Cyber Security

pareshR

Well-Known Member
With the computers becoming insecure, I wonder if it is the time to DeepFreeze my C drive and install the applications on D drive. It would be a big headache to maintain and update regularly, but probably worth it.

Here is the latest cyber attack. I guess it's only a matter of time before the cloud storage also become insecure.

http://indianexpress.com/article/te...does-how-to-protect-your-pc-and-more-4725476/
always use registered/licensed version antivirus
 

Blackhole

Well-Known Member
With the computers becoming insecure, I wonder if it is the time to DeepFreeze my C drive and install the applications on D drive. It would be a big headache to maintain and update regularly, but probably worth it.

Here is the latest cyber attack. I guess it's only a matter of time before the cloud storage also become insecure.

http://indianexpress.com/article/te...does-how-to-protect-your-pc-and-more-4725476/
always have multiple os installed ..... keep os in c: and install all the app in other drive thus giving ur os enuf of space to work smoothly....if using windows...have a defender and antivirus installed......install os in high speed pendrive along with trading software so in case ur pc is infected trading can be done using ur usb pendrive without using ur windows(pc).

use vmware /vmplayer ...i mean virtual machines on ur system with trading software and browsers.....if naughty kind of person then do all ur mischiefs ;) on virtual machine.....ur pareNT OS will be protected.:)....

virtual machines can have multiple different os and all can run at the same time if ur system have enuf resources.

for traders missing opportunity is more bigger crime. one opportunity can wipe all ur mistakes in similar fashion of mistake wiping up entire account ;)
 
This Petya saga will last a while, it seems.


Petya cyber attack: This is a wiper, not ransomware and much, much worse

Petya cyber attack that swept globally, and has infected enterprise networks across Europe is actually much worse than initially thought. Security researchers have now come to the conclusion that the Petya attack is not a ransomware, but a wiper instead.

By: Tech Desk | New Delhi | Updated: June 29, 2017 10:09 am

The Petya cyber attack that swept globally, and has infected enterprise networks across Europe is much worse than initially thought. Security researchers have now come to the conclusion the Petya attack is not a ransomware. If one thought that was good news, it is not. Petya is being termed as a wiper by researchers, with the aim being mass destruction of data. The idea was never to collect money from victims or enterprises.
Researchers have compared the code of the 2016 and 2017 version of Petya, and concluded the latest version is a wiper. This was first reported by Matt Suiche, who is founder of the cyber security firm Comae. He has put out a detailed blogpost on Medium (blog.comae.io) explaining why Petya is wiper, not a ransomware. Cyber security firm Kaspersky has also come to the same conclusion in a separate blogpost.

According to Suiche’s blogpost, this current version of Petya is deleting, wiping all the first sectors of the disk, and causes deliberate destruction of data. In his blogpost, Suiche has explained the difference between wiper and ransomware. He writes, ”a wiper would simply destroy and exclude possibilities of restoration.” With ransomware, the idea is always to get the victim to pay and then restore the data.

Based on early analysis, Suiche has concluded that the 2017 version of Petya is also exploiting the EternalBlue and EternalRomance vulnerabilities in Microsoft’s systems. He writes, “After comparing both implementation, we noticed that the current implemented that massively infected multiple entities Ukraine was in fact a wiper which just trashed the 25 first sector blocks of the disk.”

The researcher’s conclusion is that this attack is deliberately overwriting the data on the disk, and this is not read or saved anywhere else. He says the main difference between the 2016 and 2017 Petya is that the earlier version modified the disk in a way that it was possible to get the data back. In the new version, the damage is irreversible.

Suiche also says this could be an attack from a nation state, rather than some mysterious hacker group. He views it as a deliberate attempt to mislead the media narrative by pretending this was a ransomware attack. Meanwhile Kaspesky’s analysis shows that the disks can’t decrypted even if the payment is made. Even when news of the attack first broke, research firms had warned victims against making payments to the hackers.

Kaspersky has also concluded this attack was wiper pretending to be a ransomware. The firm also analysed the installation id that is flashed on a victim’s screen, which they say is just generating random data. It cannot contain information to get the decryption key, says the firm. The conclusion is the attacker can’t actually decrypt the disk. Just like Suiche, Kaspersky also believes like the idea was destruction, not financial gain.
 

Raju

Well-Known Member
Security Issues are increasing day by day.Those using pirated software get into trouble early.Licensed software holder ( updated patches / fixes ) get less troubled.

I was using Data Downloader ( for 1 min quotes from google finance) , it got deleted by Microsoft Security Essentials today ....message was ...it contains Malware...
 
There was a program on India TV today about mobile security. I found that the government has started a "Cyber Swachhta Kendra" which offers guidance about mobile security and free malware removal tools. Any feedback on this ??

http://www.cyberswachhtakendra.gov.in/

.
 
A WhatsApp message is crashing smartphones, here's why
A mysterious WhatsApp message is causing smartphones to crash. We found out the reason behind it.

By Digit NewsDesk Published Date
07 - May - 2018
| Last Updated
07 - May - 2018





A mysterious message is making Android and iOS devices crash. When tapped, the message is making the WhatsApp crash along with the entire device.

