If you are having trouble viewing this email, click here to view this online



   ISSUE 60

27 July  2016

Article of the Month Around the World

Mark Zuckerberg tapes over his webcam. Should you?

Does covering his laptop camera and microphone with tape make Facebook�s boss paranoid, or are they really after him? Probably a bit of both


Mark Zuckerberg celebrates 500 million monthly active users on Instagram � but he also revealed a lot about himself by leaving his laptop in the background

Don�t worry, Mark Zuckerberg: Just because you�re paranoid doesn�t mean they aren�t after you. And as the richest millennial in the world, you can probably be confident that someone, somewhere, is after you.

Which is why it makes perfect sense that you�ve joined the growing number of people doing a little DIY hardware hacking, and disabling their computer�s webcam and microphone. Even if a sneaky hacker does manage to penetrate your security, they�re not going to be seeing you in your tighty whities.

Yes folks, Zuckerberg tapes over his webcam. The billionaire made the (accidental?) revelation in a Facebook post intended to promote Instagram reaching its latest milestone of half a billion monthly active users.

In the picture Zuckerberg posted, of himself framed by a cardboard Instagram UI (cute), his laptop is visible in the background. And as Christopher Olson pointed out, that laptop has some weird accoutrements:


3 things about this photo of Zuck:

  • Camera covered with tape

  • Mic jack covered with tape

  • Email client is Thunderbird


O(And yes, that really does seem to be his laptop. Gizmodo�s William Turton notes that it�s the same desk the Face-boss gave a tour of on Facebook Live back in September.)

Thunderbird is an email client, for what it�s worth, which is made by Firefox creators Mozilla. Unlike Firefox, though, it�s never really taken off in the wider world, and development has rather stalled in the past five years. It may not even be Thunderbird that Zuckerberg has installed � others think it�s a Cisco VPN client.

Taping over the sensors and a particularly geeky mail client might seem paranoid. But to be fair to Zuckerberg, he�s not the only one taking a look at his webcam and wondering if it�s worth the risk.


Take the FBI�s director, James Comey: �I put a piece of tape over the camera because I saw somebody smarter than I am had a piece of tape over their camera.� The American digital rights group EFF sells webcam stickers, and told the Guardian�s Danny Yadron �people purchase these regularly�.

Even experts who don�t cover their cameras think they should. Why doesn�t Matthew Green, an encryption expert at Johns Hopkins University? �Because I�m an idiot,� he told Yadron.

�I have no excuse for not taking this seriously � but at the end of the day, I figure that seeing me naked would be punishment enough.�

While Zuckerberg probably does have any number of advanced persistent threats trying to break his digital security, normal people shouldn�t be too complacent either. Installing backdoors on compromised computers is a common way for some hackers to occupy their time.


According to a 2013 report in tech news site Ars Technica, sites such as Hack Forums contain threads full of people comparing and trading images of �slaves�, people whose computers they have broken into and taken control of. �One woman targeted by the California �sextortionist� Luis Mijangos wouldn�t leave her dorm room for a week after Mijangos turned her laptop into a sophisticated bugging device,� Ars� Nate Anderson wrote. �Mijangos began taunting her with information gleaned from offline conversations.�

Mac users, like Zuckerberg, can rest a bit easier: unlike most Windows laptops, the light next to a Mac�s webcam is controlled deeply in the hardware, and so it�s very hard to turn the webcam on without also turning on the warning light. Hard, but not impossible.

So should you copy Zuckerberg? Probably. It doesn�t hurt, most of the experts do it, and it could minimise damage � even if it�s just emotional � in the case of a catastrophic hack. But maybe don�t use Thunderbird. Some things are just too much hassle.


This article originally published in: The Guardian



























1 Statistics on the Internet growth in Sri Lanka
2.The Dragon Research Group (DRG)
3.TSUBAME (Internet threat monitoring system) from JPCERT | CC
4.Shadowserver Foundation
5. Team Cymru

  Sri Lanka CERT|CC helps establish Tonga CERT
   "....Tonga National CERT acknowledged the help of APNIC, Council of Europe, Sri Lanka CERT|CC and Mauritius CERT in helping Tonga to establish its national Computer Emergency Response Team...."



"...A scathing congressional report points the finger at hackers sponsored by the Chinese government for their role in a series of hacks against the U.S. Federal Deposit Insurance Corp. (FDIC). The report also alleges the agency covered up the hacks in order to guarantee the appointment of current chairman Martin J. Gruenberg...."


'...To play Pok�mon Go, the mobile game that�s taken the internet by storm since its release July 6, you need to log in with an account. There are two ways to do this: You can create a user name on the Pok�mon Trainer Club, or you can use your existing Google account....'



'....Hacking Jeeps is about to get a lot more competitive. That�s because Jeep maker Fiat Chrysler Automobiles has launched a bug bounty program in conjunction with Bugcrowd that will payout as much as $1,500 per bug......'

Windows Server 2016 could cost you more than you think


'....A few years ago, Microsoft switched from per-processor to per-core licensing in SQL Server, and it's about to do the same with Windows Server 2016. You may not be thrilled with the results.....'


'...File hosting and cloud service company Dropbox recently announced several new additions to its software platform. These new updates might be just the thing to help workers get more done in less time.

The Dropbox iOS app now lets you scan documents from blueprints to receipts using an iPhone camera. Users can also edit the files in the app, like change the contrast on a document to make it more legible.......'

Month in Brief
Facebook Incidents Reported to Sri Lanka CERT|CC in June  2016
  Statistics - Sri Lanka CERT|CC

Billion-dollar scams: The numbers behind BEC fraud

'"...Business email compromise (BEC), or CEO fraud, continues to be the bane of companies in 2016. BEC scams are low-tech financial fraud in which spoofed emails from CEOs are sent to financial staff to request large money transfers. While they require little expertise and skill, the financial rewards for the fraudsters can be high. An Austrian aerospace manufacturer recently fired its president and CFO after it lost almost US$50 million to BEC fraudsters....'

Ransomware that demands money and gives you back� nothing!

'...Ransomware isn�t a laughing matter, especially if you�re the victim.

Even if you don�t lose any data in the attack, it�s a bit like getting mugged by crooks who end up running off without your wallet.

But we couldn�t help cracking a bit of a smile at this one, blocked by Sophos products as Troj/Ransom-DJC:....'

5 things you should know about password managers

"...New data breaches are coming to light almost weekly and they reveal a simple but troubling fact: many people still choose weak passwords and reuse them across multiple sites. The reality is, remembering dozens of complex passwords is almost impossible, and carrying them around on a scrap of paper that you have to keep updating is a huge hassle. That�s why password managers exist. Here�s why they�re important, and how to get the most out of them......"
Keydnap malware opens backdoor, goes after passwords in OS X keychain

'...Keydnap has the ability to steal passwords and keys stored in the victim�s OS X keychain, and to establish a permanent backdoor into the system, allowing the attacker to update the malware or uninstall it, download and execute files and Python scripts from a URL, and request administrator privileges the next time the user runs an application....."
Notice Board
  Training and Awareness Programmes - July  2016
29th Jun � 03rd Jul Education Leadership Development Center, Meepe A/L Syllabus training
  26th July Ananda Balika Vidyalaya Hingurakgoda  Strengthening ICT Society  
  27th July Youth Center, Hingurakgoda  Strengthening ICT Society  
  26th July Ananda Balika Vidyalaya Hingurakgoda Girls in ICT Day. 

Brought to you by: