Sony Servers Now Hit By Phishing Scam

Sony’s cyber security woes are continuing. Security player F-Secure has discovered the presence of a phishing site on certain Sony websites in Thailand and Italy.

This latest attack is separate to the hacking attack that forced the PlayStation Network’s closure in recent weeks.

F-Secure discovered the phishing site running on Sony’s official Thailand website that redirected users to a phishing site that purported to be an Italian credit card company.

“Basically, this means that Sony has been hacked, again. Although in this case the server is probably not very important. Sony has been notified. The malicious URL is blocked for our customers,” F-Secure said.

F-Secure specialises in analysing and defending against virus, phishing, spyware and spam attacks.

The PlayStation Network was taken offline in recent weeks following a devastating cyber attack on Sony's servers that saw hackers access information on more than 77m users. The Sony Online Network (SOE) was also hit in an attack and a further 25m users' details were accessed, including 24,000 credit and debit card details.

On Saturday, Sony confirmed its PlayStation Network was gradually coming back online, starting in the US. It said users needed to update the firmware and change their passwords.

Source:- http://www.siliconrepublic.com/strategy/item/21893-sony-servers-now-hit-by/

Read More

DMCA Policy of World Cyber News

www.worldcybernews.com is in compliance with 17 U.S.C. § 512 and the Digital Millennium Copyright Act ("DMCA"). It is our policy to respond to any infringement notices and take appropriate actions under the Digital Millennium Copyright Act ("DMCA") and other applicable intellectual property laws.

If your copyrighted material has been posted on www.thehackernews.com or if hyperlinks to your copyrighted material are returned through our search engine and you want this material removed, you must provide a written communication that details the information listed in the following section. Please be aware that you will be liable for damages (including costs and attorneys' fees) if you misrepresent information listed on our site that is infringing on your copyrights. We suggest that you first contact an attorney for legal assistance on this matter.

The following elements must be included in your copyright infringement claim:

• Provide evidence of the authorized person to act on behalf of the owner of an exclusive right that is allegedly infringed.
• Provide sufficient contact information so that we may contact you. You must also include a valid email address.
• You must identify in sufficient detail the copyrighted work claimed to have been infringed and including at least one search term under which the material appears in www.thehackernews.com search results.
• A statement that the complaining party has a good faith belief that use of the material in the manner complained of is not authorized by the copyright owner, its agent, or the law.
• A statement that the information in the notification is accurate, and under penalty of perjury, that the complaining party is authorized to act on behalf of the owner of an exclusive right that is allegedly infringed.
• Must be signed by the authorized person to act on behalf of the owner of an exclusive right that is allegedly being infringed.

Send the infringement notice via email to worldcybernews[at]yahoo.com

Read More

Submit Your News on World Cyber News

We The World Cyber News Cordially invites your Article For Our News Website. Please support us ,All Hacker Friends and People from Cyber World to make this Website for most Authenticated place for News. please email (thecybernews@gmail.com) us yourself, your websites, your aim, your skills and your achievements. Tthe articles sent by you will be published in our official news site : http://www.worldcybernews.com/


News Article Format
1.) Title
2.) Description
3.) Article + Suitable Images + Links
4.) Source Link (If any)
5.) Submitted By ( Name + Pic + website link + Codename )


Email Us you article in the form of a MS word file as attachment to : thecybernews@gmail.com

Regards
World Cyber News.

Read More

Businesses Most at Risk for Internet Hacking

Career criminal Willie Sutton is credited with saying that he robbed banks, “because that’s where the money is,” and while Sutton later claimed to have never uttered that infamous line, he did say in his autobiography that criminals “go where the money is … and go there often.”

Nick Rowe | Photodisc | Getty Images

Unfortunately for many businesses, today’s Internet criminals seem to be going where the money is and they are, indeed, going there often—as the recent hacking of Sony’s [SNE 27.07 -0.15 (-0.55%) ] PlayStation Network has proven. Cyber crime experts say that virtually all businesses online are targets.

“Money attracts criminals,” says Melih Abdulhayoglu, CEO of Comodo, the maker of antivirus and firewall solutions for business. “The financial industry continues to suffer a lot from cyber crime attacks.”

Abdulhayoglu says that high-profile companies that rely on Internet for revenue are seeing an increase in attacks. One of the reasons this is happening is that there has been a shift from the lone hacker or specialized cyber criminal to criminal enterprises that are looking to make online attacks part of a new business model.

“Cyber crime has become a more lucrative industry than trying to smuggle drugs across the border,” says Abdulhayoglu, “and it is actually far less risky.”

Moreover, just as criminals in the off-line world have specialties and thus unique skill sets that target specific businesses, so too are there specialized cyber criminals, putting more businesses at risk.

“It isn’t so much that some industries are more susceptible,” says Mark Bell, Executive Vice President of Operations for Digital Defense, “but there are now different threats based on particular industries.”

Money remains a big target, putting banks, credit unions and other financial institutions that move money in the cyber crosshairs, but money isn’t the only target. Defense industries and governmental institutions are also being targeted by cyber criminals and terrorists looking to gain information and find other vulnerabilities.

But regardless of whether money is the directly target, it is still all about the money in the end.

“There is the threat against intellectual property,” says John Kindervag, Senior Analyst at Forrester Research. “There are hackers who are looking to steal another companies R&D because they can sell the information to a company that has a small R&D budget. So it may be about intellectual capital or money, or just something you can turn into money.”

The threat is also increasing for smaller businesses and entities. While these had been largely ignored by cyber criminals, small and medium sized businesses have become the low hanging fruit for hackers.

“They don’t have the budget to be as diligent as larger companies,” says Kindervag, “But they still have data that can be monetized. It is like robbing a small bank or robbing a large bank. The smaller bank might have less guards and just as much money to steal.”

Doug Johnson, Vice President, Risk Management Policy, American Bankers Association agrees that smaller banks are indeed targets, just as much as larger institutions.

“We’re accustomed to being a target,” says Johnson, who adds “you are only as secure as your weakest link. It is up to the institution to conduct risk assessment and to mitigate risks, along with transaction monitoring. What is important is that the financial institutions have multiple layers of security.”

Johnson says that while threats do run down hill, and that cyber criminals may target larger banks before moving to community banks, the protection is also passed down.

“We represent the entire industry, so while we represent the largest banks, we also work with community banks around the country. This ensures that the larger threats to the big institutions are known to community banks. That protects the entire environment.”

Regardless of the size of the institution, there is concern that handheld devices are now opening new holes. A recent study from Origin Storage found that 41 percent of what should be a security savvy audience are carrying sensitive data on mobile devices unprotected. The study also found that 19 percent of respondent organizations suffered a data breach following the loss of a portable device that contains unencrypted data.

“Mobile devices are opening new holes to networks, and the addition of apps means corporate data is being put at risk,” says Tom DeSot, Executive Vice President and Chief Information Officer for Digital Defense, noting this is increasing a problem with small and medium sized businesses. “Things that connect wirelessly or via a USB tether are further adding new issues. It is hard for a small business to stay on top of everything.”

Protecting from cyber crime is also unfortunately becoming ever more difficult, in part because too many people are far too trusting online.

“When is the last time you opened the door blindfolded to someone you don’t know,” asks Abdulhayoglu? “Most people would never do this at home or work, but we do it every day in the digital world.”

Source:-http://www.cnbc.com

Read More

Crime Reporting Systems 'Incredible Police Burden'

Police resources are being stretched by onerous and unnecessarily complex crime reporting systems, according to a British crime expert.

Former detective superintendent John Gillon worked for 30 years in the Scottish police force, specialising in intelligence, cyber crime and information systems.

Mr Gillon now works with Memex Technology, a security consultancy firm. He was in Canberra this week to help its parent company, the SAS Institute, set up a public security centre in the Asia-Pacific.

Mr Gillon's research focuses largely on the way in which police officers record crimes on internal police information systems.

Those studies have shown that, since the mid-1990s, the process of creating crime reports had become increasingly onerous.

Mr Gillon said that for any single incident, a police officer was typically forced to enter reports in a range of separate records systems, including a crime reporting system, custodial records and a sex offenders register.

''[In] a piece of analysis that I did ... a simple domestic violence incident, an officer was required to input a free text explanation of what had happened into 11 different systems,'' Mr Gillon said.

''It means it can be an incredible burden, so it screams out for a more holistic approach.

''We also looked at the amount of time it took officers to input intelligence ... and it will surprise you to know that, in a very, very simple scenario, it took officers over four hours to input that information.''

He said by streamlining an officer's reporting requirements, and by creating a single, seamless police information system, forces would also greatly improve their ability to analyse intelligence.

Such a system, he said, would help intelligence analysts make connections between different crimes.

''They've all got this burden of disconnect between these key systems,'' Mr Gillon said.

''Ideally, you want to put information in once and once only, and carry that information forward,'' he said.

Source:- http://www.canberratimes.com.au

Read More

Anti-Cyber Crime: Eight Arrested

MANILA, Philippines — Operatives of the National Bureau of Investigation (NBI) Friday swooped down a posh village in Pasig City and arrested at least eight foreign nationals allegedly being hunted by the Taiwanese government for alleged cyber crime.

But NBI-National Capital Region (NCR) chief lawyer Constantino Joson declined in an informal news conference to give the identities of the arrested suspects. He said that they have yet to establish if the suspects are indeed Chinese, or Taiwanese or Hong Kong nationals.

“We are in the process of determining the real identifies and nationalities of the arrested suspects.” Joson said.

He said they have to be very cautious in their investigation to avoid any lapses.

Joson said the NBI agents, who were armed with a search warrant issued by a Manila court, raided the house at 421 Valle Verde IV in Pasig City, at around 12 noon last Friday.

NBI agent Lawyer Eduardo Ramos, in an interview, said the arrest of the eight foreign nationals stemmed from the request of Taiwanese Economic Cultural Office (TECO) that several natives from Taiwan, who were wanted for cybercrimes, were in the country.

In a letter sent to the NBI last April, TECO Police Liaison Officer Bart Lee informed the bureau that at least 10 groups, made up of 5 or more persons, had illegally put up a call-center like stations in different posh subdivisions which were used to victimized Taiwanese nationals.

Ramos, citing the letter of TECO, said that the foreign syndicates had transferred their operations in the country from different Southeast Asian countries due to the country's lax law enforcement.

“The information we received further stated that the group were allegedly involved in different cyber crimes like cyber sex and online lottery fraud among others,” he told the Manila Bulletin.

But even before they received the tip from TECO, Joson said that they had place the said residence under surveillance for three months already.

According to Joson, they were initially tipped by informants about the presence of the suspects in the area under very suspicious conditions.

Source:- http://www.mb.com.ph

Read More

20-year-old MSU Student Helps Crack Cyber Cases

VADODARA: He is just 20 and studying in third year of Bachelors of Engineering (BE), computers at Faculty of Technology and Engineering, M S University (MSU). But, he spends most of his time at the police stations in the city. Whenever, the cops come across cyber crime cases, they simply dial up Bhaumik Merchant's number. And, Merchant does not disappoint them. He has helped police officials crack many cases ranging from e-mail hacking to online financial frauds.

The cops have also been able to trace accused and take action against them in some of the cases. Interestingly, despite claims of having its own cyber crime cell, the cops have to rely more on such experts. "I was working as an intern with the crime branch last year when I came in touch with the police. I started working on some cyber crime cases that were registered in the police stations and got associated with the cops," Merchant told TOI.

"While I get to solve tough cyber crime cases, working for public cause also gives me satisfaction," Merchant said.

Last year, the city police got a case wherein a girl's photographs were picked up from her Facebook (FB) profile and cropped by her ex-boyfriend. The accused pasted his and her photographs on a certificate to prove that they were married. He sent that certificate copy to her fiancée who broke the engagement. Merchant tracked the case and even helped her close her FB account.

In a case of financial fraud, a resident of Wadi area lost Rs 40,000 from his bank account after he submitted his credit card number and bank account number to a website that promised him a lottery amount of 4.50 lakh British pounds. Merchant tracked the transactions and found that while the email came from Nigeria, money was withdrawn from Delhi.

"We come across several cyber crime cases in the city and Merchant has been very helpful. He has helped us solve many cyber cases. It is very necessary to keep case details confidential during investigations and despite being so young, Merchant has been very co-operative," said Gotri police inspector Shankar Chaudhary.

A senior cop admitted that the police department does not have cyber experts who can work on such cases and that there is a need to train policemen in tracking online frauds.

Source:- http://timesofindia.indiatimes.com

Read More

Check a/c Details if Phone Conks off

If your phone conks off next time, contact your bank immediately. It’s not due to poor signal, but because of your online transaction. Still clueless about how are your online transactions can be blamed if your cellphone conks off out of the blue. The cyber crime cell says fraudsters are using this modus operandi to fraudulently transfer funds from bank accounts of unsuspecting victims to theirs. And they work closely with the victim’s mobile service provider, which goes off inexplicably, stopping any SMS mentioning details of transaction from the bank to be sent to his cellphone. “This prevents alert from the bank to be received on the victim’s cellphone. Fraudsters use a replacement SIM card to send the transaction details to their phone instead, leaving no trail behind,” said a police officer from the cyber crime cell at Bandra-Kurla Complex police station.

“One group of accused manage to get the credit/debit card details of the victim by using means like phishing or hacking. Once they have the card details and can go through with any transaction, the role of the second group begins. The second group has to ensure that the victim does not receive an SMS alert about any transaction,” said a police officer.

In April, a city-based scientist lost Rs10 lakh after the accused fraudulently transferred money from his bank account to his using the same modus operandi. The cyber police, however, managed to track down Mohammad Yusuf Athar Shaikh, 25, to his south Mumbai residence who had posed as the scientist and got a replacement SIM card in the latter’s name. “One Minaz Athar Ali Tajwala, 35, whose cellphone was used to insert the replacement SIM card was also arrested. The duo were presented before the court on May 15 where Shaikh was remanded in police custody till May 18 and Tajwala till May 19,” said senior police inspector Nandkishore More of BKC police station.

Alarmed at this trend, joint commissioner of police (crime) Himanshu Roy said, “People should immediately check with their bank and service provider if their mobile network connection goes off inexplicably.”

Source:-http://www.hindustantimes.com/Check-a-c-details-if-phone-conks-off/Article1-698456.aspx

Read More

Workshop Held to Help Police Tackle Cyber Crime

The Gurgaon police has decided to turn the spotlight on cyber crime cases, which have been rising steadily in the city over the years. According to records, at least 100 cases of cyber crime were reported in the first four months of this year.

In order to solve these cases at the earliest and make police more efficient in this field, the Police department has roped in an expert from the Internet and Mobile Association of India to impart much-required training.

A one-day workshop in this regard was held on Wednesday, and it was attended by around 20 inspectors and sub-inspectors.

“We have to take the help of various agencies such as banks and Internet providers while probing cyber crimes. Most of the time, policemen do not know the exact information they need from these agencies, which results in a delay in solving the cases. At today’s workshop, we discussed these issues,” JCP Alok Kumar Mittal said.

Source:- http://www.indianexpress.com

Read More

Cybercrime 'Embarassing For Victims'

THE internet has opened up a lot of doors for criminals but the victims of cybercrime often feel too embarrassed to come forward, federal Justice Minister Brendan O'Connor says.

"The capacity through the internet to send (scam messages) to ... thousands and tens of thousands means that if only 0.001 per cent respond then it is still a significant number," he told a conference on victims of crime today.

Mr O'Connor, who is also the minister for home affairs, said he had met a man who had lost hundreds of thousands of dollars in an online scam.

"Like many victims of fraud the man was humiliated and embarrassed and this likely held him back from getting help," he said.

"Like fraud committed elsewhere, people affected by online fraud can be humiliated and they feel reticent about reporting their loss to authorities."

Mr O'Connor said he was looking at way of mitigating the risks of cybercrime. He opened the second day of the Meeting the Needs of Victims of Crime conference being held in Sydney.

Read More

Fraud, Facebook, Sources and Cyber Crime: The Grubb muddle

Yesterday Australia’s technology and media communities reacted Yesterday Australia’s technology and media communities reacted with shock at the news that theQueensland Police had arrestedFairfax journalist Ben Grubb in response to material he had obtained while reporting a story on how a security researcher managed to bypass Facebook’s privacy settings to access someone’s private photos.

