgrounds. Afterall, privacy from personal pictures is offcourse everyone’s cup of tea.

                            Even though facebook is the medium of connecting to the world, but it is stated that 66 % of the parents are only the reason for spreading the pictures of their kids for connecting with their world. But, mom and dad please consider the greater risk involved in these activities.  Instead of letting things happen intentionally or unintentionally, make yourself comfortable and think that there is always an option to open the door that can have our own right and own understanding.

www.cfts.co.in

Scam Alert! Facebook Online Lottery Email

 If our readers can recall, we had put together a list of some common Facebook online scams that people fall prey to. Adding to this list is another scam that is doing the rounds on the Internet. We call it the ‘Facebook Online Lottery Scam.’ Here’s a brief about what this scam is all about.

 

A couple of days ago, I received an unsolicited email informing me about an online lottery that I just won. The email stated that, I was one of the eight lucky winners to have won a sum of $1,000,000 in cash. According to the sender, Nine hundred thousand email addresses on Facebook were chosen for the lucky draw.

So, how do I claim this unbelievable-out-of-nowhere prize? It was easy. I simply had to reply to this sender (facebook.shares2014@lottery.com) with the following personal details:

• Full name
• Address
• Telephone number

I was also advised to keep this information confidential, otherwise, I would have risked getting unqualified for the prize.

The Real Story

While it always feels awesomely great to win a lottery or a prize, the above email is purely an online scam. It is just one of the sadistic tricks of cybercriminals to lure users with the ‘money carrot’ and trick them into furnishing their personal information including name, address, phone number, etc.

If I had replied to this email with the information they had asked for, then this is what would have happened.

The scammer would have replied asking me for a certain fee required for transferring the money into my account and probably my bank account details too. And If I had gone a step further, then I would have ended up losing my money to something that did not even exist in the first place; I would have been scammed!

We advise our readers never to respond to such unexpected or unsolicited emails, especially those associated with money. Be extra cautious against such emails that contain attachments or links. Clicking these would either take you to a phishing website or drop a nasty malware on your system.

खबरदार! वायरस कर सकता है अश्लील पोस्ट!

अनचाहे अश्लील पोस्ट से लोग परेशान

अखिल गुप्ता ने जैसे ही अपना फेसबुक अकाउंट खोला तो वो हैरान हो गए। कारण उनके वाल पर अनेक अश्लील पोस्ट थी। इनमें से कई उनके अकाउंट से डाली गई थी। तो कई दोस्तों के एफबी अकाउंट से टैग कर डाली गई थी।

जबकि उन्होंने एक भी अश्लील पोस्ट अपने अकाउंट से नहीं की थी।

यह केवल एक मामला नहीं है, हजारों फेसबुक यूजर्स के अकाउंट पर नूडिटी की बाढ़ आ गई है। सोशल साइट्स फेसबुक और आर्कुट यूजर्स के अकाउंट पर पिछले कुछ समय से अश्लील पोस्ट की जा रही है। जबकि यूजर्स इन पोस्ट को अपने वाल पर नहीं डाल रहे हैं।

Beware! Fraudster posing as priest tries to cheat in the name of 'donation'

Mangalore, Apr 24: In today's world, people become so cynical that even genuine acts of charity are sometimes taken with a pinch of salt. Here, however is a true life incident which proves that no matter how much one tries to stop such feelings of suspicion, there are enough people out there to destroy one's faith and there are also equal number of people who get trapped by conmen.

This is an account of one such "Faceless Crime" that took place just last week, where the "victims" were a kind and generous priest working as a missionary in West Bengal and his naive sister-in-law who is a housewife in Mangalore. The criminal instituted this crime with no personal exposure, no written documents, no signatures, no fingerprints but through his cell phone, savings bank account in the State Bank of India and the use of ATM cards.

Fr John (name changed), a simple, dedicated, hardworking and unassuming priest hailing from Mangalore, is a parish priest in a remote area in the Diocese of Kolkata. A true missionary, he has worked hard for decades to uplift and educate the poor people of that area, mostly tribals and he is well known for his charitable work there.

This story begins on April 14, when at about 11 am, he received a telephone call. The caller identified himself as one "Fr Edwin Joseph", a "Salesian Priest" from Mumbai now based in New Jersey, USA. After exchanging pleasantries, the caller told Fr John that he had visited his parish sometime back and being very impressed with the charitable work being done there, he had spoken about him to the people in USA who were his parishioners. He then said that these people had donated some amount for the use of this missionary work which he wanted to pass on to Fr John, and since he was running short of time, and was right now in the bank, he wanted Fr John to give him his SBI or HSBC bank ATM card number so that he could transfer the amount to his account for use in the Church. But Fr John told him that he did not have an account in either SBI or HSBC bank, so the caller told him to urgently check if anyone else known to him has accounts in either of these banks.

Fr John in his simplicity believed in the generosity of this so-called priest and started calling up some of his acquaintances but none of them seemed to be having an account in SBI or HSBC banks. By now, this "Fr Edwin" starts pressuring Fr John to hurry up as he was anxious to hand over the money collected from parishioners before he leaves India and enquired if he can provide any of his relatives’ account number.

Fr John then remembered his large clan in Mangalore, called up one of his brothers and learnt that his sister in law Mariet (name changed) has an account in the State Bank of India, Mangalore and gave the information to "Fr Edwin". Elated at getting this information, "Fr Edwin" asked for Mariet’s phone number so that he could directly contact her and take the details from her. He told Fr John that the amount would be transferred to her account in two days.

We Launch e-business solution for client...

As a e-business solution for client we provided Web/Windows Application Development, Mobile Application Development, Application Maintenance, Search Engine Optimization (SEO), Digital Marketing etc., We also understand that product development is an entirely different ball game than application development. That is why our product development teams stay with our customers longer, are ready to take on market changes, end-user reactions, and technological advancements in their stride.

Follows On,

http://cfts.co.in/software

Cloud Forensic Technologies offer number of Cyber forensics, Information Security and Ethical Hacking
courses which are custom designed as per your requirement. These courses prepare you in the
disciplines of Digital Forensics Investigations, incident response, memory forensics, network forensics
& mobile device forensics.
As computer and mobile software and operating systems rapidly change, digital forensics experts and
other law enforcement personnel must keep pace by constantly updating their tools and training.
Courses Offer:
1) Ethical Hacking and IT Security.
2) Cyber Forensic Expert
3) Workshop/Seminars for Collage & Corporate
The Certified Forensics Investigator is a revolution in the field of Forensics training. The entire
workshop/Training is driven by hands-on exercises and case studies to ensure that all aspects have a
real-life scenario-based approach. Training executed completely by practitioners and led by our
Cyber Security, Cyber Forensic and information security experts.
WHO SHOULD ATTEND THIS COURSE: -
• Police officials & Law enforcement officials
• Investigation Officers
• Auditors and financial fraud examiners
• Chief Security Officers and Chief Technology Officers
• Compliance Officers
• Lawyers, Law students
• Student

OUR SERVICES

“An organisation’s strongest potential is to calibrate all the units and companions together into a single rope so that, development begins at an increasing pace”. Our organisation is a competent assemblage according with competence in fields such as Cyber Forensic, Mobile Forensic, Computer Forensic, Cyber Law, Cyber Forensic Education, Mobile Forensic Education, High End Data Recovery, Data Recovery, Mac Forensic, Mac Data Recovery, Information Security, Network Forensic, Network Safety, Vulnerability Testing, Penetrating Testing, Cyber Mobile lab Setup, Cyber Forensic Analysis, Forensic Auditing, Legal Interception, Biometric Solutions & Storage Consultancy, to provide state of the art services. 

In Cyber Forensic Investigation, we provide the following type of Services :

• Hard Disk Data Cloning
• Hard Disk Data Analysis                  
• Mobile Data Analysis 
• Password Recovery 
• Forensic Investigation Training 
• Information Security Auditing 
• Vulnerability Assesment
• Forensic Fraud Investigation
• Linux Forensic
• MAC Forensic
• Live Server Cloning
• Legal Consulting

CLOUD FORENSICS TECHNOLOGIES provides Computer Forensic Services to various Government Law & Enforcement Agencies. These organizations are in need of data which are of help to them in getting some evidences in some cases. Our cyber forensic experts support these organizations with the data that is needed by them so that these can be put as admissible evidence. Our computer Forensic Services covers all areas of Computer fraud, computer misuse etc. We assist these organizations in finding the vital facts related to these cases.