Friday, 16 August 2013

Reminder -- Cyberinfocts IT Security August Forum

Hi all, Cyberinfocts IT security August Forum - Tomorrow 17th August 2013 @ Appin Technology Lab No 2 Allen Avenue Ikeja Lagos Time: 9:00 am Registration fee:N500 For further details contact 07037288651



Who should attend:

Computer Users 

IT Professionals(Network, Database,Website Admins)

Legal Practitioners

Information Security Professionals(Hackers, Forensics Investigators)

Baby Monitor Hack Shows Weakness of Networked Cameras

Image via Flickr user Roxanne Ready
In an unbelievably creepy story out of Texas, a hacker took control of a video-enabled baby monitor to spy on and shout insults at a two-year old girl and her parents. The harrowing experience has shaken up the victimized family, and underlines just how unsafe some of these networked products really are.
Reportedly, Marc Gilbert heard a strange voice coming from his young daughter's room. Upon entering he was surprised to discover it was coming from the video camera baby monitor he and his wife used to keep an eye on their deaf child. Thankfully, her deafness meant that she missed the litany of obscenities the hacker spouted at her, Gilbert, and Gilbert's wife Lauren.
The Gilberts were using a Foscam camera setup, and had even changed the default passwords. What they didn't know was that their device had a known vulnerability, revealed back in April.
Foscam had already released a firmware patch for the camera, but that required consumers to download it themselves. Once a product is on shelves, it can be difficult if not impossible to inform consumers that they might be at risk.
We've Seen This Before
At Black Hat 2013, SecurityWatch was floored by a Tactical Network Solutions demonstration on similar cloud-enabled cameras. In fact, it was one of our top ten scariest stories from Black Hat.
During the demo, researcher Craig Heffner showed a stunned audience how they could not only feed a static image back to a camera in that famous heist movie maneuver, but use a hacked camera to attack networks. "I'm in your network, I can see you, and I'm root," said Heffner during the demo. "Not a bad position! I have root-level control of a Linux-based machine inside your network."
The really scary part? Security problems on cloud cameras aren't just limited to Foscam or even the ones Heffner used in his demonstration. When asked which cameras were susceptible to such attacks, Heffner quipped that he'd yet to find a camera he couldn't hack.
How to Stay Safe
This is tricky because as Heffner demonstrated, the technology used to secure these cameras is full of holes. Gilbert seems to have done more than most users and changed the default password—a surprisingly frequent avenue for attack.
The best advice we can offer is to carefully evaluate whether or not you really need networked cameras. Having the devices online is certainly convenient because you can check on them from anywhere, but it also leaves them wide open for attack. If cameras are a must-have in your home or office, consider closed-circuit models or ones that aren't exposed to outward-facing network connections.
Also, look to see if the camera has any firmware updates. Remember, the company might not always tell you when they push out such patches, no matter how critical they might be.
As we hurtle toward the brave new world of the Internet of Things, where everything from pacemakers to telephones are connected to the Web, stories like this are a sobering reminder that a digital life needs to include digital security.

New York Post and SocialFlow are latest victims of Twitter hackers

The New York Post has become the latest victim of a prolific hacking campaign targeting the social media accounts of worldwide media outlets – and SocialFlow, a social media company used by the Post and other media outlets, has also fallen victim.
The Syrian Electronic Army claimed responsibility for the attack – which compromised the newspaper’s official Facebook and Twitter accounts, as well as accounts for individual journalists, according to reports in Computing and elsewhere.
Sports writer Mike Puma’s account was used to post the message, “Syrian Electronic Army was here” and a link to the group’s own Twitter profile.
Posts on the official site for the hacktivist group showed off posts on the hacked acccounts, and that the group had also hacked SocialFlow, a social media platform used by the New York Post. “The Syrian Electronic Army hacked today “Social Flow” company website/accounts. SocialFlow is a social media optimization platform for leading brands and publishers. All of AlJazeera, WashingtonPost, New York Post and many media organizations uses Social Flow,” the group said in a statement on its official site.
A post saying, “Syrian Electronic Army was here,” appeared on the company’s official Twitter feed.
“Today an employee’s email account was compromised in a phishing attack,” SocialFlow said in a statement. “As a result, our Twitter and FB accounts were compromised. No customer access or data was compromised in this attack. As part of our security controls, we immediately took our service offline.”
The group has claimed responsibility for a series of high-profile hacks against media organizations and messaging apps over the past few months, with hacks targeting the Thomson Reuters, the Financial Times, CBS and chat apps such as Tango and Viber.
Previous attacks have compromised blog pages and app pages on Google Play, as well as leaking customer information and compromising official corporate Twitter feeds. In the wake of attacks earlier this year, Twitter sent out an email to media groups saying, “We believe that these attacks will continue, and that news and media organizations will continue to be high value targets to hackers.”

“Constant attack from malicious apps”: Facebook purge goes wrong

An outage which affected Facebook apps and developer accounts this week was caused by over-zealous attempts to disable malicious apps, the social network has admitted. The outage, which locked app developers out of their accounts, was caused by an attempted “purge” of malicious apps.
Facebook’s  Eugene Zarakhovsky admitted in a blog post that the outage was due to an attempt to find and disable malicious apps, saying, “The Facebook Platform and our users are constantly under attack from malicious apps and we have many automated systems to protect the platform and our users. Occasionally we detect an attack that requires us to augment those automated systems. Specifically, we identify a malicious pattern, find all the apps that match that pattern, and then disable those apps.”
“ We started with a broad pattern that correctly matched many thousands of malicious apps but, unfortunately, also matched many of your high quality apps,” Zarakhovsky said. “When we detected this error, we immediately stopped the process and began work to restore access. The process took longer than expected because of the number of apps affected and bugs related to the restoration of app metadata.”
Developers had complained about the outage on the Hacker News forums.  Facebook employees joined the discussion to reassure developers – technology news siteAllthingsD points out in its report that Facebook has attempted to court third-party developers this year.
“We have systems that block spammy apps that are 99.9% of the time really incredibly sophisticated and get a ~0% false positive rate. This is a case of the 0.1%. :( Folks here are scrambling to undo this,” an employee wrote.
Zarakhovsky said, “We will create better tools to detect overly broad patterns and put in place better processes to verify that all apps matched are indeed malicious.”
One commenter on Hacker News said, “Now if only they would disable user accounts, the world would be a better place.”

Justin Bieber’s AMAZING diet: Five social posts you should never click

Most of us have faced cyber attacks sent by our best friends – Facebook “offers” they’ve clicked by accident, spamming everyone on their friends list, or Twitter stories they’ve shared without checking.
Social networks are fertile ground for cybercriminals – and with big news stories driving surges of thousands of posts per minute, it can be difficult to spot which ones carry malware and scams.
ESET Security Evangelist Stephen Cobb says, “Can we trust our friends not to make questionable decisions on social media? Apparently not, because our friends might actually be scammers in disguise, or just not well-informed.”
Cobb offers a detailed guide to spotting scams and hoaxes here.
ESET’s Social Media Scanner offers a quick, free way to check out if that news story on Facebook is true – or a scam. It never hurts to be cautious, though – and here are five classic scammy and spammy posts you should NEVER click.
The “one-fact story” where people share without reading
Twitter’s text-only format lends itself to attacks where outrageous headlines are used to lure unwary users to share stories – without reading them. Celebrity news service E! News’s Twitter account to fall victim to hackers this year, with a series of false Tweets that began with a claim that Justin Bieber was gay.The Tweet, which said, “Breaking! Exclusive: Justin Bieber to E! online ‘I’m a gay’”, was retweeted 1,200 times. It is often safer to Google the subject of a link or type a website’s main URL into a browser instead of clicking the link.

The one where your friend breaks a global news story

If you see a news story pop in your feed, but only once, be suspicious. Big news usually spreads quickly, with multiple stories, spread by different friends and different sources. Facebook and Twitter malware often spreads as outrageous news stories – “World War II breaks out” was used a couple of years ago – usually directing people to upgrade their video software, thus downloading malware. Be suspicious of any out-there news story sharing on Facebook. Go outside Facebook, Google and check it – and if possible, don’t click, and don’t share.
The one which begs you for “Likes”
“Like” this post to get a freebie – or to help someone collect a million “Likes”? Any page that begs you for “Likes” should be treated with suspicion. Scammers use viral pages to build up hundreds of thousands of likes, then sell the pages on to other companies. Your “Likes” also remain visible forever – and could serve adverts to your friends. Any pages you have “Liked” are also now searchable in Facebook’s new Graph Search. Visit your Activity Log and make sure you haven’t “Liked” any companies, products or sites you wouldn’t want the world to know about.
Any post – on any network – which mentions diets
Scammers often hawk diets that offer “amazing weight loss” – so the mere mention of the word “diet” should make you nervous. Instagram saw one of its first large scale spam attacks this summer – pictures of fruit began showing up in users’ feeds, linking to a fake BBC news page headlined, ““Tropical Fruit Burns 17 Pounds in 22 Days. Exclusive Offer for Readers.” The images linked to a bogus page, disguised by URL shortening service
 The news outlet you’ve never heard of
At the peak of the frenzy surrounding the birth of the Royal baby,  23,500 tweets mentioning the news were sent per minute. Cybercriminals know this, and send out bogus news links to blend in with the flurry of “real” news. Have you heard of the news outlet? Is there something suspicious about the story? Don’t click the link – Google the story instead, or go to a site you trust.
The friend who sends you a gift card
These can actually look quite tempting when they arrive shared by a friend – but they’re usually scams.  “Gift cards” offering amazing freebies are a staple scam – and have been seen recently on picture-sharing networks such as Pinterest, where a stage of getting that “free gift” is, inevitably, to share the post to all your friends. The “gifts” don’t exist – instead, you’ll either end up handing over personal details, or worse, downloading malware.

CNN, Time and Washington Post websites hit by Syrian Electronic Army

Browser address bar with mouse cursor
Hacktivists from the notorious Syrian Electronic Army have targeted CNN, Time and The Washington Post, forcing their websites to redirect to its own page after a phishing attack.
Businesses have again been warned to be on their guard against this simple but effective attack method as it continues to catch out firms of all sizes.
It is unclear when the attack began and at the time of publishing none of the news outlets had responded to V3's request for comment on the attack, although the affected sites had returned to normal. Sophos security researcher, Chester Wisniewski, said the hacktivists managed to wrest control of the sites from the admins using a basic phishing attack.
"Almost always it boils down to the same basic principle. Human frailness. Phishing. Trickery. Lying. Deceit. This time it appears they were able to gain control of the administration panel of content recommendation service Outbrain," he wrote in a blog post.
"Once they were in they were able to plant code to redirect visitors of CNN, Time and The Washington Post to their own website. It is not clear whether they had full administrative control of Outbrain or whether they were simply able to compromise the logins of the three victim institutions."
The Syrian Electronic Army is a prolific hacktivist group that has targeted numerous media outlets and companies with similar attacks. Other key victims this week include SocialFlow and The New York Post. Imperva senior security strategist, Barry Shteiman, said the attacks' basic and uniform nature means companies could easily prepare and protect against them if they implemented even basic information-sharing measures.
"What is interesting with this trend of hacktivists going for the same group of targets is that there are most likely similarities in attack patterns and techniques and even attack sources. There is also a great chance that some of the targets use the same kind of platforms to present their website, so the target becomes similar as well. The reason it is so interesting, is because there is a crowd-sourced approach to solve this problem - sharing attack data between companies," he said.
"Media websites should see themselves as any other website that is trying to keep their website secured, by implementing web protections such as a web application firewall to defend the web applications themselves, alongside DDoS protection to defend against a potential (and likely) flood."
A lack of information sharing about cyber attacks between companies has been a growing concern for many governments.
In the UK, the government has implemented numerous initiatives designed to increase information sharing between the public and private sector as part of its ongoing Cyber Strategy. The largest of these is the Cyber Security Information Sharing Partnership (CISP), which launched in March.

PRISM: Businesses must rethink reliance on Gmail and Outlook due to privacy concerns

Businesses need to radically rethink their reliance on communications systems such as Gmail and Outlook to avoid falling victim to intelligence agencies' snooping, according to ex-Navy Seal and Silent Circle chief executive Mike Janke.
Janke said campaigns such as PRISM were only able to function because of the way businesses store data, adding that there are measures companies could and should take to protect themselves.
"We know that the capabilities of the current internet infrastructure mean the world's intelligence agencies no longer try to do brute force decryption. We know crypto works, which is why intelligence agencies have gone away from trying to collect encrypted data and decrypt it," he said.
"The latest numbers coming out of the Defense Advanced Research Projects Agency (DARPA) suggest it would take all of the world's supercomputers about 100 years to decrypt a single message. It's just not practical for them to try and decrypt things. The new target is metadata as it can tell them so much more. We want the rest of the world to understand simply because things are convenient like email, even if its encrypted, that it's not really secure because of the metadata."

The Silent Circle chief listed the misguided approach as a key reason many other intelligence agencies are likely to have similar schemes or have aided the US agency, listing it a key reason Silent Circle stopped running its Secure Mail service.
"The issue is that many government and intelligence agencies around the world are doing this and nobody knows because they're using secret courts to enact their powers, so the public never sees them," he said.
"We know how they work and we felt in danger from many, many countries and many security agencies. That's why we had to do scorched earth, there was no way around it."
He added that the way intelligence agencies operate means operations such as PRISM will continue to run until governments tell them to stop. "I know the NSA and GCHQ have a mission, an important one, I want them to protect citizens but since 9/11 they've gone too far. But, it's not necessarily their fault, they do what they do and if they're given an inch they'll take it. If they're given a mile, legislatively, they'll take that mile," he said.
"They will go to whatever extremes are allowed in the letter of the law when doing their job, so if they're allowed to collect all the world's data, they will. It's up to government and legislators to put controls and measures in place. In America and Europe we have the ability to control that. We have to educate the world about what's going on, about how much of people's privacy is gone, which is most of it, and actually have a calm conversation with governments to try and get it back."
Janke's comments come just after tech company Google argued Gmail users should not expect privacy, during a court case with US rights group Consumer Watchdog.
PRISM is a notorious data-collection campaign run by the NSA. It is believed to have siphoned vast amounts of data from numerous technology companies, including Microsoft, Google, Yahoo, Apple and Facebook. The NSA claims, however, that its agents only saw 0.00004 percent of the world's web traffic while conducting their PRISM missions.

Microsoft pulls critical Exchange Server 2013 security patch

Microsoft has pulled a critical security update for its Exchange Server, following reports it blocked users from searching the email inbox.
Microsoft's director of Test Ross Smith revealed the recall in a blog post, confirming that the patch will be re-released once the search issue is resolved.
"Late last night we became aware of an issue with MS13-061 security update for Exchange Server 2013. Specifically, after the installation of the security update, the Content Index for mailbox databases shows as Failed and the Microsoft Exchange Search Host Controller service is renamed," he wrote. "Due to this issue and that it affects all Mailbox server installations, we have decided to pull the MS13-061 security update temporarily."
Smith said the issue does not affect Exchange 2010 or Exchange 2007 and Microsoft has already released a workaround for businesses that have already installed the update. "If you have already installed MS13-061 security update on your Exchange 2013 servers, we recommend following the steps in KB 2879739 to resolve the issue," he wrote.
He added that those who have not installed the update should use a workaround to plug the security flaw. "If you have not installed MS13-061 security update on your Exchange 2013 servers, we recommend not proceeding with the update at this time," he wrote.
"To mitigate the security vulnerability, we recommend following the workaround steps identified in the 'Vulnerability Information – Oracle Outside In Contains Multiple Exploitable Vulnerabilities' section in Microsoft Security Bulletin MS13-061."
The security patch was released on Tuesday alongside other critical fixes for vulnerabilities in Microsoft's Internet Explorer and Unicode Scripts Processor services. Commentators in the security community have listed the recall as a semi-serious issue. Director of security research at Trustwave, Ziv Mador, said the nature of the vulnerability means hackers will inevitably try to take advantage of the delay, calling for businesses to use the workaround.
"Seeing as this is a critical update and that could result in remote code execution and that the patch has already been made available, even if for a short time, you have to assume that the bad guys are actively working on exploit code for this issue," he said.
"Microsoft thankfully included a workaround in the original Security Bulletin for this problem, which could help mitigate things until Microsoft can reissue the patch. It involves issuing some PowerShell commands on the server, which are detailed in the Security Bulletin."