This incident raises questions relating to the scope of Australia’s cybercrime legislation, the questionable judgment of the Queensland Police in deciding to pursue the journalist who reported the story (and not as yet the researcher who managed to obtain access to the private photos), and whether Australia’s laws provide proper safeguards for journalists.

However, before considering the broader policy implications of this situation, it is worth outlining what I understand to be the legal basis for the actions of the Queensland Police.

On Sunday, security expert Christian Heinrich gave a presentation at a BSides Australia event at the Gold Coast, titled "For God Your Soul... For Me Your Flesh". In that presentation Heinrich demonstrated how he had gained access to the privacy-protected Facebook photos of the wife of HackLabs director Chris Gatford.

Although the journalist Ben Grubb was not at that presentation, he was given an hour-long presentation by Heinrich shortly after he presented. On Tuesday Grubb published a story on the Sydney Morning Herald website that outlined the outlining the Facebook privacy vulnerability that Heinrich maintained could allow for privacy-protected photos to be accessed without being the user's "friend". Crucially that story, when first posted online, included a blurred image of the photo that Heinrich had obtained.

The Queensland Police presumably saw that story, with the photo, and believed that Grubb therefore may have had evidence relating to a criminal offence. To reach this conclusion, the Queensland Police must be of the view that Heinrich may have committed a criminal offence when he obtained access to a privacy-protected Facebook photo.

Section 408E of the Queensland Criminal Code Act 1889 deals with computer hacking and misuse. However, as Heinrich did not use “a restricted computer without the consent of the computer’s controller” to obtain access the privacy-protected photo, that provision would not apply.

As such, we can only assume that the Queensland Police believed Heinrich may have committed one of the computer offences that were inserted into the CommonwealthCriminal Code Act 1995 by the Cybercrime Act 2001 (Cth). One possibility is section 477.1, “Unauthorised access, modification or impairment with intent to commit a serious offence”, as Heinrich arguably caused unauthorised access to data held on a computer by means of a telecommunication service, knowing that the access was unauthorised. However, for it to be an offence under section 477.1, Heinrich would also need to intend to “commit, or facilitate the commission of, a serious offence against a law of the Commonwealth, a State or a Territory” by that access. To date there is nothing to suggest Heinrich had such an intent (in fact, quite the opposite; he was simply seeking to highlight a security vulnerability of Facebook).

However, the element that Heinrich had intended to commit a serious offence, is not required under section 478.1 of the Commonwealth Criminal Code Act, “Unauthorised access to, or modification of, restricted data”. Heinrich may have infringed this section as arguably caused access to restricted data, in the form of privacy-protected photos, by means of a telecommunications service, with the intent to cause the access and knowing that the access was unauthorised.

The problem with the argument that Heinrich has committed an offence under the Commonwealth Criminal Code Act, is not that one or more of the provisions doesn’t technically cover what Heinrich did, it is that the provisions were drafted in such a way as to be deliberately broad. This makes it quite difficult to know the precise scope of the offences and means that the sections could be construed to potentially covers acts where individuals should not be held to be culpable, either morally or legally.

It seems to me that the actions of Heinrich may well be of this nature. The means by which he obtained access to the privacy-protected photos involved exposing a privacy flaw within Facebook. It is not a case of “hacking” in the sense most people would think of the term.

The broad nature of these provisions means that law enforcement agencies could potentially enforce and apply the law inconsistently and arbitrarily, even including what could be an everyday activity. For example, anyone who gains access to someone else’s privacy-protected Facebook photos, could potentially commit an offence under section 478.1 of the Commonwealth Criminal Code Act. It is illogical to maintain that mere access to someone else’s privacy protected photos should be a criminal offence, especially when Facebook itself makes no such guarantee against unauthorised access in its own Privacy Policy:

Risks inherent in sharing information. Although we allow you to set privacy options that limit access to your information, please be aware that no security measures are perfect or impenetrable. We cannot control the actions of other users with whom you share your information. We cannot guarantee that only authorized persons will view your information. We cannot ensure that information you share on Facebook will not become publicly available. We are not responsible for third party circumvention of any privacy settings or security measures on Facebook. You can reduce these risks by using common sense security practices such as choosing a strong password, using different passwords for different services, and using up to date antivirus software.

Furthermore, when you post your photos to Facebook, the terms of service of Facebook mean that you giving a broad intellectual property license to Facebook to use those photos:

For content that is covered by intellectual property rights, like photos and videos ("IP content"), you specifically give us the following permission, subject to your privacy and application settings: you grant us a non-exclusive, transferable, sub-licensable, royalty-free, worldwide license to use any IP content that you post on or in connection with Facebook ("IP License"). This IP License ends when you delete your IP content or your account unless your content has been shared with others, and they have not deleted it.

Against this legal backdrop, I maintain that would be overkill to prosecute Heinrich for an offence under the Commonwealth Criminal Code Act, even if the way the legislation has been drafted may technically cover his conduct.

Nonetheless, for the Queensland Police to arrest Grubb in the manner in which they did, they must nonetheless have reached a view that Heinrich had committed an offence. This is because Grubb was arrested (although not charged) under section 433 of the Queensland Criminal Code Act 1889 which provides that “A person who receives tainted property, and has reason to believe it is tainted property, commits a crime”. Tainted property is defined in section 431 to be “a thing that has been obtained by way of an act constituting an indictable offence”.

