- Techie Held For Hacking Air India Frequent Flyers Accounts
New Delhi: A 23-year-old techie has been arrested for hacking Air India’s Frequent Flyer member accounts and using them to book tickets sold to several travel agents, Delhi Police said on Sunday. The accused, Anitesh Giri Goswami, a BCA graduate from Pune, was arrested from Jaipur on Friday. According to police, a complaint was received in the Cyber Crime Cell of the Delhi Police’s Economic Offences Wing (EOW) alleging some persons were selling Air India tickets by redeeming of miles of genuine Flying Returns Members after hacking the Frequent Flyer members account. A laptop, several mobile phones and other relevant documents were also recovered from his possession Explaining the modus operandi, police said that Anitesh first understood functioning of the ticketing system as well as the points/miles system of the airlines and then hacked into the Loyalty Plus programmer website of Air India. After gaining access, he administrator user rights, which he used to upgrade several other user IDs with the same rights, police said He gained access to the internal functioning of Air India website while working at the Jodhpur airport, and left his Air India job to start exploiting loopholes in the Frequent Flyer Programmer’s functioning.
Cyber Security Tips: Air India need to check for security holes and immediately patches it; user has to change their password.
- Use Tor? Riffle promises to protect your privacy even better
Researchers from the Massachusetts Institute of Technology (MIT) and the École Polytechnique Federal de Lausanne (EPFL), Switzerland have created a new anonymity network, which they claim fixes some of Tor’s weak points. Dubbed Riffle, the anonymity network promises to provide better security against situations when hackers introduce rogue servers on the network, a technique to which TOR is vulnerable. Riffle maintains users’ privacy as long as at least one of its servers remains safe. The secret behind Riffle is the use of a Mixnet or Mix Networks – a system that routes each user’s messages through a chain of proxy servers known as Mixes in order to prevent traffic analysis. The messages are then sent to the destination in a random order, making it harder for any eavesdropper to link the source with its receiver. Riffle also uses Onion protocol to encrypt its messages with different layers of encryption. Once a secure connection to all servers is established, the system then makes use of ‘Authentication Encryption’ in order to verify the authenticity of the encrypted messages, using less computation power, but providing better speeds for data transfers compared to TOR.
- Hackers claim to launched DDoS attack that crashed Pokémon Go servers
A group of hacker claimed responsibility for taking down Pokémon Go servers, although Niantic did not verify the attack a hacking team called OurMine has spent the past several hours hitting Pokémon Go’s login servers with a distributed denial of service (DDoS) attack, leaving some players frustrated and unable to log in to the game. The group said it would not stop the attack until representatives from Pokémon Go contacted them. In a post on its website, the group wrote: “No one will be able to play this game till Pokémon Go contact us on our website to teach them how to protect it!” Pokémon Go access was spotty throughout Sunday, with users complaining about the server outage. A DDoS attack works by flooding a server with traffic so that it can’t be accessed by legitimate users. OurMine tried to prove that it was behind the attack on Pokémon Go by notifying TechCrunch before the attack started.
Cyber Security Tips: User have to wait until Pokémon team solve the issue, Pokémon team need to improve its servers security by monitoring activities, use IDS, IPS , Firewall for filtering flooding request.