Google says Gmail users should 'not expect privacy'

Gmail logo
Google has said users of its hugely popular Gmail services should not expect privacy when using the tool, in a frank admission that it scans the contents of emails to provide relevant adverts.
The firm made the claim in a court filing in a case against US rights group Consumer Watchdog, with its counsel arguing that having emails read by the firm is not that big of a deal.
“Just as a sender of a letter to a business colleague cannot be surprised that the recipient’s assistant opens the letter, people who use web-based email today cannot be surprised if their emails are processed by the recipient’s [email provider] in the course of delivery,” Google said in the filing.
“Indeed, ‘a person has no legitimate expectation of privacy in information he voluntarily turns over to third parties.’”
Consumer Watchdog called the admission in the filing “stunning”, and privacy project director John Simpson said it perfectly underlined the search giant's attitude towards users.
“Google has finally admitted they don’t respect privacy,” he said. “People should take them at their word; if you care about your email correspondents’ privacy don’t use Gmail.”
Simpson went on to deliver a blistering attack on Google for its "wrong-headed analogy" too. "Sending an email is like giving a letter to the Post Office. I expect the Post Office to deliver the letter based on the address written on the envelope," he said.
"I don’t expect the mail carrier to open my letter and read it. Similarly when I send an email, I expect it to be delivered to the intended recipient with a Gmail account based on the email address; why would I expect its content will be intercepted by Google and read?”
However, Google argued in a statement that claims it does not take privacy seriously are untrue. “We take our users’ privacy and security very seriously; recent reports claiming otherwise are simply untrue. We have built industry-leading security and privacy features into Gmail – and no matter who sends an email to a Gmail user, those protections apply," it said.
Google has come under fire for scanning emails from its rivals, with Microsoft hitting out at the firm for its practices as part of its Scroogled advertising campaign. Despite the issue Google remains the most popular web email service, with over 425 million users.

IBM buys Trusteer to bolster anti-hacker arsenal

IBM logo
IBM has acquired security firm Trusteer, promising to use the company's anti-hacker technology to bolster customers' cyber defenses.
The tech giant confirmed it has signed a definitive agreement with Trusteer, which will see IBM take control of the security firm and its advanced financial fraud and security threat protection portfolio.
IBM will also set up a new cyber security software lab in Israel, run by 200 Trusteer and IBM researchers. This will focus on creating new mobile and application security, advanced threat, malware, counter-fraud and financial crime-protection technologies.
General manager of the Security Systems division at IBM Brendan Hannigan said the combined arsenal of Trusteer's various tools and IBM's existing defense services will offer end-to-end cyber security for customers.
"Trusteer's expertise and superior technology in enterprise endpoint defense and advanced malware prevention will help our clients across all industries address the constantly evolving threats they are facing," he said.
"Together with IBM's capabilities in advanced threat detection, analysis and remediation, we will now be able to offer our clients several additional layers of defence against sophisticated attackers."
Trusteer CEO Mickey Boodaei added that the centre is an essential step in the companies' ongoing bid to keep pace with blackhat hackers, who are constantly developing new, more sophisticated ways to target companies. "The way organisations protect data is quickly evolving," he said.
"As attacks become more sophisticated, traditional approaches to securing enterprise and mobile data are no longer valid. Trusteer has helped hundreds of large banks and organisations around the world defeat thousands of sophisticated attacks using innovative solutions that combine intelligence, cloud, mobile and desktop technologies."
The financial terms of the deal remain unknown. IBM declined V3's request for comment on how much it paid for Trusteer.
Trusteer has a strong track record of protecting banks and financial services. The company hit the headlines in August, when reports broke that criminals are exploiting a vulnerability in its Rapport browser-lockdown technology that is used by leading banks such as HSBC and NatWest. Trusteer has consistently denied the reports.

Android SecureRandom Bitcoin wallet vulnerability could be used to hack more than 300,000 apps