Section 433 is an updated version of the old offence of receiving stolen property. Indeed, it is commonly used to prosecute people who have received stolen property, or who are suspected of having stolen property, but cannot be prosecuted for the stealing itself because of a lack of evidence.

In any event the Queensland Police must have formed the view that the photo Grubb had was tainted property obtained by way of an act constituting an indictable offence, possibly by fraud.

Once again, while it may be argued that the Queensland Police were within their rights to arrest Grubb, whether they should have appropriately reached that decision in these circumstances is highly questionable for several reasons.

First, as of last night the Queensland Police were yet to arrest, let alone even question, Heinrich. It seems very strange indeed that they decided to arrest Grubb and yet not even talk to Heinrich.

Second, the suggestion from the head of the Queensland Police Fraud Squad, Brian Hay, that receiving a photograph obtained from a Facebook account without the user's permission is the same as receiving a stolen TV, is in my mind a flawed analogy, especially when you consider the sharing of content in the digital environment and Facebook’s own policies on that matter. I’m sure the Fraud Squad wouldn’t really want the police being contacted every time someone obtains a Facebook photo without the user’s permission.

Third, Grubb is a journalist and was simply reporting on a matter that is of some considerable public interest. There may not be any explicit legal protection for journalists in this situation but you would hope that the Queensland Police would only arrest a journalist in extraordinary circumstances. This, clearly, is not one of those situations. Indeed you would expect that technology journalists would and should report on any instances of Facebook privacy vulnerability.

A related aspect to this is the fact that the Queensland Police seized Grubb’s iPad under the Police Powers and Responsibilities Act 2000 (Qld). While I am not disputing that they had the legal authority to do so (especially given the assumptions they had already made up to that point), I think it is very concerning that the police would decide to seize what effectively was his – a journalist’s – notebook. Journalists understandably need to maintain the confidentiality of their sources, and this should be no different in the digital age.

I think that the Queensland Police have not exercised good judgment in this matter. However, it also raises more substantial issues for potential law reform. In addition to looking at whether we need to reconsider the drafting of our cybercrime legislation to ensure that it is not overly broad, it highlights the need to also think about providing greater protections to journalists in future similar situations.

There is no doubt that the digital age and new communication technologies pose challenges for the legislature as well as for law enforcement. This is why it is vital that we use moments like this to continue the process of updating and modernising the law – both as it is written and as it is applied – to ensure it that strikes the appropriate balance in the future.

Peter Black is senior lecturer in law at the Queensland University of Technology, teaching and researching constitutional law and internet law.

Source:- http://www.abc.net.au/unleashed/2719142.html

Read More

HIGHFLEET, Inc., Announces the Release of the Latest Version of its eXtensible Knowledge Server

Users can now work with what their data means instead of struggling with a fire hose of data, CEO Mike Davis said.

Baltimore, MD: Semantic Technology firm, HIGHFLEET, Inc., announced today the release of the latest version of its eXtensible Knowledge Server (XKS) ontology-based deductive database. HIGHFLEET'S systems of Semantic Federation and its XKS software are providing software and business solutions in the U.S. Intelligence Community, law enforcement, pharmaceuticals, collaborative decision management (Purus Technologies, Canada), analytics and cloud security (FluidOps, Germany), cyber security, manufacturing knowledge capture and reuse, medical informatics (MDLogix, U.S.) and social network analysis.

"HIGHFLEET has the only mature, scalable first order logic-based deductive database that continues to find increasing use in "clean sheet" installations and as an embedded capability in other firms' products and solutions," said HIGHFLEET CEO, Mike Davis.

Says Davis, "The 1980's database technology in use today and its expensive stack of applications struggle to make sense of data and do nothing to solve the "drowning in data" problems faced by Government agencies and Commercial firms."

HIGHFLEET'S "clean sheet" deductive database software and Semantic Federation of Legacy Databases solution use the same deductive reasoning that humans use to knit the world together in an understandable fashion. Only HIGHFLEET'S systems do this reasoning much faster, over large models (ontologies) and large amounts of data. Users can now work with what their data means instead of struggling with a fire hose of data.

What is easy for a human mind and for HIGHFLEET'S systems to understand and interpret is impossible for traditional databases and their applications to make sense of.

For example, everyone knows that two people can't be in the same place at the same time. People also know that a battalion can't be subordinate to a platoon and that sons can't be older than their fathers.

But databases don't know these things and today's companies are swamped with data they have to manually interpret.

But with HIGHFLEET'S eXtensible Knowledge Server companies can stop drowning in data and use a system that can reason over meaning rather than just dump data that analysts need to interpret.

The examples of problems in industry run from the mundane, but still expensive to solve with traditional approaches, to the complex that can't be solved with traditional approaches.

For example a Program Manager in a Defense company wants to assemble a team for a project. She uses the human resources database to find the appropriate people, including Systems Engineer, John K. The trouble is, John K. is dead, but still on the HR database, as are several people who left the company. Our Program Manager even gets email notices that someone on the HR database is slated for Ethics Training, but they are no longer with the company.

In a semantically federated system a database that shows John K. is no longer being paid would inform the HR database that he's not with the company and he would be removed from the database. A seemingly mundane issue, unless your company has thousands of employees and thousands of mistakes.

Another example has our Program Manager's various Government customers wanting their invoicing done differently. She has to employ people making six figures to manually fill out these forms, driving overhead costs through the roof. With HIGHFLEET'S software, these forms would be automatically filled out, keeping Operations and Maintenance costs down and making the firm more competitive.

Another example from a current HIGHFLEET project has a major pharmaceutical firm with a complex analysis problem whose solution is worth nearly a billion dollars. The analysis requires data from numerous sources to feed a rich ontology (model) of the problem. HIGHFLEET's Semantic Federation of Legacy Databases captures the meaning of data in different databases, and leaves it in place for local use while answering hard analysis problems for the enterprise. Only HIGHFLEET'S systems can both model the problem and reason over the problem model and data to give a force multiplier for analysis.

Multiply these problems many thousand fold in medium to large firms across the nation and it's a safe bet that a significant portion of the country's gross domestic product is wasted because companies don't have deductive systems like HIGHFLEET'S.

For more information about the company, please visit www.highfleet.com

Read More

3G Technology Vulnerable To Cyber Crime

As 3G mobile services are set to be rolled out soon in the country, cyber experts sound a word of caution about the high tech enabled mobile phones, which they say are more vulnerable in the world of technology related crimes.

While the next generation technology aims to make life simpler enabling downloading of movies and music within minutes, it can also be used for various unscrupulous activities.

"With 3G, cell phones will have faster broadband Internet and with such speed you can watch television live, make video calls and download music and movies in no time. But through spying software and virus, the hacker can easily break into your system," says Shubham Sahu, a cyber security expert.

"The hacker can record all the audio conversation and video files. Not many people in India install anti-virus in the phones. I would recommend them to install anti-virus and fireballs while using 3G, says Mukesh Tiwari, who recommends switching off the bluetooth function of the phone when not required to protect the user's password.

Not limited to an individual's privacy issues, the 3G technology will also lead to increase in piracy of films and music, thereby giving a staggering amount of losses to the entertainment industry that is battling the piracy threat.

"It will become extremely easy for anybody to download an entire Bollywood film in few minutes using 3G. This is going to lead to further tremendous growth of websites like torrents"

The Internet and Mobile Association of India (IAMAI) points out that Bollywood would be hit most by the 3G and wants service providers to adopt a stricter approach to check cybercrimes.

"Today it takes several hours to download a new release Bollywood film but with 3G it will be in minutes that will encourage people to use illegal means to view a film"

According to a Pricewater house Coopers report titled, "Indian 3G broadband subscribers," the mobile subscriber base is projected to cross one billion in 2014. The 3G broadband subscriber base is expected to cross 107 million by 2015.

Laws are there to protect but our police agencies are yet not ready to take-up the cyber crime challenges, especially 3G. They need to be trained to tackle the growing usage of Internet by criminals" says Shubham.

Read More

One Held For Cyber Crime

CHANDIGARH: UT police arrested the owner of an animation, web and fashion institute, Morph Academy-34, Ajay Sharma, for sending vulgar messages and creating an obscene profile of a woman on a social networking site on Tuesday. The woman is an employee of another animation institute in Sector 34.

Police said Dalip Chand, director of E-Visual Media, lodged a complaint against Sharma, alleging sent vulgar SMSs about the company and pasted an obscene picture of an employee on a social networking site. The complaint was probed by cyber crime investigation cell and an FIR under IT Act and IPC was registered. Sharma is a resident of Sector 29 and he would be produced in district courts-17 on Wednesday.

Read More

Cyber Law Risks Making The 'Ordinary' Criminal: Expert

A senior lecturer in internet law says the arrest of a Fairfax journalist over his receipt of an unauthorised Facebook photo "defies sensible explanation" and the entire matter exposes serious failings in Australian cyber crime laws.

Peter Black, senior lecturer at the Queensland University of Technology, said Australian laws on cyber crime were so broad that they criminalised much "ordinary activity". He said it was very unusual for police to spring into action over an alleged theft of digital photos.

'We're still cutting our teeth' ... QLD Police fraud squad head Brian Hay this morning. Photo: Munir Kotadia/ZDNet.com.au

Fairfax deputy technology editor Ben Grubb was arrested by Queensland Police yesterday and threatened with charges relating to the receipt of "tainted material". The material pertained to a story Grubb published yesterday revealing that a security researcher managed to bypass Facebook's privacy settings to access someone's private photos.

At a press conference this morning, the head of the Queensland police fraud squad, Brian Hay, admitted that police were "still cutting our teeth" in the rapidly evolving online environment.

However, he equated receiving an unauthorised photograph from someone's Facebook account with receiving a stolen TV.

Fairfax journalist Ben Grubb.

Online users lobby group Electronic Frontiers Australia has taken particular issue with this statement, saying comparing a digital photo to a stolen TV was unhelpful.

Mr Black said security researcher Christian Heinrich, who obtained the Facebook photos, potentially breached section 477 of the Commonwealth Cyber Crime Act.

"It is possible based upon a reading of [the Act] that the original action to access that private Facebook page may actually constitute a criminal offence because it does provide that a serious offence is one where a person has gained unauthorised accesss," he said.

"The phrase 'unauthorised access' may include the activity that was done in this instance even though there was no hacking in the traditional sense."

Despite investigating this matter, Queensland police confirmed that it had not referred it to the Australian Federal Police for investigation. An AFP spokeswoman said that, despite the Cyber Crime Act being a Commonwealth law, state police would still be able to charge Heinrich without AFP involvement.

Mr Black said the Cyber Crime Act was at odds with Facebook's terms of service, which says there are no guarantees private photos will not be accessed. He said when users upload photos to Facebook they were granting the company a "non-exlusive licence" to use the photo but Facebook did not obtain ownership of it.

The way the Cyber Crime Act was drafted was so broad that a whole range of "more or less ordinary activity" could attract criminal charges, Mr Black said.

"This is a common criticism of the Cyber Crime Act, that it has been drafted too broadly ... basically it could encompass any activity whereby someone gains access to someone else's website or social networking platform even in the absence of what anybody would consider to be hacking," he said.

"They might guess a password, they might obtain it by accident ... all of these things could be nonetheless considered a criminal offence with a penalty of up to 10 years."

Mr Black said that Grubb, by receiving one of the photos taken by Heinrich, potentially breached Queensland state laws regarding receiving "tainted property".

He said the speedy and heavy response of police in targeting Grubb was "totally inconsistent" with how police would usually respond to this sort of matter and it "just defies sensible explanation".

"[Typically] if someone called up the police saying someone has accessed my Facebook page and taken my photos, they wouldn't get very far," Mr Black said.

Colin Jacobs, chairman of Electronic Frontiers Australia, said security professionals explosing flaws in services such as Facebook should be given "a little leeway" by police and that went double for a journalist covering the story.

Mr Jacobs said police comparing a digital photo to a stolen TV was unhelpful.

"It's obvious that physical theft is a completely different beast to the movement of information online. Nobody can email you a stolen television without your foreknowledge," Mr Jacobs said.

"It reminds me of how we are constantly told downloading a pirated movie is theft. It's not, but comparing it to a physical theft will compromise our ability to think clearly about the issue and the new challenges these events place on our traditional methods of dealing with them."

Mr Jacobs also criticised Queensland Police for spreading "misinformation" on Twitter when it initially denied that Grubb was arrested.

After Grubb had tweeted about his arrest, the media unit tweeted that he had not been officially arrested, but it was forced to retract that statement this morning.

"Our bad @bengrubb was arrested for questioning briefly Our tweet last night was based on information provided at the time Apologies," it said this morning.

"Oops, 'our bad' isn't a good enough response. If the police are going to be responding to real-time events on Twitter they'd better make sure they aren't misleading the public by doing so," Mr Jacobs said.

Grubb's iPad is still in police custody and there has been no word on when it will be returned.

"Unless the police are sure there's a very good case to answer we hope Ben gets his gear back as soon as possible," Mr Jacobs said.

Read More

It's a Bad News World of Cyber Crime: Sony

Sony chief Howard Stringer has warned he can no longer guarantee the security of the electronics giant's gaming network in the "bad new world" of cybercrime after one of the biggest internet data breaches.

The Japanese multinational has begun restoring its hacked PlayStation Network and Sony Online Entertainment services after the theft of personal data from more than 100 million accounts in a cyber attack estimated to have cost the firm $US1 billion ($A942.2 million).

The company has bolstered security but Stringer, speaking for the first time on the crisis on Tuesday, said protecting private information was a "never-ending process" and he did not know if anyone could be "100 per cent secure".

Advertisement: Story continues below

Sony shut down the PlayStation Network and Qriocity music streaming service on April 20 after its data centre in San Diego was hacked - but it did not reveal the breach until April 26.

The company has said it cannot rule out that millions of credit card numbers may have been compromised.

Stringer, 69, warned hackers may one day target the global financial system, the power grid or air-traffic control systems.

"It's the beginning, unfortunately, or the shape of things to come," he told Dow Jones Newswires. "It's not a brave new world - it's a bad new world."

The breach is a huge blow for Sony as it focuses on pushing content such as games and music through hardware platforms including game consoles, smartphones and tablet computers amid competition from Apple's iTunes and App Store.

Sony was lashed by bitter criticism over the crisis which overshadowed the earnings bounce-back made by the firm after two years of losses.

Stringer hit back at politicians and internet privacy advocates who said Sony should have alerted subscribers to the threat of a possible data theft sooner.

He said Sony did not know conclusively until April 25 that personal information had been accessed and added that talking publicly about the company's suspicions before gathering evidence would have been "irresponsible".

"We were trying to find out in a very volatile situation what had happened and when we did we relayed it," said Stringer.

"If your house has been burglarised, you find out if you've lost something before you call the police," he said.

Stringer said the Federal Bureau of Investigation probe into the matter was still ongoing but declined to provide an update on the findings.

The CEO said it was too early to assess the financial impact of the outage, with the company reporting its full-year results on May 26, but analysts estimate the breach will cost the company as much as $US1 billion.

Source:- http://news.smh.com.au/breaking-news-world/its-a-bad-new-world-of-cybercrime-sony-20110518-1esid.html

Read More

How to Protect your Mac from Recent Malware

Recently a new series of Trojan horse attempts have targeted OS X users with downloadable malware applications that try to lure you to providing personal information, and with malicious Web sites that trick you into downloading malware onto your systems. Despite warnings about these new malware attempts, numerous people have fallen for these efforts and have downloaded and installed the malware distributed by these sites.

In the past few days since these scams surfaced, a number of MacFixIt readers have contacted us wondering about whether or not their systems are safe after having seen the site on their systems or even downloading the files to their computers. They want to know what they can do to check for and remove the malware.

What the recent malware does
If you have seen the "Apple Security Center" Web site and have clicked on the "Remove All" button, the site will download an installer file for malware that runs locally on your system. The program is distributed in several forms that so far have taken the names "Mac Defender," "Mac Security," and "Mac Protector." When installed it will run in the background and launch pornographic Web sites and other unwanted content, and show a fairly clean and crisp-looking scanner interface that will ask you to purchase an upgrade.

