Google accused of abusing dominance in India

The Competitive Commission of India have received queries from business giants like Flipkart, Facebook, Nokia's maps division, and several other companies that US Internet giant Google abused its dominant market position in procuring search results.

The CCI director-general last week filed a report that accuses Google of abusing its dominant position to rig search outcomes, which includes actual search results as well as sponsored links, as seen in the responses from 30 businesses spanning search, social networks, ecommerce, travel and content sites. This marks the first case globally where an antitrust body is formally raising such charges against Google.

This was first initiated when Bharat Matrimony and a Jaipur-based not-for-profit, Consumer Unity and Trust Society, lodged their complaints against the search giant. The Economic Times has highlighted Microsoft's extensive submission on Google's alleged abuse of dominance. Others who responded to CCI include, Hungama Digital and GroupM.

The company has been asked to present itself in front of a seven-member committee headed by chairman Ashok Chawla, a week prior to which it has to submit a report consisting its findings regarding the complaints. The proceeding can go on for several hearings before the commission makes a decision, which can be challenged in the Supreme Court. If the commission finds Google guilty, it can ask the company to make changes in the way it does business.

There is possibility that  CCI might impose a fine up to 10% of Google's income. The CCI could also pursue against top Google executives. Google posted a net income of more than $14 billion on revenue of $66 billion in 2014.

"We're currently reviewing this report from the CCI's ongoing investigation," a Google spokesman said in an email to ET. "We continue to work closely with the CCI and remain confident that we comply fully with India's competition laws. Regulators and courts around the world, including in the US, Germany, Taiwan, Egypt and Brazil, have looked into and found no concerns on many of the issues raised in this report."

The report finds that the prominence of the search result is dependent on a quality score. The score itself says the report is calculated ambiguously. It highlights that Google modifies its search algorithms without informing users and changes results in dramatic changes. It cites the example of a UK website, Ciao!, which slipped to the second page of search results from one of the top results overnight. As a result of this the organisation lost substantial business. "As a result of Google policy, it is unavoidable for the trademark owners to participate and outbid third parties in the auction process for their ads to appear above others in response to search queries on their own trademark keywords," said the report

Graham Central Station compromised with Empolyees' personal documents

4 Investigates found a pile of records wound up in three giant dumpsters at Graham Central Station  in Albuquerque.The records includes social security number, date of birth and driver’s license number.

According to the tipster, “Driving down the alley, I noticed all the trash cans were full of boxes with what looked like files kind of spilling out the top of them.”

The 4 Investigates team collected the records and  attempted to contact every one of the former employees listed. There’s assurance that if the records had already been compromised or not, but investigative team alerted every one about the possible risk.

The blame game has started. Graham Central Station’s president, based in Texas, Roger Gearhart, refused to answer questions, but sent a statement through his attorney, "Graham Central Station was upset to learn that its landlord... recently discarded dozens of its personnel files into a public dumpster. Ross Plaza One evicted Graham Central Station from its building and offices in November 2014 and changed the locks, which prevented Graham Central Station from accessing its records for a period of months. Although Ross Plaza One assured Graham Central Station that its records would be destroyed, that apparently did not happen."

However, emails from the landlord’s attorney offer a different perspective. The final letter from the landlord to Graham Central Station, which went unanswered, was: “I would like to confirm that Graham is aware that we intend to destroy and dispose of all the boxes…”

Those people who worked at Graham Central Station, need not to worry as  their records are now in safe hands. 

Graham Central Station was famous for having more than one club under one roof, but after eleven years in business, the club was closed down.

SEBI comes up with cyber security policy for stock exchanges, depositories and clearing corporations

Securities and Exchange Board of India (SEBI), which established in 1988 to regulate the securities market in India, asked stock exchanges, depositories and clearing corporations to put in place a system that would prevent systems, networks and databases from cyber attacks and improve its resilience.

According to a report published on LiveMint, the SEBI said these Market Infrastructure Institutions (MIIs) need to have a robust cyber security framework to provide essential facilities and perform systemically critical functions of trading, clearing and settlement in securities market.

“As part of the operational risk management framework to manage risk to systems, networks and databases from cyber attacks and threats, the MII should formulate a comprehensive cyber security and cyber resilience policy document to put in place such a framework,” the SEBI said.

It is said that the SEBI also asked the MII to restrict access controls in the time of necessary.
As per which no one will have any intrinsic right to access confidential data, applications, system resources or facilities.

The SEBI has asked it to deploy additional controls and security measures to supervise staff with elevated system access entitlements.

According to the news report, the SEBI Chairman UK Sinha said that attackers are attacking in a more sophisticated manner.  

“We are worried over state-sponsored cyber attacks. There are worries that the vulnerability in markets are increasing. We need to create a framework for future plan of action on securities market resilience,” he added.

The exchanges and other the MIIs would also have to submit quarterly reports to the SEBI, containing information on cyber attacks and threats experienced by them and measures taken to mitigate vulnerabilities, threats and attacks including information on bugs, vulnerabilities and threats that may be useful for other the MIIs.

Along with this, the MIIs have to share the useful details among themselves in masked and anonymous manner using a mechanism to be specified by the regulator from time to time, to identify critical assets based on their sensitivity and criticality for business operations, services and data management.

Likewise, it should maintain up-to-date inventory of its hardware and systems, software and information assets (internal and external), details of its network resources, connections to its network and data flows.

The SEBI asked market stakeholders to establish baseline standards to facilitate consistent application of security configurations to operating systems, databases, network devices and enterprise mobile devices within the IT environment and also to restrict physical access to the critical systems to minimum. 

CSPF comes up with modsecurity rules to protect servers from hacker

Cyber Security and Privacy Foundation (CSPF), a non-profit organisation which provides solution to tackle cyber security and privacy issues, has developed a set of rules to protect servers from malicious hackers.

It has come up with modsecurity rules for public, wrote Manish Tanwar and Suriya Prakash of CSPF.

Although, OWASP Core Rule Set (CRS), a project which aims to provide an easily pluggable set of generic attack detection rules that provide a base level of protection for any web application, has been solving several kind of vulnerabilities, it has failed to protect backdoor’s attacks and latest bypasses.

So, CSPF's rules are aimed to protect against the latest bypasses and back doors. It is all set to release the rules for the public.

According to the organization, these can be easily expanded.

Here are the functions of the rules:

-          The rules can block sensitive files and folders from being accessed.
-          The rules can block b374k shell variants along with some other popular shells.
-          The rules also disable directory listing and phpinfo.
-          The rules block SQL Injection.
1.       Normal SQL Injection
2.       Blind and Time Based SQL Injection
3.       All types of SQLI

You can get the rules and procedure to use them from here:

Cisco fixes remote code flaw in its UCS Central software

Cisco System Inc, an American multinational corporation,  has released an advisory to address remote code execution vulnerability in its Unified Computing System (UCS) Central software, a networking giant which integrates processing, networking and storage into one system.

The company said that it could exploit by remote attackers to execute arbitrary commands on affected systems.

“Successful exploitation of the vulnerability may permit unauthenticated access to sensitive information, allow arbitrary command execution on the Cisco UCS Central operating system or impact the availability of the affected device,” Cisco wrote in its advisory on May 6.

“An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device," said the advisory. An exploit could allow the attacker to execute arbitrary commands on the underlying operating system with the privileges of the root user.”

According to the advisory, the vulnerability was caused by the improper input validation (CVE-2015-0701) which allows an unauthenticated remote attacker to execute arbitrary commands on the underlying operating system with root privileges.

However, the company has failed to validate user input via its web framework, exposing the platform to remote attack in versions 1.2.

The company added that it is not aware of any public exploits as it hasn’t found any evidence to prove it.

The advisory said that the users can fix the vulnerability by updating the software which is provided by Cisco.

The company has urged its users to update to UCS Central software version 1.3. It has assigned the vulnerability its highest severity score of 10.

Earlier, Cisco released security updates for several of its products. Like Cisco Adaptive Security Appliance (ASA), Cisco Small Business SPA300 and SPA500 series IP phones, and IOS software.

Google launches 'Password Alert' to protect its users from phishing attacks

Google on April 29 launched a new extension, ‘Password Alert’, which warns people whenever they type in their Google password on any site that is not a Google sign-in page.

Drew Hintz, security engineer and Justin Kosslyn, Google Ideas, posted on the Google’s Online Security Blog, that the Password Alert, which is now available on the Chrome Web Store, is aimed to prevent phishing attacks. However, it also aims to minimize the over use of Google password.

They wrote that it is designed to alert people while they use their Google password on those sites which are not operated by Google.

According to them, if anyone enters his/her password on a website that’s imitating and aims to get personal details, he/she will receive a warning. It also provides people time to change their password before it gets misused.

It works by checking the HTML of the page to identify whether it’s a legitimate Google sign-in page or not.

According to Google, the password hacking is known as “phishing” which represents two percent of all Gmail messages.

The new tool is believed to be an additional attempt of security for Google’s users. The Password Alert sits among a number of tools which are aimed to safeguard user accounts. Other methods include two-step authentication and security key.

