Advocate (Dr.) Prashant Mali's Blog

Petya/Petwrap ransomware What is Petya Ransomeware do? Ans:  Ransomware, Petya does not encrypt files on a targeted system one by one. Instead, Petya reboots victims computers and encrypts the hard drive's master file table (MFT) and rendering the master boot record (MBR) inoperable, restricting access to the full system by seizing information about file names, sizes, and location on the physical disk. Petya replaces the computer's MBR with its own malicious code that displays the ransom note and leaves computers unable to boot. Why it spreads fast? Ans : Petya ransomware successful in spreading because it combines both a client-side attack (CVE-2017-0199) and a network based threat (MS17-010) So patch both first! Affected countries: UK, Ukraine, India, the Netherlands, Spain, Denmark, and others Behavior: Encrypts MFT (Master File Tree) tables for NTFS partitions and overwrites the MBR (Master Boot Record) with a custom bootloader that s

Electronic Evidence where to find in files  Windows Searches — For years, one challenge in digital investigative analysis has been proving a user not only had something significant to an investigation on their computer, but that he knew it was on there. Two of the easiest ways help prove knowledge of a file is to prove the user was searching for it or accessed it. In order for Microsoft to enhance the user experience, Windows tracks the names of files you access and search for in multiple locations. As previously discussed, the Windows registry is essentially several databases called registry hives. Each user has his own primary registry hive called the NTUSER.DAT. This registry hive tracks information specific to each user’s activity and preferences. Starting in Windows 7, when a user conducts a search on his computer using the Windows search function or the “Charm Bar” in Windows 8-10 (the magnifying glass that appears when you move your mouse to the right edge of the screen

Cybercrime : HOW TO SERVE SUMMONS, PROCESS, WARRANT TO PARTY RESIDING ABROAD- Comprehensive guidelines referred to in Letter No. 55019/17/2017-Legal Cell, dated ______ of Internal security Division, Ministry of Home Affairs regarding service of summons/notices/judicial process on persons residing abroad. -- 1. Section 105 of Criminal Procedure Code (CrPC) speaks of reciprocal arrangements to be made by Central Government with the Foreign Governments with regard to the service of summons / warrants / judicial processes. The Ministry of Home Affairs has entered into Mutual Legal Assistance treaty/Agreements with 22 countries which provide for serving of documents. These countries are Switzerland, Turkey, United Kingdom, Canada, Kazakhastan, United Arab Emirates, Russia, Uzbekistan, Tajikistan, Ukraine, Mongolia, Thailand, France, Bahrain, South Korea, United States of America, Singapore, South Africa, Mauritius, Belarus, Spain and Kuwait. In other cases the ministry makes a

Cyber Security Questions for Board of Directors. Although Board of directors have added cybersecurity risk to their agendas, there is no standard way for boards to think about cybersecurity, much less time-tested guidelines to help them navigate the issue. For boards, cybersecurity is an issue of enterprise risk. As with all enterprise risks, the key focus is mitigation, not prevention. This universally understood enterprise risk guideline is especially helpful in the context of cybersecurity because  no one can prevent all cyber breaches . Every company is a target, and a sufficiently motivated and well-resourced adversary can and will get into a company’s network. Consequently, terms like “cyber defense” are insufficient descriptors of an effective posture because they evoke the image that corporations can establish an invincible perimeter around their networks to prevent access by bad actors. Today, it’s more accurate to think of the board-level cybersecurity review goa

Section 66(D) Cyber Crime - THE MYSTERY BEHIND HOAX MAIL SOLVED –ONE HELD                          On 20-04-2017, the sleuths of Commissioner’s Task Force, West Zone team with the assistance of S.R Nagar police, on credible information made sustained efforts and solved the mystery behind hoax mail which was generated from Hyderabad.   Details of apprehended Accused :- Motaparthi Vamshi Krishna @ vamshi chowdary S/o. M.A.sV. Prasad, age. 32 yrs, Occ. Transport agent  R/o. Flat no.G-1, TP Sanjana  Amrutha Residency, Miyapur, R.R.Dist, N/o.  Dendullur (village & Mandal), West Godavari Dist, A.P.  Brief facts On 15-04-2017 at 1647 hours commissioner of police,Mumbai received a mail from a mail ID ununn0801@gmail.com  claimed to be woman in the email and stated that she overheard six men chating in a hotel and stating that all 23 people have to split from here and board flights in three cities i.e Hyderabad, Chennai and Mumbai to hijack planes at a time tomorrow.  On th

Is Credit or Debit Card  PIN a Electronic Signature as per the Law ? For Lawyers across the world, click and wrap agreement i.e. the act of ticking an icon in the shape of a box to accept the terms of a contract can hardly count as a form of signature. In the physical world, that must be right. Similarly, it might be questioned that a personal identity number (PIN) can also be considered to be an electronic signature. Arguably, the PIN combines two functions. Before considering the two functions, consider the requirements of the bank. The bank needs to satisfy itself that: 1. The card is legitimate (this is difficult to achieve, as the reports about fraud demonstrate), and 2. The card is in the possession of the customer to whom it was issued, or a person authorised by the customer to use the card. If the bank satisfies itself that its computer systems are interacting with the card issued to the customer (which is not always the case), then the computer system requests