14 August 2013

India’s first Cyber Forensic Lab sets up in Tripura

India’s first Cyber Forensic Laboratory (CFL) has been set up in Tripura, an official said Monday. The lab, established at the Tripura High Court will provide court case related information.

....Supreme Court judge Justice Madan B. Lokur, who was earlier the chief justice of the Gauhati High Court, inaugurated the CFL on Sunday....

.....“A National Judicial Data Grid (NJDG) is being developed under the Supreme Court’s supervision. All information about legal services, court cases and judicial actions would be available from the NJDG,” Lokur said...

......“So far, 13,000 judicial officers, including judges, have been trained about the e-court system and to equip them with the ongoing modernization of legal services.....

.....“With this new system of trial and administrative works, the litigants will be immensely benefited. It will save both time and money to get quick justice and prompt disposal of cases,” Lokur said......

Click here to read more .....

05 August 2013

Step into the BREACH: New attack developed to read encrypted web data

..... A new hacking technique dubbed BREACH can extract login tokens, session ID numbers and other sensitive information from SSL/TLS encrypted web traffic, say researchers.....

.....BREACH (short for Browser Reconnaissance and Exfiltration via Adaptive Compression of Hypertext) attacks the commonDeflate data compression algorithm used to save bandwidth in web communications.......

.....The attacker just has to continually eavesdrop on the encrypted traffic between a victim and a web server before tricking marks into visiting a website under the miscreant's control.....

.....The attacker's booby-trapped website hosts a script that runs the second phase of the attack: this forces the victim's browser to visit the targeted website thousands of times, over and over, each time appending a different combination of extra data......

.....The practical upshot is that tokens and other sensitive information sent over SSL connections could be lifted even though the encrypted contents of emails and one-off orders sent to e-commerce websites are beyond the scope of the attack......

Click here to read more .....