AT & T fined $25 million over customer data thefts

(photo courtesy-

The Federal Communications Commission (FCC) has fined AT & T Inc with $25 million over data breaches at call centers in Mexico, Colombia and The Philippines. The FCC said that at least two employees confessed stealing of private information belonging to thousands of US customers which included their names, full and partial social security numbers and account-related data, known as customer proprietary network information (CPNI).

According to a senior FCC official, the details of about 280,000 people were taken during the data breaches. These series of data thefts took place in 2013 and 2014. The data was used by call center employees to request handset-unlock codes for AT&T phones and shared with third parties involved in trafficking stolen cell phones.

After this incident, AT&T has informed with all the affected customers and it has also terminated its business deal with the companies that operated the call centers where the data was stolen.

The company also quoted that it has changed its policies and strengthened operations to ensure that a similar data breach doesn’t occur.

The investigations began by the FCC in Mexico, last May, after it was given information about data going missing.

The $25 million fine is the highest that the FCC has ever issued for data security and privacy violations.  

Minnesota family discovers breach of their nanny cam stream

An unnamed family living in Rochester, Minnesota discovered that the nanny cam they were using to keep an eye on their baby had been hacked, and the footage was being streamed online to a private channel. The incident was brought to light by KTTC, NBC's local network.

The family said that they kept seeing random things that were happening in their child's room. The parents of the child would be able to hear music coming from the camera, but as soon as they stepped in the room, the sound would stop coming.

After investigasting into the matter, the family found a URL attached with the IP address of the device. Upon following the URL, the family discovered a website displaying feeds from various hacked nanny cams. The hackers are not only able to see the feeds, but they can also physically control the device.

This is not the first time that a vulnerability has been found in Foscam's system. The company has its set of guidelines for implementing security measures and asks users to change the default password.

Fake Kaspersky Antivirus app found on Google Play, Windows Phone Store

While Google Play Store is able to prevent malicious applications from being uploaded to the market,  Google still fails to prevent cyber criminals from uploading fake apps.

Last Month, Android Police discovered a fake Antivirus app on Google Play going by the name of 'Virus Shield' which fooled thousands of users into buying this app.

The story of fake Antivirus apps doesn't stop there.  Today, Experts at Kaspersky have discovered one more fake Antivirus app going by the name of 'Kaspersky Anti-virus 2014' on Google Play.

The fake version of Kaspersky was being sold for $4 that does nothing other than displaying the Kaspersky Logo.

Researchers also discovered that few fake apps were being sold at Windows Phone Store.  Some of them are 'Mozilla Mobile', 'Kaspersky Mobile', 'Avira Antivir' and the 'Virus Shield' apps.

The fake version of Kaspersky antivirus app for Windows phone pretends to be scanning your device but does nothing.

Few weeks back, when i was searching for TrueCaller app for my Windows phone, i also came across a fake paid Version of TrueCaller and other apps.  After i reported to Microsoft, they removed those apps from the store.

Just now, I also found a fake version of COMODO Antivirus for the windows phone which is being sold for $1.49.  This fake app was uploaded by cheedella suresh( The name appears to be South Indian name).

As you can see, the developer has also uploaded few other fake apps in Windows phone store.  These apps have been uploaded in the recent months(April- May).

Emails promising CNN article about HeartBleed vulnerability leads to Spam sites

Cyber Criminals often take advantage of hottest topics and latest events to entice users into visiting spam websites. The HeartBleed bug, which has made headlines over the past few weeks, is no exception.

Now, spammers are sending out emails with subject "HeartBleed Bug warning". The spam campaign was discovered by Security researchers at TrendMicro. 

"I Just want to let you know there is a big security concern now in the internet.  The Internet bug called Heartbleed Bug, was recently discovered by experts.  So if were you, you need to change your internet passwords specially your banking passwords." The spam email reads.

"Check for this report in CNN. Report from CNN[LINK]"

If the link provided in the email led to the actual CNN report, the email may have been considered as cyber security awareness email.  But, the link leads to some malicious webpage.

One good thing what spammers did is notifying users about the HeartBleed vulnerability and suggest recipients to change their password.  If the link provided in the email.

Cyber Defence Course Level 1 in Anna University, Chennai

Most of us from beginners to advanced users use mobile phone/laptops/desktops. We don’t know to secure our machines/phones from hackers, viruses, spies who want to get our information. Here is a short course on securing your computer. mobile phones and laptops from most advanced cyber espionage guys.

