Norton Scientific Reviews Symantec Source Code Leaked by Hackers


A group of hackers who call themselves the Lords of Dharmaraja, (and is associated with Anonymous) have published the source code of Symantec, a digital security firm know for the Norton antivirus program and pcAnywhere, raising concerns that others could exploit the security holes and try to control the users computer.The release of the source code came after the ‘extortion’ attempt failed as Symantec did not comply with their numerous deadlines.Negotiations through email messages between a representative of the hacker group, YamaTough, and someone from Symantec were also released online. The exchange of messages are about Symantec’s offer to pay USD 50,000 for the hackers to stop disclosing the source code and announce to the public that the whole Symantec hack was a fake, which made them a subject of mockery for appearing to buy protection.

Both sides admitted that their participation was just a trick.The hackers denied any extortion aim, saying that they never intended to take the money and were going to publish the source code whatever happens; they simply want to humiliate them so they played along. While Symantec said that they are not actually the one in communication with the hacker, but a law enforcement agent.The long negotiation worked to the favor of Symantec as they have been able to come up with patches to theirNorton and pcAnywhere programs. Symantec has advised their users to stop using the softwares in the meantime until they have issued more patches for them.Symantec released a statement saying that they have always been prepared for the leak of the source code so they’ve made and distributed hotfixes on January to secure their users.The drawn-out negotiation is an obvious sign of a law enforcer on the other line. Delaying tactics is one of their assets to obtain insight into the enemy. More importantly, it will create more transactions where paper trail will be left along the way — utilizing persons who have been involved in the process and the records themselves to trace the suspects.

It has been a common ploy of investigators like the FBI who deal with kidnappers or extortionists to break down the amount into several smaller payouts.Since 2006, Symantec has already suspected there has been a network breach but they were not able to verify any data pilfering until recently when the hackers threatened them to release the source code of Norton. There are further reports saying that the source code of Symantec was stolen from servers of India’s intelligence and military department. (They alleges that Symantec has previously given India the code to guarantee the government that they contain no malicious program.) However, this was denied by Symantec — they have already admitted that the theft happened in their own servers and network.The security firm formerly said that the Indian group was also the one responsible for the 2006 breach but retracted it today. They are now saying they’re not sure who stole the source code in 2006 and how they managed to get their hands on it.

5 Reasons Why Businesses Need Ethical Hackers


Hacking, which has been an integral part of computing for upwards of 50 years, is definitely an broad discipline, which covers a wide range of topics. The first reported hacking what food was in 1960 at MIT along with the term ‘Hacker’ was used.

For non-geeks, this is a short introduction. Computer software is made up of computer programs, which give instructions on how the hardware should perform certain tasks. These softwares are often prepared by programmers, who’ve full entry to your entire programs. The programs are then sold to users with strict rules or protocols by which they are available only to certain authorized persons (usually with passwords) for reasons of security. Theoretically, nobody except these authorized persons have usage of utilize these.

How can others obtain unauthorized access?

  1. The original programmers, who have prepared the foundation code, and possess invariably provided their very own entry ways trap-doors and passwords.
  2. Earlier users who’re don’t authorized users, but whose passwords have not been deleted.
  3. Other unscrupulous persons who would like to access the machine for ulterior motives.
  4. Since there is a great deal activity and business run by computers, and many computers are connected from the Internet, these are ready to accept be accessed by various persons over the internet.
  5. Computers are also vulnerable to attack by malicious software (mal-ware) and virus attacks, which leaves them available to attack by hackers and mal-ware. These ‘virus infections’ and ‘worms’ are designed by persons who would like to hack into the device and steal information or make entire systems crash or destroy the complete data stored.
    Just as virus attacks in computers are prevented by anti-virus software like MacAfee, etc. companies protect themselves from hacking by employing ethical hackers. EC Council defines an ethical hacker as ‘an one that is generally employed with the organization and that can be trusted to undertake an attempt to go into networks and/or pcs utilizing the same methods and techniques being a malicious hacker.’

It means act of locating weaknesses and vulnerabilities laptop or computer and information systems by duplicating the intent and actions of malicious users.
It can be called penetration testing, intrusion testing, or red teaming. It requires them take a look at client network as potential malicious attackers, then devise the correct safeguards to shield clients from attacks. |

So what makes ethical hackers needed?

  1. They are required to identify and seal all possible points of access by hackers, which may be individuals or sophisticated software, including ‘worms’.
  2. In simple language, an ethical hacker thinks and works such as an unethical hacker to discover and exploit vulnerabilities and weaknesses in various systems, and exactly how they can be breached.
  3. Then he devises methods to guard the vulnerable points by erecting firewalls, stronger passwords, frequently changing passwords, using iris scans or fingerprints together with passwords, encryption, etc.

4 They also must prevent ingress (entry) from the original programmers who come up with software by persons who’re no more authorized to log into the system.

  1. They may also suggest VPN (Virtual Private Network), a safe and secure tunnel from your computer and destinations visited online. It utilizes a VPN server, which is often located from any location, and gives privacy. VPN will perform the work to prevent someone snooping your browsing history, or spying for you. VPN could make you browsing through the server geo-location not your computer’s location so we will continue anonymous.

With most private data being released today over the Internet for a price, Data Privacy can be a serious concern; hackers can certainly purchase private data and steal your data using your passwords for other sites (as most folks have the same weak passwords for several applications and rarely change passwords). They will educate users on how to choose difficult passwords, where to record or not record the passwords, and exactly how frequently you need to change passwords.