Feed Details

  • CYBER COPS India
  • Cyber Security
  • "CYBER COPS India" is an initiative to help all netizens stay safer and feel more secure online in the cyberspace by providing Comprehensive Online Proactive Security with an access to global trustworthy security products / technology / solutions, for the...  more
    • 3192 views
    • Last updated September 9, 2011
  • Source: feeds.feedburner.com

Feed Tags

Other Feeds

Neelabh Rai's Feeds

CYBER COPS India - Securing Bits and Bytes

Published: Jul 4, 2014 11:39:03 AM
"CYBER COPS India" is an initiative to help all netizens stay safer and feel more secure online in the cyberspace by providing Comprehensive Online Proactive Security with an access to global trustworthy security products / technology / solutions, for the first time, in Indian Cyberspace.
  • May 14, 2014 11:40:00 AM
    There is an important update from the Bitly Account Users from the Bitly Team. The Bitly Team is having some strong reasons to believe that Bitly account credentials may have been compromised; however, they have no indication at this time that the user's account has been accessed without permission.
    Whenever a service provider is having some suspicion of account compromising incident, it is better to take precautions. In the same manner, to play safe in the cyberspace The Bitly Team had proactively disconnected any connections one might had done with Facebook and Twitter to publish the posts by using the URL Shortening Links using bit.ly or bitly.com . Once can safely reconnect these accounts in the next login.
    If someone will login to their bitly account and if a user sees that their Facebook and Twitter accounts are still connected to their Bitly account, then this information is important for them:
    Read more »
  • May 8, 2014 7:07:00 PM
    The official website of International Council of E-Commerce Consultants, popularly known as EC-Council, is hacked. The hacker had inserted an image showing Edward Snowden's Passport and left following message on the www.ec-council.org website:
    "
    owned by certified unethical software security professional
    -Eugene Belford

    "
    The name used by the hacker - Eugene Belford - is taken from the movie Hackers (1995) . The picture inserted is:

    Read more »
  • May 6, 2013 10:59:00 AM
    It's an attempt by Neelabh Rai to create a cyber security roadmap / strategy that can be implemented by any organization / country / corporate bodies. All its minute details are also in the development stage and will be hopefully completed at the earliest possible. The cyber security roadmap is created single-handedly by Neelabh Rai.

    Since CYBER COPS India is a knowledge-sharing platform among the cyber security researchers, practitioners and experts hence, this very document is made available as a copyleft to all the esteemed readers and viewers.


    Kindly have a look on this very document titled as "Cyber Security Roadmap / Strategy (draft version 1.0.0)" from here: 

    Read more »
  • Aug 14, 2012 5:09:00 AM
    SCADA i.e., Supervisory Control And Data Acquisition is a real time industrial process control systems used to centrally monitor and control remote or local industrial equipment such as motors, valves, pumps, relays etc. SCADA is used to control:

    • chemical plant processes,
    • oil and gas pipelines,
    • electrical generation and transmission equipment,
    • manufacturing facilities,
    • water purification and distribution infrastructures etc.
    On 31 July, 2012 a news broke relating to the blackout in 20 states of India due to Northern Electricity Grid Failure which subsequently led to the failure of Eastern and North Eastern Electricity Grid Failure. 
    Read more »
  • Apr 24, 2012 3:07:00 AM
    Someone referred me to the UNREMOTE link where an interesting article was posted about a tool named as "Browser Forensic Tool (BFT)". The link is given below:


    About BFT:

    According to the above given link, BFT is a software that will search in all kind of browser history (even archived) in few seconds. It will retrieve URLs and Title with chosen keywords of all matching search. One can use default example profiles or create a new one, with thematic search.





    At first hand since never heard something like this, hence, it was obvious for me to take BFT for a test ride and to know whether it is worth using or not.

    Additionally, the website BrotherSoft's Publisher also gives the following comment on BFT as:

    You wan't to search very quickly in the History of all common browsers
    even archived ones by keywords list (manageable) ?

