Duqu is a Remote Access Trojan designed to steal data from computers it infects.
Duqu seems to have been designed to steal information from vendors of industrial control systems. It is an intelligence gathering agent.
Continue reading “Tech Terminology Demystified – Duqu Trojan”
Click jacking is used by an attacker to collect information from user’s clicks. The attacker can do any type of things by launching this type of attack for example taking control of users microphone, webcam, adjusting the user’s computer settings, sending the user to Web sites that might have malicious code. Continue reading “Click Jacking – Hijacking the Click”
Federal authorities are investigating a hack that resulted in the burnout of a water pump at the Curran-Gardner Township Public Water District in Illinois.
A hacker apparently exploited a supervisory control and data acquisition (SCADA) system that managed the water pump and set the pump to continually turn on and off. Only after the pump failed, earlier this month, did plant operators discover that their systems had been exploited, apparently in September. The attack appeared to have been launched from a server based in Russia.
Continue reading “Can our Power Supply / Other Utility Systems be hacked?”
We are living in the digital age, where we can reap the benefits of online shopping. This boon of online shopping is exposed to tremendous risks, despite being quick and most convenient mode of purchase. The globally accepted view is that the holiday season comes ahead in advance year after year. This increase in online traffic is eagerly awaited by the hackers who are gearing up to swipe credit cards and personal information to commit fraud and identify theft. The online users are targeted and exploited by the cyber criminals by initializing online shopping scams, fraudulent emails. E-card and phishing schemes and more. There are 10 wise tips to safeguard personal information, while shopping online and to prevent threats pose by hackers.
Continue reading “Are you inclined to do online shopping?”
Typically a strong online banking authentication relies on generating a Transaction Authorisation number, sending it to the registered mobile number of the internet banking user, and the user will then have to enter the random generated authorisation code into the mobile banking site for the transaction to get authorised. Beware — danger is lurking in this scenario also.
ZITMO (Zeus-In-The-Mobile) is a trojan designed to intercept and redirect the incoming SMS including the transaction authorisation codes that come into the infectd mobiles. Another similar trojan is SPITMO (SpyEye-In-The-Mobile) with nearly the same functionality as ZITMO except for some change in how it works.
Continue reading “Internet Banking & Mobile Banking users beware – ZITMO & SPITMO is here !!”
OWASP (Open Web Application Security Project) has come up with a top 10 risks for the mobile technology. This list is in the ‘beta’ stage. The list, released on 23rd September 2011, has been under a 60 day review period and is due for a final version release any time. When released, this will be the first official version of OWASP top 10 for mobile applications. The current list of OWASP Top 10 Mobile Risks (Release candidate) is reproduced below: Continue reading “OWASP ‘Top 10 Mobile Risks’ – Part 1”