Blog Archives

Hacker leaks Bangladesh Intelligence classified Emails

Indian hacker, Godzilla once again hit Bangladesh government server. Hacker told us about his latest cyber attack on Directorate General of Forces Intelligence Bangladesh (DGFI – server . He claimed to back up all confidential mails in the server and list of all their agents around the globe.

Bangladesh Intelligence webserver compromised : ehack

Bangladesh Intelligence webserver compromised : ehack

Hacker taunt Bangladesh govt , “To all stupid Intelligence people of Bangladesh do you know what is security??, Iam really felling pitty for you.”

Through a paste note, hacker leak one sample mail (funny one), which is the conversation between Dewan Mamoon and DGFI Director. Some words from email are, “I love the CIA. I love the DGFI. I love the Bangladesh armed forces. I love America and I love Bangladesh.” and “I know that you are the ones to thank for sponsoring me in Bangladesh and the CIA for sponsoring me in America.”
Compromised Intelligence server claimed to be full of sensitive information. In past year, Godzilla had hacked many Bangladeshi and Pakistani Government and Military websites.


Original post at – thehackernews

Thanks for reading. hope it might helped you.

Child Porn on Indian Government websites

One of the ‘The Hacker News’ reader inform us today about porn content on some Indian Government websites. After analyzing such websites, we came across more than 30 sub domains belongs to ‘’ . Where ‘entegramam’ means “My village” and all sub domains of this website are names of the different cities of Kerala state.

Child Porn on Indian Governments : ehack

Child Porn on Indian Governments : ehack

The websites are in Malayalam language and most of the sites are powered by Joomla and Drupal (older vulnerable versions) with discussion forums on them. On our further analyze we found that time stamp of the Porn articles posted on forum dated back to “2012/08/30 16:00”.

That means, Government websites hosting Child Porn content from last four months and authorities or the moderators of the website are not aware about the issue. On a simple Google search, one can found all such pages : “nude” for further reports and analyzing.

Child Porn on Indian Governments : ehack

Child Porn on Indian Governments : ehack

Google also giving notification “This site may be compromised” for few websites in same search, showing that some of these websites are also compromised by hackers.What if Government websites itself serving Porn ? Child Porn is not legal in any country and shameful act. Child pornography in India is also illegal. In February 2009, the Parliament of India passed the Information Technology Bill,” banning the creation and transmission of child pornography. The bill enables India’s law enforcement agencies to take strict action against those seeking child pornography. For example, browsing for child pornography on the Internet can lead to a 5 year term of imprisonment and a 1 lakh fine“.These Forums are actually started by Kerala Government as a project to share information regarding “Education”, “Health”, “Agriculture”, “Tourist”, “Sports”, “Science” and more. We found that threads on forums are active to current dates, there should be some moderators also who look for abused or illegal content, but in this case ,Government host and forget !Government always give stats , why no reasons for Lack in Security ? Recently, Indian Computer Emergency Response Team ( Cert-In) proudly share report in media that over 14,000 websites have been hacked by cyber criminals till October this year. Even the actual number is 10 times they claimed, but the point is, why they never mention the reasons of lack in security ?

Running responsible Government websites without monitoring or moderators is not a good security practice at all. We Request authorities , if you host something – please moderate them.


Original Post at The Hacker News

Thanks for reading. hope it might helped you.

India developing own OS to boost cybersecurity

Summary: Defense Research and Development Organization is creating country’s own operating system to reduce its dependence on foreign operating systems, which it says may contain security risks.

india's OS : ehack

india’s OS : ehack

The Indian Defence Research and Development Organization (DRDO) is developing the country’s own operating system (OS) in a bid to establish a more robust cybersecurity environment.

India currently is dependent on many imported OSes based on Windows and Linux, which are likely to have malicious worms and security issues, DRDO’s Director-General VK Saraswat said at the Navigation and Communication (NAVCOM) conference, The Times of India reported Thursday. Hence, it is essential India builds its own operating system, he said.

Saraswat added the DRDO is 18 months into a programme in which 150 engineers across the country had been working on creating an Indian OS. It will take another three years before this platform will be ready, he said.

The made-in-India OS does not involve any foreign investments and is exclusively “India’s effort”, Saraswat noted. He also advised defence researchers and scientists to start working together with the industry, DRDO, and other scientific departments to drive the development of the OS, so “[India is] independent from what is coming from [the] outside world”.

This initiative is part of India’s latest efforts to beef up its cybersecurity. Earlier this week, the government unveiled a five-year plan to revamp the country’s cybersecurity posture, whereby, operations will be coordinated and connected to major critical infrastructure agencies across India, to monitor real-time information and react faster to cyberattacks.


Original Post at Zdnet

Thanks for reading. hope it might helped you.

India government unveils five-year plan to revamp cybersecurity

Summary: Operations will be coordinated and connected to major critical infrastructure agencies in the country, to monitor real-time information and react faster to cyberattacks.

Cyber Security : ehack

Cyber Security : ehack

The Indian government has set in motion a five-year project to revamp cybersecurity apparatus of critical sectors in the country to meet the growing challenge of cyberattacks.

The National Critical Information Infrastructure Protection Center (NCIIPC), the agency to coordinate cybersecurity operations for critical infrastructure across the country, has been given this responsibility, The Times of India reported on Tuesday.

The five-year plan will be prepared by the agency to revamp and integrate the cybersecurity apparatus of all critical infrastructrure such as power, transportation, water, telecommunications and defence, the agency said at a presentation.

NCIIPC also plans to set up a sectoral Computer Emergency Response Team (CERTs) that would be connected to it, and will install censors on all critical systems to provide real-time information to its command and control (C&C) center about any cyberattack to formulate a quick response.

Under a newly defined mandate, NCIIPC will look after critical sectors with high dependency on computer and information technology (IT), while other sectors will be under India’s CERT, CERT-IN.

“There are also plans to open a Cyber Security Operation Centre, a [round-the-clock] control room for real-time information and response, and a National Institute of Critical Information and Infrastructure Protection for training of chief information security officers (CISOs). We will also issue daily cyberalerts,” Muktesh Chander, NCIIPC center director said, during the presentation.

According to sources who spoke to the Indian news site, this is part of the government’s step to create awareness and ensure a robust security system in all critical government agencies. The task had also been divided into five phases, and once agencies set up their security infrastructure, it will be connected to the NCIIPC.

Shivshankar Menon, national security advisor, who also addressed the gathering, stressed on the participation of the private sector

“The NCIIPC is setting up a joint working group with representatives of industry assocations to bring out guidelines for protection of critical information infrastructure in India,” he said.

India’s critical infrastructure agencies are no stranger to cyberattacks. Just last week, a hacker group leaked Indian telco BSNL’s passwords and database, calling for the withdrawal of a controversial legislation which allegedly suppresses freedom of speech and expression. In April, Chinese hackers allegedly planted a bug via flash drives on India’s navy computers, which relayed sensitive data to China IP addresses.

Original Post at Zdnet

Thanks for reading. hope it might helped you.

%d bloggers like this: