Advocate (Dr.) Prashant Mali's Blog

Types of Cyber Attacks There are several effective methods for disrupting computer systems. We are talking of a method known as cyber attack, or computer network attack , which uses malicious computer code to disrupt computer processing, or steal data.  A brief description of three different methods are shown here. However, as technology changes, future distinctions between these methods may begin to blur. An attack against computers may be targeted or un-targeted (i) disrupt equipment and hardware reliability, (ii) change processing logic, or (iii) steal or corrupt data. The methods discussed here are chosen based on the technology asset against which each attack mode is directed, and the effects each method can produce. The assets affected or effects produced can sometimes overlap for different attack methods.  Conventional kinetic weapons can be directed against computer equipment, a computer facility, or transmission lines to create a physical attack that disrupts

WHAT IS THE ZERO-DAY VULNERABILITY  ?  A zero-day vulnerability is a previously unknown flaw in a computer program that exposes the program to external manipulation. Zero-day vulnerabilities have been found in many OS & programs, including Chrome, Internet Explorer, Adobe, and Apple products. Zero-day vulnerabilities also appear in software running critical infrastructure, such as power plants. What differentiates a zero-day from other computer vulnerabilities, and what makes it valuable, is that it is unknown to the software’s makers and users. Whoever has knowledge of a zero-day can exploit it from the “zero-th” day of its discovery, until the software maker or users learn of it and fix the vulnerability. What makes a zero-day vulnerability different from other cyber tools is that it is simply information. A zero-day encapsulates the knowledge that X could happen if you do Y. As Auriemma and Ferrante of ReVuln, a zero-day seller, argue, “we don’t sell weapons, we sell infor

What precautions Bank Customers need to take against frauds .. Adv. Prashant Mali, Cyber Security & Law Expert 1. Hold extra money in fixed Deposits and with written instructions to bank that no online Fd transfers. 2. Avoid any banking over phone lots of Vishing scams are happening, it is better to keep the phone down when some one says calling from bank. Till the scams are weeded out by banks or police. 3. If your SIM is deactivated, it normally happens on weekends, immediately call the bank from another phone and freeze you bank account, coz SIM exchange fraud may be happening. 4. Change your PIN number and passwords today, they are already leaked in the international market. Or your "true caller" database has it on their server. 5. Do not do banking from cyber cafe or from any office coz they keep all your logs and data officially , trust me human mind can go corrupt. 6. Today, go to the settings option of your Gmail and check for any filters or any forwarding instruc

Being a public document, the FIR  cannot be withheld from public domain and would not only lend credence but would bring transparency in the working if the Police Department in case the same is put in public domain. . In this background, it has become imperative that certain directions be issued. Therefore, taking cue from the judgment passed by the learned Division Bench of Delhi High Court, the following directions are issued:- (i) The accused is entitled to get a copy of the First Information report at an earlier stage as prescribed under Section 207 of the Cr.P.C. (ii) An accused who has reasons to suspect that he has been roped in a criminal case and his name may be finding place in a First Information Report can submit an application through his representative/agent/parokar for grant of a certified copy before the concerned police officer or to the Superintendent of Police on payment of such fee which is payable for obtaining such a copy from the court. On such applicati

If police refuses to register your FIR then what to do ? Its a very common phenomenon that people are saying that police is not lodging their FIR. Even sometimes people are ill-treated by the police. If Police officer concerned (SHO), refuses to Register complaint/FIR, than by virtue of section 154(3), of CRPC a written Complaint may be send by Post to the Superintendent of Police (SP) or the Commissioner of Police (in Metropolitan areas); If Superintendent of Police or the Commissioner of Police (in Metropolitan areas) is satisfied that the Complaint discloses cognizable offence, he may himself investigate the case or cause the investigation of the case by any Police officer subordinate to him. Even after that if no any action has been taken then an application can be made under section 156(3) read with section 190 of Code of Criminal Procedure to a judicial Magistrate/ Metropolitan Magistrate thereby praying that police to

Hackers Can Turn Siri And Google Now Against You !!! 😎👊 One of the new features in iOS 9 is the ability to train Siri to only recognize your voice so your phone doesn’t respond to commands from just anybody. According to a report from Wired, though, a pair of researchers at ANSSI—a French government agency—have figured out a way to use radio waves to silently activate Siri or Android’s Google Now from across the room. The hack only works if the target device has Siri or Google Now enabled, and has headphones or earbuds plugged in that also have a microphone. Wired explains, “Their clever hack uses those headphones’ cord as an antenna, exploiting its wire to convert surreptitious electromagnetic waves into electrical signals that appear to the phone’s operating system to be audio coming from the user’s microphone.” In theory, the attack could be used to anything you can do using the Siri or Google Now voice interaction. The attacker could make calls, send text messages, open malicious