Secuity Awareness
“Human Present” A new security technology
by Vinod Sharma on May.09, 2009, under Secuity Awareness
Human Present is a technology spun off from research at Georgia Tech that catches online fraud in action, using a dynamic method of identifying human behavior anomalies while at the same time preventing the fraudsters from detecting that they’re being watched. It differentiates human visitors from spiders, bots, and even zombie computers in bot networks.
For complete details visit:
http://www.humanpresent.net
http://www.pramana.com
Over 8M Virginian patient records held to ransom
by Vinod Sharma on May.08, 2009, under Secuity Awareness
Hi,
On Thursday, April 30, the secure site for the Virginia Prescription Monitoring Program (PMP) was replaced with a $US10M ransom demand:
“I have your shit! In *my* possession, right now, are 8,257,378 patient records and a total of 35,548,087 prescriptions. Also, I made an encrypted backup and deleted the original. Unfortunately for Virginia, their backups seem to have gone missing, too. Uhoh 
For $10 million, I will gladly send along the password.”
Original copy is available at:virginia-ransom-2009
The note said the intruders possessed 8.3 million patient records and 35.6 million prescriptions. Also, the thieves said they created an encrypted backup of the data and deleted the original files.
Virginia’s Prescription Monitoring Program (VPMP) website PMP is still not accessible.
Compromise of a website/server is not new but thing about which i am concerned is: Disaster management department(DMD) is doing what, before the incidence? They have not maintained a single isolated backup copy of the whole database. I thing DMD did a very poor job, because if they have backup system which is can’t be compromised through the internet, then they don’t have to bent there knees in front of a bad guy.
Remember
“Nobody is secure in cyber world but security can be achieved up to the maximum by closing all possible loop holes”
ProxyStrike v2.0 released
by Vinod Sharma on May.03, 2009, under Hacking Tools, Secuity Awareness
ProxyStrike is an active Web Application Proxy, is a tool designed to find web application vulnerabilities like XSS,SQL,LFI,DT etc. while browsing an application.
Download location:http://code.google.com/p/proxystrike/downloads/list