India Pakistan conflict along IB and LoC (July 2021)

doreamon

Senior Member
Joined
Mar 24, 2019
Messages
2,430
Likes
11,239
Country flag
Wtf is FTFA? It's hilarious to see porkies getting angry and feeling so helpless lmao.
FTFA == FATF ( financial action task force ) .. He wants to risk sanction by FATF by promoting terrorism in India ... He is angry while typing .. thats why the mistake .. U had feel the same if security apparatus of your country was promoting jihad in a self destructive mode in the name of strategic depth ..
 

another_armchair

Senior Member
Joined
Feb 28, 2019
Messages
3,625
Likes
17,798
Country flag
Pretty much I expect the govt to strike across the board.

Our chinese front is heavily fortified and secured which means the govt might look beyond terror camps but at conventional military target's.
Yup.

What we could not accomplish post Balakot could be done now hopefully, just in time before UP elections if the inbred Pakis do something spectacularly stupid and blame it on a false flag op.

I suspect the dice has already been cast... we are just waiting for the numbers to show up gauging from the frenzied chatter.
 

Knowitall

Tihar Jail
Banned
Joined
Jan 31, 2019
Messages
5,351
Likes
21,336
You know guys , I am feeling sad for Pakistan

What NZ did was like a kick in the
" nut sack " 🤣🤣

If they had not come to Pakistan ,it would have been OK

Pakis are crying a lot on PDF And threatening terror attacks in India as Revenge
@everyone peedf ka SS post karo.
 

another_armchair

Senior Member
Joined
Feb 28, 2019
Messages
3,625
Likes
17,798
Country flag
I have a question

so, when country goes to full war do all offices, etc close??
Nope.

Administration goes into civil defence overdrive instructing people about dos and don'ts.

Pamphlets are distributed in places likely to be hit by air, people are educated etc but no curfew as such.

Offices should function as usual unless its raining bombs and arty or the entire national electric and internet grid is down and out.

Most of Kargil was open throughout the conflict.
 

mokoman

Senior Member
Joined
May 31, 2020
Messages
2,287
Likes
11,737
Country flag
What it means?
software can have mistakes / bugs in them , hackers/virus writers can use it to get access into computers , steal data.

zero day means , it was just discovered , which means pretty much all windows installations are vulnerable

i am guessing we used a bug in windows to hack into PK / Chinese windows installed computers.
 

mokoman

Senior Member
Joined
May 31, 2020
Messages
2,287
Likes
11,737
Country flag

Article says we brought windows bugs from US company , and "shot gun blasted" windows computers in Pakistan and China.

Kaspersky Antivirus company is calling the user (probably Indian agency) "Bitter APT"

mostly targeting China and Pakistan since 2013 , 😍😍

we targeted chinese foreign affairs website

 

AMCA

Senior Member
Joined
May 19, 2017
Messages
2,264
Likes
13,696
Country flag
Exclusive: An American Company Fears Its Windows Hacks Helped India Spy On China And Pakistan
Thomas Brewster
Forbes Staff
Cybersecurity
Associate editor at Forbes, covering cybercrime, privacy, security and surveillance.


Exodus Intelligence zero days used by India on China

American companies, whether they mean to or not, are facilitating global cyberespionage, far away from U.S. borders.
JOHN MACDOUGALL/AFP VIA GETTY IMAGES

A U.S. company’s tech was abused by the Indian government, amidst warnings Americans are contributing to a spyware industry already under fire for being out of control.

Earlier this year, researchers at Russian cybersecurity firm Kaspersky witnessed a cyberespionage campaign targeting Microsoft Windows PCs at government and telecom entities in China and Pakistan. They began in June 2020 and continued through to April 2021. What piqued the researchers’ interest was the hacking software used by the digital spies, whom Kaspersky had dubbed Bitter APT, a pseudonym for an unspecified government agency. Aspects of the code looked like some the Moscow antivirus provider had previously seen and attributed to a company it gave the cryptonym “Moses.”
Moses, said Kaspersky, was a mysterious provider of hacking tech known as a “zero-day exploit broker.” Such companies operate in a niche market within the $130 billion overall cybersecurity industry, creating software—an “exploit”—that can hack into computers via unpatched vulnerabilities known as “zero days” (the term coming from the fact that developers have “zero days” to fix the problem before it’s publicly known). They act like super-powered lockpicks, finding loopholes in operating systems or apps to allow a hacker or spy to break into targets’ digital lives. So rare are such exploits, they can fetch upwards of $2 million each. Buyers wielding them have the power to either protect themselves from those who might have knowledge of the relevant zero day, or to inflict massive damage on others. For instance, attackers used at least one zero in an infamous 2020 attack on $2.5 billion market cap software provider SolarWinds and many of its customers—from U.S. government departments to tech giants like Cisco and Microsoft. The attacks cost SolarWinds at least $18 million, with warnings that the overall figure, counting the cost for SolarWinds customers who were also compromised, could get into the tens of billions.

Sometimes American companies aren’t the victims, but the ones fueling costly digital espionage. Moses’ real identity, Forbes has learned, is an Austin, Texas, company called Exodus Intelligence, according to two sources with knowledge of the Kaspersky research. And Bitter APT, the Moses customer, is India, added one source.
Little known outside of the cybersecurity and intelligence worlds, over the last ten years, Exodus has made a name for itself with a Time magazine cover story and the leak of a tool that law enforcement used to hack the anonymizing browser Tor to ensnare child predators. It also claims partnerships with the Defense Department’s research agency Darpa and major tech firms like Cisco and Fortinet, a $2.6 billion (2020 sales) cybersecurity outfit. “They’re significant because the size of the market is relatively small, and the skill set required [to find zero days] is in possession of just a few thousand people worldwide at any given time,” says Katie Moussouris, founder of Luta Security and creator of Microsoft’s bug bounty program to reward hackers for vulnerability disclosures.
Exodus, when asked by Five Eyes countries (an alliance of intelligence-sharing countries that includes the U.S., U.K., Canada, Australia, and New Zealand) or their allies, will provide both information on a zero-day vulnerability and the software required to exploit it. But its main product is akin to a Facebook news feed of software vulnerabilities, sans exploits, for up to $250,000 a year. It’s marketed primarily as a tool for defenders, but customers can do what they want with the information on those Exodus zero days—ones that typically cover the most popular operating systems, from Windows to Google’s Android and Apple’s iOS.

That feed is what India bought and likely weaponized, says 37-year-old Exodus CEO and cofounder Logan Brown. He tells Forbes that, after an investigation, he believes India handpicked one of the Windows vulnerabilities from the feed—allowing deep access to Microsoft’s operating system—and Indian government personnel or a contractor adapted it for malicious means. India was subsequently cut off from buying new zero-day research from his company in April, says Brown, and it has worked with Microsoft to patch the vulnerabilities. The Indian use of his company’s research was beyond the pale, though Exodus doesn’t limit what customers do with its findings, Brown says, adding, “You can use it offensively if you want, but not if you’re going to be . . . shotgun blasting Pakistan and China. I don't want any part of that.” (The Indian embassy in London hadn’t responded to requests for comment.)
The company also looked at a second vulnerability Kaspersky had attributed to Moses, another flaw that allowed a hacker to get higher privileges on a Windows computer. It was not linked to any particular espionage campaign, but Brown confirms it was one of his company’s, adding that it would “make sense” that India or one of its contractors had weaponized that vulnerability, too.
Brown is also now exploring whether or not its code has been leaked or abused by others. Beyond the two zero days already abused, according to Kaspersky, “at least six vulnerabilities” made by Moses have made it out “into the wild” in the last two years. Also according to Kaspersky, another hacking crew known as DarkHotel—believed by some cybersecurity researchers to be sponsored by South Korea—has used Moses’ zero days. South Korea is not a customer of Exodus. “We are pretty sure India leaked some of our research,” Brown says. “We cut them off and haven’t heard anything since then . . . so the assumption is that we were correct.”
 

IndianYonko

Senior Member
Joined
Aug 21, 2020
Messages
1,520
Likes
6,139
Country flag
Exclusive: An American Company Fears Its Windows Hacks Helped India Spy On China And Pakistan
Thomas Brewster
Forbes Staff
Cybersecurity
Associate editor at Forbes, covering cybercrime, privacy, security and surveillance.


Exodus Intelligence zero days used by India on China

American companies, whether they mean to or not, are facilitating global cyberespionage, far away from U.S. borders.
JOHN MACDOUGALL/AFP VIA GETTY IMAGES

A U.S. company’s tech was abused by the Indian government, amidst warnings Americans are contributing to a spyware industry already under fire for being out of control.

Earlier this year, researchers at Russian cybersecurity firm Kaspersky witnessed a cyberespionage campaign targeting Microsoft Windows PCs at government and telecom entities in China and Pakistan. They began in June 2020 and continued through to April 2021. What piqued the researchers’ interest was the hacking software used by the digital spies, whom Kaspersky had dubbed Bitter APT, a pseudonym for an unspecified government agency. Aspects of the code looked like some the Moscow antivirus provider had previously seen and attributed to a company it gave the cryptonym “Moses.”
Moses, said Kaspersky, was a mysterious provider of hacking tech known as a “zero-day exploit broker.” Such companies operate in a niche market within the $130 billion overall cybersecurity industry, creating software—an “exploit”—that can hack into computers via unpatched vulnerabilities known as “zero days” (the term coming from the fact that developers have “zero days” to fix the problem before it’s publicly known). They act like super-powered lockpicks, finding loopholes in operating systems or apps to allow a hacker or spy to break into targets’ digital lives. So rare are such exploits, they can fetch upwards of $2 million each. Buyers wielding them have the power to either protect themselves from those who might have knowledge of the relevant zero day, or to inflict massive damage on others. For instance, attackers used at least one zero in an infamous 2020 attack on $2.5 billion market cap software provider SolarWinds and many of its customers—from U.S. government departments to tech giants like Cisco and Microsoft. The attacks cost SolarWinds at least $18 million, with warnings that the overall figure, counting the cost for SolarWinds customers who were also compromised, could get into the tens of billions.

Sometimes American companies aren’t the victims, but the ones fueling costly digital espionage. Moses’ real identity, Forbes has learned, is an Austin, Texas, company called Exodus Intelligence, according to two sources with knowledge of the Kaspersky research. And Bitter APT, the Moses customer, is India, added one source.
Little known outside of the cybersecurity and intelligence worlds, over the last ten years, Exodus has made a name for itself with a Time magazine cover story and the leak of a tool that law enforcement used to hack the anonymizing browser Tor to ensnare child predators. It also claims partnerships with the Defense Department’s research agency Darpa and major tech firms like Cisco and Fortinet, a $2.6 billion (2020 sales) cybersecurity outfit. “They’re significant because the size of the market is relatively small, and the skill set required [to find zero days] is in possession of just a few thousand people worldwide at any given time,” says Katie Moussouris, founder of Luta Security and creator of Microsoft’s bug bounty program to reward hackers for vulnerability disclosures.
Exodus, when asked by Five Eyes countries (an alliance of intelligence-sharing countries that includes the U.S., U.K., Canada, Australia, and New Zealand) or their allies, will provide both information on a zero-day vulnerability and the software required to exploit it. But its main product is akin to a Facebook news feed of software vulnerabilities, sans exploits, for up to $250,000 a year. It’s marketed primarily as a tool for defenders, but customers can do what they want with the information on those Exodus zero days—ones that typically cover the most popular operating systems, from Windows to Google’s Android and Apple’s iOS.

That feed is what India bought and likely weaponized, says 37-year-old Exodus CEO and cofounder Logan Brown. He tells Forbes that, after an investigation, he believes India handpicked one of the Windows vulnerabilities from the feed—allowing deep access to Microsoft’s operating system—and Indian government personnel or a contractor adapted it for malicious means. India was subsequently cut off from buying new zero-day research from his company in April, says Brown, and it has worked with Microsoft to patch the vulnerabilities. The Indian use of his company’s research was beyond the pale, though Exodus doesn’t limit what customers do with its findings, Brown says, adding, “You can use it offensively if you want, but not if you’re going to be . . . shotgun blasting Pakistan and China. I don't want any part of that.” (The Indian embassy in London hadn’t responded to requests for comment.)
The company also looked at a second vulnerability Kaspersky had attributed to Moses, another flaw that allowed a hacker to get higher privileges on a Windows computer. It was not linked to any particular espionage campaign, but Brown confirms it was one of his company’s, adding that it would “make sense” that India or one of its contractors had weaponized that vulnerability, too.
Brown is also now exploring whether or not its code has been leaked or abused by others. Beyond the two zero days already abused, according to Kaspersky, “at least six vulnerabilities” made by Moses have made it out “into the wild” in the last two years. Also according to Kaspersky, another hacking crew known as DarkHotel—believed by some cybersecurity researchers to be sponsored by South Korea—has used Moses’ zero days. South Korea is not a customer of Exodus. “We are pretty sure India leaked some of our research,” Brown says. “We cut them off and haven’t heard anything since then . . . so the assumption is that we were correct.”
I didn't like the timing and the tone. Plus directly calling India out, Its not like India would have went ahead and bought these feeds using name of org. as union of India.
 

Latest Replies

Global Defence

Articles

Top