| The Hacker News |
| The Hacker News has been internationally recognized as a leading news source dedicated to promoting awareness for security experts and hackers // via fulltextrssfeed.com |
Fear of NSA PRISM : Indian Government may ban US email services for official communication
8/30/2013 7:09:00 PM
The Indian Government is planning to ban the use of US based email services like Gmail for official communications to increase the security of confidential government information.
The recent disconcerting reports that that India was being spied upon by American intelligence agencies has opened an all new chapter in the cyber security space. As leaked by former US National Security Agency contractor Edward Snowden, that NSA involved in widespread spying and surveillance activities across the globe.
The fact that several government officers in top positions use their Gmail IDs for official communications i.e. Several senior government officials in India, including ministers of state for communications & IT Milind Deora and Kruparani Killi, have their Gmail IDs listed in government portals as their office email.
Last week, India's IT minister Kapil Sibal revealed that the new policy will enforce rules such as use of static IP addresses, virtual private networks and one-time passwords for accessing Indian government email services on all Indian officials who are stationed abroad.
"All Indian missions will use NIC servers which are directly linked to a server in India and that will keep government information safe." Sibal said.
Latest Hacking News Updates
Author details
Mohit Kumar aka 'Unix Root' is Founder and Editor-in-chief of 'The Hacker News'. He is a Security Researcher and Analyst, with experience in various aspects of Information Security. Other than this : He is an Internet Activist, Strong supporter of Anonymous & Wikileaks. Follow him @ Twitter | LinkedIn | Google | Email | Facebook Profile
Apple Mac OS X Vulnerability enables Root User to Hackers by resetting the clock
8/30/2013 6:32:00 PM
The flaw remained unmatched by Apple for the last five months, dubbed CVE-2013-1775, the flaw allowed attackers to bypass normal password authentication procedures by resetting the computer clock to January 1, 1970.
The reason that specific date is required is because it represents the beginning of time to the operating system and some applications that run on it. When the SUDO command is used in combination with a clock reset, the computer can be tracked into providing root access without a password.
Metasploit authors have come up with a brand new module that makes the bug even easier to exploit, renewing interest in the problem. The module gains a session with root permissions as long as the user ran the SUDO command before and as long as they have administrative privileges.
H.D. Moore, founder of Metasploit, warned that this was a serious vulnerability: "The bug is significant because it allows any user-level compromise to become root, which in turn exposes things like clear-text passwords from Keychain and makes it possible for the intruder to install a permanent rootkit."
In addition, the hacker needs to have either physical or remote access to the machine. Apple has yet to respond or issue a patch for the bug. As a result, all versions of the operating system from OS X 10.7 to the current 10.8.4 are affected.
Latest Hacking News Updates
Author details
Mohit Kumar aka 'Unix Root' is Founder and Editor-in-chief of 'The Hacker News'. He is a Security Researcher and Analyst, with experience in various aspects of Information Security. Other than this : He is an Internet Activist, Strong supporter of Anonymous & Wikileaks. Follow him @ Twitter | LinkedIn | Google | Email | Facebook Profile
You are receiving this email because you subscribed to this feed at feedmyinbox.com
If you no longer wish to receive these emails, you can unsubscribe from this feed, or manage all your subscriptions
0 comments:
Post a Comment