Bitcoin 3D logo
A flaw in Google Android's cryptographic protocols is leaving as many as 360,000 applications open to attack, Symantec claims.
The security firm announced the figure in a blog post, claiming that the vulnerability, announced by Bitcoin earlier this week, may have wider implications.
"Certain Bitcoin wallet applications using Android's SecureRandom signed multiple transactions using an identical ‘random' number. Since transactions are public on the Bitcoin network, attackers scanned the transaction block chain looking for these particular transactions to retrieve the private key and transfer funds from the Bitcoin wallet without the owner's consent," read the Symantec blog post.
"Other Android apps may be vulnerable to similar attacks depending on how they implement SecureRandom. Looking at Norton Mobile Insight data, we have found over 360,000 applications that make use of SecureRandom and over 320,000 of them use SecureRandom in the same way the Bitcoin wallets did."
The vulnerability was disclosed by Bitcoin at the start of the week. It was first thought to only affect payment services like Bitcoin Wallet, BitcoinSpinner, Mycelium Wallet and Symantec has since disclosed further details about the flaw, confirming it relates to the SecureRandom protocols used to authenticate the users identity.
"Bitcoin uses the ECDSA [Elliptic Curve Digital Signature Algorithm] to ensure that funds can only be spent by their rightful owners. The algorithm requires a random number to compute an ECDSA signature, but if two different messages are signed with the same private key and the same random number, the private key can be derived," read the blog post.
"This is a known method of attacking the algorithm and was previously used to break the security of other products, such as the PlayStation 3 master key."
The Symantec researchers confirmed the vulberability should not affect new versions of Android, but said developers should remain extra cautious about their application security. "Android versions from 4.2 (Jelly Bean) and on may not be affected by these specific flaws since SecureRandom was reimplemented," read the post.

"We strongly advise users of Android Bitcoin wallet apps to check whether their applications are affected, and to follow the steps outlined by to make their funds safe. We would also like to advise Android developers to stay tuned and review their cryptographic implementations based on SecureRandom and evaluate whether this could pose a security risk."
Bitcoins are a digital currency designed to allow semi-anonymous online transactions to be made. The currency's semi-anonymous nature has proven a hit with many criminal cartels, which use it as a means to hamper law enforcement's ability to track them. Most recently Webroot reported that several black markets have begun taking Bitcoin payments.

Microsoft accuses Google of trying to sabotage Windows Phone

Microsoft has accused Google of deliberately keeping YouTube off Windows Phone in an attempt to damage the brand.
After being blocked three months ago, Microsoft this week re-launched a YouTube app for Windows Phone, only to have it blocked again after just one day online.
Microsoft deputy general counsel David Howard wrote in a blog post that Google doesn't want Windows Phone users to have the same experience as Android and Apple users.
"Google's reasons for blocking our app are manufactured so that we can't give our users the same experience Android and iPhone users are getting," wrote Howard. "The roadblocks Google has set up are impossible to overcome, and they know it."
YouTube has never made its own smartphone app for Windows Phone, despite offering apps for Google's own Android operating system and rival Apple iOS.
Microsoft created its own YouTube app for Windows Phone three moths ago, but it was soon blocked by Google, which owns YouTube, on the grounds that it did not allow ads - which Google profits from - and that it allowed videos to be downloaded. Microsoft has a competing advertising business.
After fixing these issues, Microsoft this week released a revamped YouTube app for Windows Phone, but it was again blocked by Google as it still did not comply with its requirements due to the fact that it wasn't written in HTML 5.
"We've been working with Microsoft to build a fully featured YouTube for Windows Phone app, based on HTML5. Unfortunately, Microsoft has not made the browser upgrades necessary to enable a fully-featured YouTube experience, and has instead re-released a YouTube app that violates our Terms of Service," YouTube said in a statement. "It has been disabled."
In his blog post, Howard said "building a YouTube app based on HTML5 would be technically difficult and time consuming", and pointed out the fact that Google doesn't use it for its own iOS and Android YouTube apps.
Windows Phone users can still use their web browser to access
Howard said Microsoft was still happy to work with Google to resolve the issue, but for now "their objections are nothing other than excuses".

CIA acknowledges Area 51 in declassified documents

THE CIA is acknowledging the existence of Area 51 for the first time in newly declassified documents.
George Washington University's National Security Archive obtained a CIA history of the U-2 spy plane program through a public records request and released it Thursday.
National Security Archive senior fellow Jeffrey Richelson reviewed the history in 2002, but all mentions of Area 51 had been redacted.
Richelson says he requested the history again in 2005 and received a version a few weeks ago with mentions of Area 51 restored.
Officials have already acknowledged in passing the existence of the facility in central Nevada where the government is believed to test intelligence tools and weapons.
Richelson believes the new document shows the CIA is becoming less secretive about Area 51's existence, if not about what goes on there.
Australia has its own secretive spy base, too.
Pine Gap near Alice Springs is Australia's most secretive location, run by both Australia and US.
In July, it was revealed that Pine Gap may have been responsible for US drone strikes in Pakistan.