Researchers claim to be able to hijack cell-phone data connections.
In a presentation today at Black Hat Europe, a computer-security conference in Amsterdam, a group of researchers claimed to have found a way to hijack the data sent to and from mobile phones. The researchers say that the attack might be used to glean passwords or to inject malicious software onto a device.
Mobile phones are becoming ever more useful for transmitting data in addition to making voice calls, and they’re increasingly being used for sensitive activities such as online banking, as well as for searching the Internet and downloading mobile games.
The new attack relies on a protocol that allows mobile operators to give a device the proper settings for sending data via text message, according to Roberto Gassira, Cristofaro Mune, and Roberto Piccirillo, security researchers for Mobile Security Lab, a consulting firm based in Italy. By faking this type of text message, according to the protocol an attacker can create his own settings for the victim’s device. This would allow him to, for example, reroute data sent from the phone via a server that he controls. The researchers say that the technique should work on any handset that supports the protocol, as long as the attacker knows which network the victim belongs to and the network does not block this kind of message.
Some trickery is required to make the attack work, however. Ordinarily, to transfer settings to a device remotely, a mobile operator will first send a text message containing a PIN code. The operator will then send the message to reconfigure the phone. In order to install the new settings, the user must first enter the PIN.
[click to continue…]
RBI is ready to issue a new bimetallic 10 Rupee coin for circulation.
The look: The obverse side has the lion capitol with numeral 10 and year of manufacture. On reverse side, a double line cross with a dot in each pellet of cross and denomination written in Hindi and English around. This design has been prepaed by National Institute of Design, Ahmedabad with the theme of Unity in Diversity. The outer side metal is Nickel-Bronze and the inner side metal is Ferrous Steel. The weight of the coin would be 8 grams and the diameter would be 28 mm.
The coins are being minted at mainly Noida and Mumbai mint. The coins worth Rs.70 million was already stored in its stock till August 2008.
GreenSQL is an Open Source database firewall used to protect databases from SQL injection attacks. GreenSQL works as a proxy and has built in support for MySQL. The logic is based on evaluation of SQL commands using a risk scoring matrix as well as blocking known db administrative commands (DROP, CREATE, etc). GreenSQL is distributed under the GPL license.
GreenSQL-FW: 1.0.0 Released :
GreenSQL team is ready to present new version of GreenSQL. GreenSQL intercept SQL commands being sent to MySQL, checks them, and then either halts the query or passes it on to MySQL proper. Then it returns the query results to the calling application. Currently only MySQL database is supported. This release includes a new version of firewall and a management application.
This is a major application release geared towards application stability, ease of use, performance increase and elimination of bugs.
[click to continue…]
One of the ways by which a virus can infect your PC is through USB/Pen drives. Common viruses such as ’Ravmon’ , ‘New Folder.exe’, ‘Orkut is banned’ etc are spreading through USB Driver. Most anti virus programs are unable to detect them and even if they do, in most cases they are unable to delete the file, only quarantine it. Here are the things which you can do if you want to remove such viruses from your USB Drive
Whenever you plug a USB drive in your system, a window will appear similar to the one shown below
Don’t click on Ok , just choose ‘Cancel’. Open the Command Prompt by typing ‘cmd‘ in the run box. In the command prompt type the drive letter: and press enter . Now type dir /w/a and press enter.
This will display a list of the files in the pen drive. Check whether the following files are there or not
- Autorun.inf
- Ravmon.exe
- New Folder.exe
- svchost.exe
- Heap41a
- or any other exe file which may be suspicious.
[click to continue…]