    This software is made for you, for companies, anti cyber criminal companies,
     for particular this software will simplify your life and save hours of manual researching.
    you can free download Browser Forensic Tool 1.0 now.



    Hence, I installed it in a Virtual Machine having an Operating System of Microsoft Windows 7 Professional Version with all the necessary Security Tools installed viz. Anti-Virus, Intrusion Detection System (IDS), Wireshark etc.

    Read more »
  • Sep 27, 2011 8:04:00 AM


    Rajbala Malik
    I was watching a popular News Channel "AAJ TAK" yesterday evening at my home when a news flashed that Ms. Rajbala Malik, 51-year-old and a supporter of Swami Ramdev, lost the battle between life and death after 110 days living in ICU (Intensive Care Unit). She died due to the Lathi Charge done by Delhi Police that took place on the unfortunate night of 4 June 2011 at Ramlila Maidan. 

    Leader of the Opposition in Lok Sabha Sushma Swaraj said on Twitter as "After oscillating between life and death for 15 weeks, Rajbala died. It is a sad commentary on our police functioning... I demand that a murder case be registered against Delhi Police and the guilty must be punished".

    See this news link: http://bit.ly/aajtak-rajbala (in Hindi) OR http://bit.ly/rajbala-english (in English)

    Amarjeet Chadha was shot
     dead by Head Constable
    Then I switched to another News Channel where another news was being aired by the reporter of the callousness shown by a Delhi Police Head Constable. A 60-year-old dry fruits trader was shot dead and a mobile phone store owner injured in Lahori Gate Area. Head Constable of Delhi Police fired three rounds at businessman Amarjeet Singh Chaddha in an attempt to rob him of his gold chains and cash around 21:00 hours on Saturday, 27 September, 2011. Just today, few hours ago, another news flashed in the news channel that the man who tried to save the trader, the mobile phone store owner, is also dead now as the bullet (it too was fired by the same shooter) had crossed piercing his neck. For more information on this news, click here: http://bit.ly/delhitraderdead


    Then, I switched to "NDTV India" News Channel, which was showing another news on Indian Police. This time it was flashing the news as "Truck Driver refuses to pay Bribe, Beaten to Death". Another news showing the insensitivity of our Indian Police. This time this event took place in Chandauli, Uttar Pradesh (UP). See this video link: http://bit.ly/ndtvindia-truckdriverdead

    Click here to read the news: http://bit.ly/zeenews-truckdriverdead

    These all news are just samples of the one side of coin of the working of our Indian Police. I don't say that the Indian Police is always like this. There are many brave and honest Policemen too in the uniform who are working for giving a better environment for the society and they are doing their best. 

    One such person to whom I am well aware of his way of working, his conduct was Dr. Ajay Kumar, IPS officer of 1986 batch, Jamshedpur, Jharkhand.  He was posted in Jamshedpur from 1994 - 1996 and this is the tenure which is termed as the Golden period for this very place. 

    During the 1990s Jamshedpur was ruled by local "Goons", and crime was at a peak in the city, when the chief minister of Bihar Lalu Prasad Yadav, on request of the Tata Steel MD J. J. Irani, sent Dr. Ajay Kumar, as the City SP in 1994. In a short time the SP was successful in controlling and decreasing the crime rate in Jamshedpur. 
    Read more here: http://bit.ly/ndtvindia-ajaykumar. Do see this interesting post here.

    This survey is created with an honest intention to see what the common man (i.e., Aam Aadmi) of India thinks and feels about the Indian Police and how much faith / trust / confidence the common man is having now. With these concepts and ideas in mind, the survey is formulated and made available to the public and its' my request to all the Indians who surf the Internet that please do take this survey. The survey comprises of just ten (10) questions only which can be completed in 5-10 minutes. No personal information is required to submit. The only expectation is an honesty in giving this survey by only one time. For those Indian individuals for whom their Privacy is important, I had already given an option just after the title of my survey as "Please record my answers anonymously". Just check it, and complete the survey!


    About Neelabh Rai, the creator of this research survey:

    If someone is interested to know about me, then feel free to contact me directly on my official email id with the subject: "Faith / Trust / Confidence of Public on Indian Police". More information related to me can be obtained in cyberspace by just entering my name "Neelabh Rai". For your ease, I am providing few website links that will allow you to know a brief about me:

    1) http://www.cybercops.in/neelabhrai.php
    2) http://bit.ly/csasinkeynote (redirected to SMi UK Website)
    3) http://www.cybercops.in/about.php
    4) http://masterofearth.info/aboutme.html
    5) https://twitter.com/cybercopsindia (Twitter ID)
    6) http://in.linkedin.com/in/neelabhrai (LinkedIn Professional Profile)
    7) http://www.cybercops.in/news.php
    8) http://cybercopsindia.blogspot.com/ (Corporate Blog)
    9) http://www.aerospace19.com/profile-382
    10) http://www.asclonline.com/blog/2009/09/01/student-of-the-month-september-2009/ (Asian School of Cyber Laws, Pune awarded Student of the Month award and published some hidden information w.r.t. me)
    11) http://en.gravatar.com/cybercopsin
    12) http://bit.ly/csasin10112011 (See the time slot of 09.50 and 11.00 ; Neelabh Rai is invited to speak and present his innovative ideas in Singapore this November, 2011)

    Since I am an 'Independent' Cyber Security Researcher who is working only on Indian Cyberspace, your this very survey will help me in providing the best solution for securing our economic future.

    At last, kindly help me by forwarding this very survey to all your friends, colleagues, relatives, family members... The link is: http://bit.ly/cybercopsindia-survey1


    If any queries, feel free to connect with me @ http://www.cybercops.in/contactme.php

    PS: Please do not change the subject line when sending any email to me. Keep the subject as "Faith / Trust / Confidence of Public on Indian Police".

    Thanks in advance for your time and efforts in making this survey have a more clear picture!


  • Sep 24, 2011 1:21:00 PM


    SCADA vulnerabilities continue to surge as Italian Security Researcher Luigi Auriemma found holes in six different systems. Companies suffering the vulnerabilities range from Rockwell Automation to Beckhoff



    The vulnerabilities found in such companies' products include:

    Read more »
  • Sep 21, 2011 4:00:00 PM

    Cyber Crime is growing at an alarming rate. And unfortunately, the security experts aren't able to match their speeds! Due to this, every now and then there is a news of cyber crime viz. advanced persistent threat, SCADA vulnerability found, ICS under threat, website hacked, phishing reported, XSS injection flaw discovered, identity theft, database hacked, stuxnet etc. Nowadays, there are more number of cases of the hacking of websites especially the corporate sectors. In technical terms, hacking of website isn't a big deal. But if the market scenario is considered and especially when it is serving the customers, then it is indeed a big deal!!

    Read more »
  • Sep 9, 2011 9:04:00 PM
    CYBER COPS India will like to make the common man secure from getting ransacked electronically. For this reason, CYBER COPS India had initiated SMS-based Service for the registered members so that the basic Cyber Security Tips can be floated directly on the mobile phone of the subscribers. Currently this service is available only in India.

    To subscribe for SMS services of CYBER COPS India via web, click here:

    http://labs.google.co.in/smschannels/subscribe/cybercopsindia
    Or, to subscribe using your mobile phone, kindly send an SMS having the following message:

    ON cybercopsindia

    and send it to

    9870807070



    More information about SMS-based service:


    It is a Google SMS Channels service that enables channels/groups provide services on SMS. It's a free service that enables the subscriber to get premium content published by Google publishing partners, Google popular products (Google News, Blogger and Google Groups) and websites with RSS/Atom support for free. This service is currently available to users in India and requires an Indian mobile number.


    Its' a free service, hence not even a single penny is required to spend for receiving SMS services. Generally to receive such SMSs from Mobile Service Providers, they charge monthly fees as well as subscription fees on a per SMS basis. To alter this and provide premium features, CYBER COPS India planned to initiate the SMS-based services for those who possesses Indian Mobile Numbers.