The message which includes a black dot is causing the mayhem.

The message itself is self-explanatory. It says “If you touch the black point then your WhatsApp will hang.” We independently investigated and can confirm the message indeed crashes the app, although relaunching the app seemed to fix it.

According to Slashgear, it’s a typical message bomb that’s causing the crash. Message bombs are specially crafted message with hidden symbols in between spaces. When you tap a portion of the text, the app will make the message ‘expand’ to show the hidden symbols that overloads the app and sometimes, even the OS.

The publication reported two such messages are doing the rounds. Both includes these special characters that are invisible but are used to change the behaviour of the texts. There are 6000 invisible unicode characters alternating between ’200E’ and ’200F’. The two characters are usually used to indicate left-to-right and right-to-left writing. The creator of the bug put an even number of the character that did not change the direction of the text, but WhatsApp couldn’t process that many direction changes as they are all loaded into memory which has a physical limit.

The message is reportedly made by a Reddit user ‘DieHoe’ who put the code for the message on Pastebin. He reports, “the Message is so heavy, my smartphone is dying when I try to copy or paste it... The Pastbin website isn't even loading / working correctly on android.”

It seems, however, only WhatsApp is crashing while trying to read the message. Facebook Messenger is reportedly blocking the message.
Interesting nonetheless, it’s one of the less alarming news to come from WhatsApp recently. Last week, WhatsApp CEO resigned after a disagreement over privacy policies while earlier, co-founder Brian Acton who had left the company last year tweeted it’s time to delete Facebook in the aftermath of the Cambridge Analytica scandal.
https://www.digit.in/internet/a-whatsapp-message-is-crashing-smartphones-heres-why-40896.html
 
Here is a matter which belongs to this thread :

http://www.traderji.com/community/t...-300-trading-days.107128/page-10#post-1316741

"well, i never thought i would lose money from my trading account so imagine my state now as i have a fraud in my bank account and lose money there. someone has withdrawn the full amount and left behind just 341 odd rs and the bank has no idea how it happened. i had close to 1.8 L approx.
today was spent in running around filing the police report and bank complaints.. met a old friend at the cop station with a similar report in hand :oops:
(he lost some 45000 rs in the same way).....
"

Related posts :

http://www.traderji.com/community/t...-300-trading-days.107128/page-10#post-1316807

"i was asked to upgrade my old ATM card that was non-chip based to the new chip based card via the ATM warning that only chip based cards would be functional now on. so l got a new card accordingly and was informed by the bank that my old card should be destroyed as it stood cancelled automatically after my new card pin was set by me at the branch itself and tested as functional. (i got my new card a week back)

now the withdrawals have all taken place from various ATM's in Mumbai within the last week. some dozen customers who replaced their cards last week from the same branch as me have been duped the same way. (PNB)

surprisingly - i did not receive any mobile alerts during this period. it was only when the ATM declined my withdrawal transaction day before yesterday that i was aware of this.

i called the helpline from the bank itself and was told that 24 hrs prior my call the branch (bank) had already lodged a complaint in this matter and was given the reference number. i was told that the bank tried to reach me on my mobile although i had no missed calls on my mobile as proof of the same. the bank had already filed the complaint and for the record keeping and filing - they had my signature pending and that is when i went through the file and realized it was close to a dozen and not just me alone.

i was informed by the manager that there were some net banking transactions but most ATM withdrawals - the method by which the money was siphoned off - from most of the customers.

although the manager assures us that we will be refunded the amount shortly(?? - no idea when) i am not very optimistic to be honest.

that about sums it all up i guess "
 
Facebook bug exposes photos of 6.8 million users


Facebook has discovered a bug that affected close to seven million users, exposing their photos to app developers. In a blog post, the social media giant said the bug affected people who used Facebook Login for third-party apps and granted them permission to access their photos.

The Facebook bug may have affected up to 6.8 million users along with up to 1,500 apps. “We have fixed the issue but, because of this bug, some third-party apps may have had access to a broader set of photos than usual for 12 days between September 13 to September 25, 2018,” Facebook said in a post.

The bug not only exposed photos that were posted on Facebook by the affected users, but also photos that the user uploaded to the platform but chose not to post them due to technical or other reasons.

The company said it stores a copy of photos that the user uploads but does not finish posting it. In addition, it also exposed photos that were shard on Marketplace or Facebook Stores.

Facebook has said it will soon notify people who were potentially impacted by his bug and users can check if they ave used any apps that were affected. The company will also work with developers to deleted photos from impacted users.

Facebook is under the scrutiny for security-related issues and how its management handled the Cambridge Analytica data scandal. Last month, Facebook account data of 120 million users, including their personal chats, were allegedly compromised and put up for sale on the Internet, as per a BBC Russian Service report.

Prior to this, the company posted about a vulnerability in its code that lets people preview how their profile appears for others. Facebook claimed that 30 million users had their access tokens stolen by exploiting 400,000 accounts.


https://indianexpress.com/article/t...llion-users-heres-everything-to-know-5494907/
 

Similar threads