Who should learn this:

a. Corporate users – Marketing, sales, CEO, CFO’s who are targeted by corporate espionage

b. Women & Children who want to secure their phones, emails, social media.

c. Lawyers , Doctors who may be targeted to get information on their clientele.

d. Common Man – Anyone who uses computers from young to old for securing their own machines/laptops to protect their loved ones.

e. College Students



  • Security in general.
  • Online security and safe browsing practices.
  • Using live CD for banking.
  • Social Media privacy settings (FB, Twitter, Gmail , 2 factor auth)
  • What can malware do ?
  • Firewall.
  • Check for malware without AV (find undetectable virus).
  • Removing malware manually.
  • Checking USB for malware also disabling autorun.inf type virus.
  • Anti Keylogger.
  • Sandbox.
  • Recover Files.
  • Secure Wipe Files.
  • Encrypt files.
  • Encrypted Email
  • Encrypted Chat


Secure Chat, Phone, Messaging on windows, android & others.


Cyber Security & Privacy Foundation will give certificate.

Register here

Anna University, Chennai

Canadian Spy agency with help of NSA tracked passengers who used free airport WiFi

Image Credits: Kaspersky
Here is another example why public WiFI networks pose a potential risk to your data.

A report from CBC News based on newly leaked secret document by former U.S. security contractor Edward Snowden reveals that Canadian spy agency was spying on the passengers who used free WiFi service in airports.

The Communications Security Establishment Canada (CSEC) is prohibited from spying on Canadians without a warrant.  However, they have collected metadata about all travelers passing through Airport including Canadians.

The document presented to the CBC shows the captured information from travelers' devices was then helped the spy agency to track them for a week or more as their wireless devices connected to any other Wi-FI hot spots in locations around Canada and event at US airports.

According to CBC, the leaked document suggests that operation was a trial run of a new software developed by CSEC with the help US's National security Agency(NSA).

Two largest Canadian airports - Toronto and Vancouver - and Boingo, a largest independent WiFi services supplier at other airports, have denied the involvement in providing any information of WiFi users.

Hackers reportedly used stolen vendor credentials for hacking Target system

Target Corporation told Wall Street Journal that the massive data breach it suffered last month happened after cyber criminals compromised credentials from a vendor and used them for hacking into the Target system.

The company didn't provide much information.  It didn't say how hackers stole the credentials.  They also didn't specify in which portal hackers logged into.

Cyber security blogger Brian Krebs who brought the Target breach to the light, said in his blog that malware used in the breach had used username 'Best1_user' and password 'BackupU$r' to access the shared drive.  Krebs highlighted the fact that the username is same as the default password used in IT management software developed by BMC Software.

"According to BMC’s documentation, this account is normally restricted, but the attackers may have usurped control to facilitate lateral movement within the network." said in Dell SecureWorks report pointed out by Krebs.

The report also revealed that malware component installed a service called "BladeLogic", appeared to be mimicking the name of another product of BMC.

A Trusted source told Krebs that BMC's software is used by many major retailers.  He believes targets also use it.

Krebs also confirmed that cyber criminals known as Rescator are selling millions of cards stolen in the Target data breach.

Chinese hackers compromised European Ministries' computers before G20 summit

Network Security company FireEye found out Chinese hackers have compromised computers of 5 European foreign Ministries before the last Sep. G20 Summit, reports Reuters.

The cyber attack was achieved by sending spam email containing malicious file entitled "US_military_options_in_Syria". Once the recipient opened the file, it infects the their computer.

The company said they were monitoring the main command and control(C&C) server used by hackers in late August. However, the researchers lost access after the hackers moved to another server before the G20 summit began.

FireEye believes the hackers were preparing the attack to steal data from the compromised computers.

Based on evidences, especially the language used in the hacker's server and computers used for testing the malware, researcher come to conclusion that the attack is from China.

Scientists developed Malware capable of sending data using Mic and Speakers

How a malware can steal the data from an infected system that doesn't have internet connection? You might think it is impossible.  Computer scientists say it is possible.

German Researchers at Fraunhofer Institute for Communication, Information Processing, and Ergonomics, say that a malware can transmit data using inaudible sounds.

It can steal confidential data or keystrokes using nothing more than a normal speakers and Microphones without any internet connection. 

Security researchers often suggest not to connect the system that has sensitive data to Internet so that cyber criminals can't reach them.  But now, It can steal from audio sounds without network connection.  So what now?! Then, Let us remove the audio devices. 

The researchers says it can be prevented by switching off audio I/O devices.  Sometimes, we might need audio devices.  In that case, the inaudible communication can be prevented "by application of a software-defined lowpass filter".