    If one do not wish to receive SMS then send one of the following commands 'dndon' OR 'donotdisturb' OR 'nodisturb' to 9870807070. 

    If you want to start receiving SMS and had previously set the DND on, then send a SMS with 'dndoff' to 9870807070.

    Additionally, CYBER COPS India had also enabled the feature of sending SMS from your own mobile phone or via website to us. However, the comment moderation is switched ON before getting it posted and served to the subscribers. Hence, if someone post messages via his/her Mobile Phone, neither the subscribers nor the owner of the channel will ever be able to view your mobile number. All mobile number are treated with the highest confidentiality and are not displayed to anyone. To read more about confidentiality, kindly see here:

    http://www.google.com/mobile/privacy.html

    If any subscriber is encountering any more questions regarding the services, then kindly feel free to read this FAQ (Frequently Asked Questions) from here:

    http://labs.google.co.in/smschannels/help

    Still having any queries or doubts, then feel free to contact me here:

    http://www.cybercops.in/contactme.php

    CYBER COPS India will be glad to help the subscribers/users.

  • Sep 9, 2011 3:34:00 PM
    Validy Technology (VT) is a program protection method. It uses a secure coprocessor and manipulates variables mandatory for the correct execution of the program inside this coprocessor.

    The secure coprocessor uses a silicon chip which can take several different form factors: 

    • USB key, 
    • SIM Module, 
    • MMC Card, 
    • Smart card, 
    • SMD device...
    VT is effective against software piracy as well as against software and data tampering: it not only prevents illicit program execution but can also ensure that program execution is not altered and that program data is not copied or modified, even when execution is taking place in an hostile environment.

    VT is based on a "subtractive" protection method, hiding "critical portions" of the program in the coprocessor, but instead of securely executing "Remote Procedure Calls", it secures part of the program state. In other words, it permanently keeps some of the program variables into the coprocessor and during execution of the program the values of the variables residing into the coprocessor are modified. VT ensures secure execution of the modifications by sending encrypted instructions to the coprocessor (instructions are encrypted at compilation time). Only when absolutely necessary, the value of one of the variables residing inside the coprocessor, or even better, information derived from one or several of those variables, is transmitted back to the main part of the program. VT security is based on the extreme difficulty for an attacker to regenerate correct values during those transmissions.

    For added security, the coprocessor continuously monitors the instruction flow conformance to what was planned at program compile time. To this means, the coprocessor architecture and
    instruction set are designed with the addition of special fields allowing automatic real-time monitoring of the chaining of the instructions. This security mechanism is simple to implement yet extremely powerful. If the coprocessor detects an anomaly, it can take
    retaliation measures forcing the program to stop: if the coprocessor stops working, part of the program state is suddenly missing and the program cannot continue working.


    With the execution of a few coprocessor "XOR" instructions or with the execution of a specially designed coprocessor "MutualCheck" instruction, this security mechanism is simply extended to mutually protect several different computations executed inside the coprocessor i.e. if one computation is modified or suppressed, another-one will fail. Mutual protection, in turn, greatly enhance VT protection 
    abilities:



    • Mutual protection prevents an attacker to use a "divide and conquer" approach to gradually remove protections.
    • Mutual protection allows the coprocessor to verify program integrity during execution by executing integrity checks that cannot be removed. One very effective such check is to verify that the calling graph of the program is not modified.
    • Mutual protection allows a background thread to protect real time threads.
    • Mutual protection allows protected programs to mutually protect the others. For instance, to attack a client program, one must also attack the server program.
    • Mutual protection allows data protection by permitting effective generation/check of data authentication information or by permitting effective encryption/decryption of data.

    VT rests on well-known computer science principles. Its implementation doesn't present major stumbling blocks and doesn't require secret know-how. VT doesn't require a secure machine to execute but just a secure coprocessor. It can work with any operating system or even with embedded systems.

