[Owasp-delhi] [Owasp-Mumbai] Songs.pk can be used to hack Indian Networks!

Samrat Chatterji samrat.chatterji at tcs.com
Thu Jan 8 00:02:10 EST 2009


Dear  OWASP LISTS,
Sincere apologies, if my view are a little offensive.
I suppose this group is for sharing core security related issues and 
concerns facing the Info-Sec world.But unfortunately this is turning into 
a simple friends group mailing list, where people discuss phoney issues, 
give abusive comments etc.
Senior Info-Sec people are on this list and members should respect there 
presence and follow a professional gesture, instead we see emotions,anger 
?? 

I propose that  we should restrain ourselves and think before we write a 
mail. I don't think that any of us would like to face a situation where 
you happen to meet your CEO/ CSO and he addresses you as " You are the 
person who abused a country in a global community's mailing list ?? "

Kindly think before we write. And also , be brief and concise to write 
only the relevant facts not beliefs/thoughts. For personal thoughts 
sharing we all have our personal e-mails, kindly use those. And yes .. If 
we are allowing abusive language on this list , i suppose we all should 
consider our motto as to , why are we on this list ???
Please contribute constructively to the list.
Kindly think about it... ALL MEMBERS !!!

Samrat Chatterji
Security Analyst
Tata Consultancy Services




nileshkumar83 at gmail.com 
Sent by: owasp-delhi-bounces at lists.owasp.org
01/07/2009 11:37 AM

To
"chintan dave" <davechintan at gmail.com>, "Yash Kadakia" 
<teccoder at gmail.com>, "Yogesh Badwe" <yogeshmb at gmail.com>
cc
owasp-delhi at lists.owasp.org, owasp-mumbai at lists.owasp.org
Subject
Re: [Owasp-delhi] [Owasp-Mumbai] Songs.pk can be used to hack   Indian 
Networks!






Hi Chintan, Yash,
 
 
     I share my views with Mr. Yogesh Badwe that it's not an issue of what 
the Indian,Pakistani....or African media is saying and against whom. The 
matter is if there is smoke...there 'might be' fire somewhere. And if not, 
we as security professionals should remain updated of any fake/true news. 
Any 'hoax bomb call' is also a matter of great concern.
 
This community is for sharing any fake/unfake news and we should not 
simply put is as media overhype. I got the news and put here..just simple. 
At least we can be careful and this kind of thing might occur in the 
current scenario of Indo-Pak, at least they can intesify at the time 
being. This is not out of the world thing.
 
Anyways, thanks to all learned people for an enlightening discussion.
 

 
On Wed, Jan 7, 2009 at 6:44 AM, chintan dave <davechintan at gmail.com> 
wrote:
Hi,
@ Nilesh - First of all I would like to thank you to take time off your 
busy schedule to share news with the group.

I do not understand what is wrong with us? Why do we just keep on 
criticizing? 

I think everyone on the group is mature enough to identify the so called 
"Over hyped" news. If you think that the news is crap, fine, just ignore, 
no one needs your personal advice on what media should do and what not! 

I guess we all are here to share facts or may be opinions when explicitly 
solicited by other group members. Its always debatable whether what media 
reported is correct or not and the reader is "the" judge.

I'd appreciate if we can stop this bullshit of critizing. If we can't 
admire people sharing things, lets not discourage them. If its not useful 
for you, ignore it.

On Tue, Jan 6, 2009 at 9:51 PM, Yash Kadakia <teccoder at gmail.com> wrote:
Hi Nilesh,
 
First off, I would not believe anything the Indian (or most International) 
media have to say about Cyber Security, unless they are quoting a reliable 
named source.
 
Secondly, this is nothing more than the media taking a simple concept such 
as a possibly infected web-site and turning it into a  indo-pak issue. 
 
As a fact I can tell you that in this last week, I have run across 
web-sites from at least 7 different LARGE group of companies that had 
their web-sites compromised and malicious JavaScript injected into it. The 
malicious JavaScript was in-turn attempting drive-by-downloads and common 
IE exploits to compromise users. This definitely doesn't mean that those 
companies are targeting Indians, Pakistanis or anyone else. It is simply 
an IT Incident that is most likely not connected to politics in any way.
 
--
Yash Kadakia
 
From: owasp-mumbai-bounces at lists.owasp.org [mailto:
owasp-mumbai-bounces at lists.owasp.org] On Behalf Of nileshkumar83 at gmail.com
Sent: Tuesday, January 06, 2009 11:11 AM
To: owasp-delhi at lists.owasp.org; owasp-mumbai at lists.owasp.org
Subject: [Owasp-Mumbai] Songs.pk can be used to hack Indian Networks!
 
Hi All!
 
   I just went through an article this morning that the hugely polpular 
song site among Indians www.songs.pk can be used to make ypur PCs botnets 
or zombies by the Pakistani hackers. So avoid the site for the time being 
at least!
 
Just have a look at the article:
 
http://www.rediff.com/news/2009/jan/06mumterror-pakistan-india-hackers-internet-cyber-war.htm


-- 
Thanks & Regards,
Nilesh Kumar,
Security Specialist | Governance Risk Compliance
www.linkedin.com/in/nileshkumar83
Mobile- +91-9891524880

_______________________________________________
OWASP-Mumbai mailing list
OWASP-Mumbai at lists.owasp.org
https://lists.owasp.org/mailman/listinfo/owasp-mumbai




-- 
Regards,
Chintan Dave,
KPMG Singapore
LinkedIn Profile: http://www.linkedin.com/in/chintandave
Blog:http://davechintan.blogspot.com



-- 
Thanks & Regards,
Nilesh Kumar,
Security Specialist | Governance Risk Compliance
www.linkedin.com/in/nileshkumar83
Mobile- +91-9891524880_______________________________________________
Owasp-delhi mailing list
Owasp-delhi at lists.owasp.org
https://lists.owasp.org/mailman/listinfo/owasp-delhi

ForwardSourceID:NT0000553E 
=====-----=====-----=====
Notice: The information contained in this e-mail
message and/or attachments to it may contain 
confidential or privileged information. If you are 
not the intended recipient, any dissemination, use, 
review, distribution, printing or copying of the 
information contained in this e-mail message 
and/or attachments to it are strictly prohibited. If 
you have received this communication in error, 
please notify us by reply e-mail or telephone and 
immediately and permanently delete the message 
and any attachments. Thank you


-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-delhi/attachments/20090108/4a8f1d44/attachment-0001.html 


More information about the Owasp-delhi mailing list