The researchers has described their idea in their paper entitled "On Covert Acoustical Mesh Networks in Air".  You can find the research paper here.

(h/t: Ars Technica)

UW Medicine's Computer infected with Malware, 90k patients data accessed

The University of Washington School of Medicine reports that their computer which had patient stored in it is infected with malware.

The malware made it's way into the infected-system when an employee opened the email attachment that contained malicious software.

After an internal investigation, they found that the patients' data are not targeted. However, the malware managed to access the files containing data of approximately 90k UW Medicine and Harborview Medical Center patients.

The accessed-data includes names, Social Security Numbers,phone number, address, medical record number and few other details, According to their press release.

UW Medicine officials started to notifying patients about the incident. The incident has also been reported to FBI.

It is always good to create cyber security awareness among employees who are taking care of system that has both internet and sensitive data.

Break The Security - Hands on Ethical Hacking and Cyber Security Training for Corporate

Cyber Security & Privacy Foundation is proud to announce the Corporate training in Chennai. The attendees will be trained by four security researchers on various cyber security topics.

The training starts with introduction to information security field and various classes of hackers. It will be hands on training, we will demonstrate the usage of various security tools and will help the attendees to use it.

The course covers various tookits including TamperData, Hackbar, Maltego, FOCA , Live HTTP Headers plugin and more.

We also give training on advanced tools for vulnerability assessment and penetration testing which includes Metasploit, Nmap, Nessus, sqlmap, and more.

Attendees are requested to bring their own laptops installed with isolated network like VMware/Virtual box to gain hands on exposure.


Computer Society Of India Head Quarters,
Educational Directorate- Taramani,
Chennai, Tamil Nadu


The Corporate Training tickets would cost Rs. 2000/- per person.

Lunch and Tea/Snacks will be provided at the venue.

Registration Link:–ethical-hacking-hands-on-for-corporate

For more details , visit :

Using Internet ?! Then, Don't expect Privacy , #PRISM is here !

Yes, If you are using Internet, then forget about the Privacy.  Recent report from Guardian is another example that confirms privacy in internet is Illusion.  The whistleblower Edward Snowden has leaked few files that confirms Microsoft collaboration with the U.S authorities.

According to the Guardian report,  Microsoft helped the NSA and FBI to access the unencrypted messages sent over Outlook web chat, Hotmail services and Skype.

Microsoft also helped the authorities to access its cloud storage service SkyDrive. The Skype video & audio calls was also reportedly being collected through PRISM.

"Microsoft also worked with the FBI's Data Intercept Unit to "understand" potential issues with a feature in that allows users to create email aliases;" The report reads.

Secure Gmail Chrome extension to encrypt Gmail Messages

Are You Worrying about Privacy and PRISM? Would you like to boost little security to your confidential mails? Then, here is a small solution for you.  SecureGmail is a Google chrome extension that allows you to encrypt your Gmail messages before sending.

Once you installed the extension, you can see a lock icon near to the Compose button in your Gmail.  Just click the icon to send the Secure Mail. Once you clicked the icon, you will get a normal Gmail "compose" interface with title "Secured"

In Secure mode, the Gmail can't track what you are typing and won't able to save the message in the Draft. 

Click the "Send Encrypted" button, now you will be asked to enter the password- a long & strong password will be good and don't enter any hints.

The best part is that the encryption process will be done in your local machine, Google won't be able to read the plain-text message. 

The recipients will be able to decrypt the message only if they have the passwords that you can message them(but don't send it via Internet )

It is open source project which means that you can review the source code of the extension and help/share your ideas to improve it.
Here you can download it:

* Using the Same password for all messages is not good security measure but using unique and strong passwords will be hard to remember. 

You can use our comment section to share Your Thought about this extension- Do You think it will provide complete protection against privacy problems?

Malware receives instructions from Evernote account

Trend Micro has uncovered a new piece of malicious software that appears to be using the note-taking service Evernote as Command and Control(C&C) Server.

The Trojan , dubbed as VERNOT, can perform several backdoor commands such as downloading , executing and renaming files. It harvests information of affected system .

Here is the interesting part, the malware receives malicious instructions from the Evernote accounts and at the same time, it stores the harvested information in the Evernote accounts.

"Misusing legitimate services like Evernote is the perfect way to hide the bad guys’ tracks and prevent efforts done by the security researchers." Researchers pointed out.

This is not the first time that a popular legitimate service is being abused as C&C server - In the past, Google Docs, Sendspace, Twitter, and other services have been used by Cyber Criminals to send instructions to malware.