    Protection of a program must be done by the software publisher creating or maintaining the program. During the protection of a program, most of the protection work is automatic because moving variables to the coprocessor and modifying them here is a classical compilation problem similar to the use of an arithmetic coprocessor. Also most of the program integrity verification (for instance verifying the chaining of the instructions  or protecting the calling graph) can be automated with a compiler.

    Several manufacturers already build secure microcontrollers that can be used for VT. Those components are generally designed for banking cards applications; they have a low price tag and a high security level. With an appropriate program runtime and microcontroller firmware, the microcontroller can be seen by the program as a "loosely coupled" coprocessor, plugged for instance on the USB bus, without requiring any hardware change to the machine.

    Despite the lose coupling between the main processor and the coprocessor, the execution inside the coprocessor takes place concurrently with the execution of the main part of the program
    and the program slowdown is minimal.

    We have gone all the path from inventing the concepts, protecting the intellectual property, implementing a USB coprocessor and the associated runtime for Windows, implementing two compilers (one for Java and one for .NET) to finally demonstrating that protected programs are running with acceptable performance. We now intend to grant licenses to interested parties. If anyone is interested in the Validy Technology, then feel free to contact. CYBER COPS India will be happy to provide expert services with the original inventors and the patent holders - Validy Net Inc. 






  • Aug 1, 2011 7:39:00 AM
    Botnet is a network of private computers infected with malicious software and controlled as a group without the owners' knowledge, e.g. to send spam messages or to carry out Distributed Denial of Service (DDoS) attacks.


    According to Digital Activism, a botnet is a network of automated software controlled and manipulated by a third party, that is, neither the owner of the machine running the bot nor the target of the attack. A botnet can refer to a legitimate group of computers that share program processing. However, the term generally refers to computers running malicious software that was downloaded without the consent of the computer’s owner and is used to make attacks against other systems.



    Botnet = Robot + Network


    Symantec's MessageLabs Intelligence (MLI) regularly reviews global botnet activity to identify and characterize the top spam-sending botnets. As part of this analysis MLI also collect the IP addresses of computers under the control of each botnet as they are used to send spam. Using all available data, MLI had plotted the geographical locations of these individual bots that make up the major botnets.


    This map shows these locations, aggregated to within one degree latitude by one degree longitude grid; the darker red the dot indicates that more bots are active from that locationThe top locations are identified as follows: 

    • a black outline indicates the locations of the top 10 most active bots; 
    • a gold outline indicates locations where the top 11-50 most active bots are found. 
    • The percentage of spam sent from each group is also highlighted on the chart.





    Reference: Symantec Cloud
    URL: http://www.symanteccloud.com/globalthreats
  • Aug 1, 2011 6:52:00 AM

    Stuxnet is a computer worm discovered in July 2010. It targets Siemens industrial software and equipment running on Microsoft Windows. While it is not the first time that crackers have targeted industrial systems, it is the first discovered malware that spies on and subverts industrial systems, and the first to include a programmable logic controller (PLC) rootkit.
    Read more »
  • Jul 29, 2011 5:10:00 PM
    Malware and malicious software have been around for years. Malware Networks don’t traditionally come with names, as one might expect, but the security industry has now been tracking the biggest malware offenders for long enough that they’ve been able to identify trends. Traditionally, malware has been identified by particular attacks (and named accordingly), but the reality, is that some networks have grown so large that they have their hands in many different scams at once. And they need names, because these networks are fast, and they’re slippery. The average number of unique host names per day for the top 10 malware delivery networks is 4,107, and an average of over 40,000 users make unwitting requests to malware networks each day. 

    Read on to get an idea of some of the size, shape and growing threat of larger Malware networks, their points of entry and a list of prevention techniques. This is created by Blue Coat's Senior malware researcher Chris Larsen has pulled data from the company's Mid-Year Security Report, 2011.


  • Mar 29, 2011 9:00:00 PM
    The security of software used to control hardware at nuclear plants, gas refineries and other industrial settings is coming under renewed scrutiny as researchers released attack code exploiting dozens of serious vulnerabilities in widely used programs.

    The flaws, which reside in programs sold by Siemens, Iconics, 7-Technologies, Datac, and Control Microsystems, in many cases make it possible for attackers to remotely execute code when the so-called supervisory control and data acquisition software is installed on machines connected to the internet. Attack code was released by researchers from two separate security camps over the past week.

    “SCADA is a critical field but nobody really cares about it,” Luigi Auriemma, one of the researchers, wrote in an email sent to The Register. “That's also the reason why I have preferred to release these vulnerabilities under the full-disclosure philosophy.”

    The vulnerability dump includes proof-of-concept code for at least 34 vulnerabilities in widely used SCADA programs sold by four different vendors. Auriemma said the majority of the bugs allow code execution, while others allow attackers to access sensitive data stored in configuration files and one makes it possible to disrupt equipment that uses the software. He included a complete rundown of the vulnerabilities and their corresponding PoC code in a post published on Monday to the Bugtraq mail list: http://seclists.org/bugtraq/2011/Mar/187

    It came six days after a Moscow-based security firm called Gleg announced the availability of Agora SCADA+, which attempts to collect virtually all known SCADA vulnerabilities into a single exploit pack: http://gleg.net/agora_scada.shtml 


    The 22 modules include exploits for 11 zero-day vulnerabilities, said the company's Yuriy Gurkin in an email. It's not clear how much the package costs.

    Gurkin said Gleg's website has come under sustained web attacks shortly after releasing the SCADA exploit pack: http://gleg.net/

    “We have tried to switch to ddoshostingsolutions.com provider but in just 3 days were out of 500 GB traffic limit,” he said. “Currently trying to solve this.”

    The vulnerability of SCADA systems had long been theorized, but it wasn't until last year that the world got an object lesson on just how susceptible they could be to attack. In July, researchers reported the discovery of a computer worm that attacked SCADA software sold by Siemenshttp://scforum.info/index.php/topic,4365.0.html


    Research later showed that the underlying Stuxnet exploit amounted to a “search-and-destroy weapon” built to take out Iran's Bushehr nuclear reactor.

    SCADA software often runs on extremely old systems that are difficult to replace without causing disruptions to critical equipment. As a result, installing patches and upgrades is frequently avoided despite the obvious security benefits.



    To view all the SCADA Vulnerabilities, click here: http://aluigi.org/adv.htm






    Ref: http://scforum.info/index.php/topic,5772.0.html
  • Mar 21, 2011 8:27:00 AM

    Everything has been said on the Stuxnet worm? Not quite. 
    Someday a “James Bond” or “Mission impossible” film
    might be based on this case. 
    Should we stop here? Clearly not! 
    Such an attack asks numerous questions and must challenge certitudes.
    We might have to rethink our security paradigms.

    Report compiled by Dominique Ciupa.

    Validy: a Paradigm Switch to Ensure Code Integrity

    During the Forum International de la Cybercriminalité, late march 2010, Mag Securs met with Validy. We already knew this company and had looked at their technology in 2005. Our discussions in May and June have touched on the possibility of ensuring executable code integrity.
    Mag-Securs No.29, 2011 - Validy: Learning from the Stuxnet Case
    Uploaded by Neelabh Rai.

    PS:

    In Validy Technology, Verification is part of the system - a self signature without a certification authority.
  • Mar 14, 2011 2:41:00 AM
    As vehicles are increasingly computerized, researchers and industry officials consider it inevitable that cars will face the same vulnerabilities as PCs. Internal computer networks monitor and control everything from brakes, engines and transmissions to air bags and keyless-entry functions. Wireless connections, meanwhile, are becoming more common in reporting a vehicle's position or providing information about the car's functions. Some auto companies are creating applications to allow users to control some features in their car with their smart phone.


    On 10 March, 2011 there was a news update that "Researchers had found that Cars can be hacked and remotely controlled".
    Read more »
  • Aug 19, 2008 1:58:00 PM

0 comments