If you provide your information to the program, you chance identity theft and charges to your credit cards.

Removing it!
Luckily the malware is fairly easy to remove, as it basically runs as a background process on your system that is launched by an action the user takes (logging in, etc.). If you have not installed any programs or opened any files downloaded from these sites, then you should be good to go and can just delete the downloaded files. If you have only visited the site and have not downloaded any files, then you do not need to do anything.

However, if you have opened the downloaded files and especially if you are seeing the malicious behaivor (unwanted pornographic sites randomly opening), or the scanner program launching and saying you have infected files, then you will need to check for and remove the program. To remove it, follow these steps:

1. Shut it down.
   Open the Activity Monitor utility and perform a search for the malware (or browse through the list of running processes for it--sort by name to prevent the list from jumping around). The malware should be called "MacDefender," "MacSecurity," or "MacProtector" and will be running under the current user's name (see the "User" column of activity monitor). Reputable antivirus software for your system will be running under the user name "root" and will have required a full installation that required you to supply your administrator credentials.

   With the malware selected in Activity Monitor, click the "Quit Process" button and confirm to quit it (use the force-quit option if it will not quit).

   If you want to use the Terminal to do this, you can run the following command to kill the processes by name (the "sudo" portion may not be needed, but this will ensure the system can fully kill the running processes):

   sudo killall macdefender macsecurity macprotector

2. Remove the program.
   Go to the /Applications folder and move the program to the trash (it should likewise be called "MacDefender," "Mac Security," or "Mac Protector"). Also locate the installer file (likely in your Downloads directory, or wherever you have Safari store downloaded items) and move it to the trash as well. When you have done this, empty the trash.

3. Remove references to the program.
   So far the program is launched at log-in by the system's "Login Items" feature. Go to the "Accounts" system preferences and choose your account name. Then go to the "Login Items" tab and remove any reference to the software from that list.

Ongoing protection
With the malware removed your system should be good to go; however, there is always the possibility that the malware will change in the future and adopt a new name or a new method of trying to trick users. Generally malware is more prevalent on underground, software piracy, and pornographic Web sites, but numerous people have reported the current Trojans showing up when browsing MSN and other reputable sites. Therefore, in order to better protect yourself you may need more than basic Internet "street smarts." To better protect your system, try some of the following suggestions:

1. Disable auto-handling of files
   Apple supplies a few options to automatically handle files, including the option in Safari to automatically open "Safe" files. Unfortunately the files that Safari considers to be "Safe" are not always so. Therefore, go to Safari's preferences and uncheck the option to open safe files.

2. Always manually install programs or open documents

   In addition to Safari, check your other Internet-based programs such as e-mail clients, chat programs, and Web browsers to see if they automatically launch files received from the Internet. For instance, Mail has an option to automatically add iCal invites to your calendars. Turn this feature off and manually click on any received invitations only after you have confirmed they are legitimate. Do this for all files received on your system.

3. Install a reputable malware scanner.

   There are a number of reputable malware scanners out there, so purchase one, install it, and keep it updated with the latest malware definitions. Some of these scanners are free, and others are commercial products (this list is not complete):

   1. Sophos Antivirus (Mac Home edition)--This is a reputable package that has a free "Home" version available for Mac users.
   2. MacScan--This is distributed by the "SecureMac" developers who run the SecureMac.com blog on Mac malware and other security threats.
   3. Intego VirusBarrier--Another long-standing Mac antivirus utility, VirusBarrier has tackled this threat from when it first came out.
   4. Kapersky--Kapersky is a reuptable program for Windows and Linux, and also has an option for OS X users. Some virtualization programs for OS X ship with trials of Kapersky antivirus.
   5. ClamXav--This is a popular and free open-source antivirus scanner.
   6. iAntivirus--this is a free Mac-specific virus scanner for OS X users.
   7. Avast--This is a commercial antivirus suite that has been developed for OS X, and is a reputable option for Windows as well.
   8. MacKeeper--This is a maintenance and OS tweaking tool that has a ClamAV client
   9. Norton Antivirus--One of the longest-standing antivirus and security suites for OS X.
   10. McAfee VirusScan--McAfee's VirusScan developed from the original "Virex" for Mac, and has been developed since into a solid option for OS X users.

4. Set up specific downloads folders
   Know where your programs download files on your system. By default most will use the system's Downloads folder; however, some will place files in other locations on your system. Here are some common folders where files may be downloaded:

   1. /username/Downloads
   2. /username/Public
   3. /username/Documents/FOLDER
   4. /username/Library/Mail Downloads
   5. /username/Library/Application Support
   6. /username/Library/FOLDER

   In these paths, the name "FOLDER" can be the name of the application or a designated downloads folder for that application. For instance, the downloads folder for Mail is called "Mail Downloads" where various attachments are stored. If possible, set up your programs to download files to the same folder so files can be easily managed. Do this for chat programs, e-mail clients, and Web browsers.

   Protect your backups by excluding these download folders from them. This can be done in Time Machine's preferences or in the settings for a drive cloning utility if you use one.

   Additionally, set up an antivirus utility to regularly scan these download folders for threats. If you set your scanner, do check these folders "on access," then they will check files as they are added to the folders. Currently it is not necessary to scan your whole system "on access" (though this is an option) but I would recommend regularly scanning the entire user folder periodically (once a week, or once a month) to cover all the less commonly used download folders that may have been set up by various programs you use.

Source:- http://reviews.cnet.com/8301-13727_7-20063683-263.html

Read More