pastebin.com published the logins from this site, about 10.K in total
the passwords itself are somewhat encrypted although If it ain't fully hard encrypted, I wouldn't count on it to last long
the first list can be found here
but the first 5000 have been deleted by pastebin
but they will have been downloaded and they will have been used or abused
if you use gamereplays.org and you use the same password for other purposes, you shouls change your password everywhere just to be sure
or just use a totally different password for your important social and financial services
or financial services should abandon passwords as authentification
double authentification is the least you should do
This article describes how the cholera virus defends itself against antibiotics and our immune system so it can easier spread in our human body. Millions are each year infected (Haiti being the last best known)
even more important is to know how we can move on from here and find a better defense :
"Now that Trent and his colleagues understand the mechanism behind this resistance, they hope to use that knowledge to help develop antibiotics that can disable the defense, perhaps by preventing the cholera bacteria from hardening their armor. If that happened, our CAMPs could do the rest of the work.
Trent says the benefits of such an antibiotic would be considerable. It might be effective against not just cholera but a range of dangerous bacteria that use similar defenses. Because it disarms but does not kill the bacteria outright, as traditional antibiotics do, it might take longer for the bacteria to mutate and evolve resistance in response to it.
“If we can go directly at these amino acids that it uses to protect against us, and then allow our own innate immune system to kill the bug, there could be less selection pressure,” he says.
and in fact this isn't different from the different methods that computer viruses use to stay undetected or to infect better a system
the research afterwards is not very different from a computervirus also, once you have identified the core defensive methods you can start researching how to disable them and attack the core of the virus
okay it should be adapted to each country and probably sector
and yes it is based upon best of practices and not on all the standards and all the case law that is available
but it is still a best effort that can help firms with few resources to get at least some kind of policy that can be signed by all its employees so they will at least know that they are part of the security solution (or problem)
important story about exchanging information in a new US attack-information system for enterprises
The release notes that in addition to receiving information about attacks and responses at other organizations, members will receive quick reports on malware samples they submit. Based on what they have learned from the malware repository and by reverse-engineering malicious code, GTRI researchers will be able to provide information on the potential harm from an attack, the likely source, the best remedy for it and the risks to the organization
this is important to find the dedicated attacks and their resources and it is also very important that reseachers have afterwards all the time they need to analyse and follow-up on the attacks and the results because this is the only way that such dedicated under the scanner attacks get noticed
normally your ITsecurity product has also such an option, that you would be sending your attackinformation anonymously to them
another very important project is from the Internet Storm Center ISC.org which is by the way already integrated as an option in firewalls from Checkpoint for example
an interesting story about an outside consultant caught copying some very interesting code....
The code, called the Government-wide Accounting and Reporting Program, was developed to help track the billions of dollars the U.S. government transfers daily. The program provides federal agencies with a statement of their account balance, the court documents said.
Zhang was hired as a contract employee in May 2011 by an unnamed technology consulting company used by the New York Fed to work on its computers, court documents said.
it poses three questions
1. how is it possible that you can copy this kind of code to an external harddisk (data leakage prevention)
2. what are the security background checks of people or consultants who work with this kind of code
3. does anyone imagine what one could do with this kind of code - looks like a diehard4 thriller. Just imagine that you put a timebomb in it so it would slow down from a certain date or just crash......
There is a big story about compromised chips that have a hardware backdoor in it and that are used in thousands of military and critical installations. The story is no hype and it is not new, but it is one of the most important discoveries and it can have an important impact if it is played out in a certain way.
It has been discovered by persistent research by security researchers.
The backdoor has been installed and can not be removed, one has to remove the chip.
The chip is present in thousands of installations.
Things to do
Cut any networked internet access to any of your machines that have these chips.
If you don't want any stuxnettype incident only your own hardened portables should be used to access those machines and someone of your own ITsecurity department should be present when someone accesses it
Why is this important
A few years ago there was another big story because the NSA thought that she had discovered routers that were backdoored by the Chinese - so the story goes - enabling them to intercept anything that passes through. The US military and security organisations have also together with Microsoft and several other American hardware vendors worked together on initiatives about secure and trusted hardware. Nothing is secure if not everything is secure (and hardware security is becoming even more important as we are having a better code and networksecurity). This effectively proves their point.
But the military and security agencies have as public agencies also been subject to the national laws about the accessability of their purchases for international firms or products that were not produced totally in the US and sometimes the price of the offer was much more important than the other guarantees that had to be given. The military and those agencies (and probably critical infrastructure) did some economies but in the long end they lost control over the products and the maintenance guarantees. Voices in those circles are asking since long to make specific exceptions for specific hardware and software that have to be bought by those institutions and infrastructure.
At the same time, economists and politicians in Europe and the US are debating fiercefully for a re-industralisation of their continents and not importing nearly everything from China and other countries. As the Chips were delivered by an American firm but produced in Taiwan to be repackaged in China, Vietnam and Korea the argument goes that if those chips would have been produced in the US under special protection this would probably not have happened (that easily).
So if the military industrial complex, the Itsecurity industry, the hardware industry and the re-industralisationists would find each other in this battle to have our own router, chip and ITinfrastructure industry in Europe and the US with very strict security and quality rules and in with the critical infrastructure would be obliged to buy their infrastructure (that would cost more than the cheap Chinese produced material but that has been proven to be 'backdoored' and so 'totally unsafe to use') this would open a whole new set of opportunities.
Dr-AnGeL Ownz U
Kazakhstan Embassy Get Down
Yuuum yuuum ! it was delicious …
Againts governments corruptions !!
your security.. get down
Contact us : FQ9@HotMaiL.Fr
Land of liberty, home of the brave..
GreetZ 2 : HCJ , LatinHackTeam , 4cHrf , FedeRal , Mr.H4rd3n
still online : http://www.kazakhstanembassy.be/
although scribd is cleaning up stuff and making searching for free stuff harder every month (you get more an more only paid books in the search results even when you want only to look for the free stuff)
here is the list of 200 recently uploaded books at scribd
webdevelopment, terrorism, security, funny things and so and so on
I am not giving any guarantee that those books won't disappear fast
and I don't hold their copyrights, I am only giving a link
so we all have seen the propaganda machine working an allnighter to get it into every media (with as less as research and analysis as possible) so scare the hell out of you
massive infection of computers : looking at the numbers we are talking about a few hundred at the most
in the Middle East : no this isn't an anti-arab conspiracy because also computers in Israel were infected
since 5 years : this shows why you shouldn't keep computers for 5 years in secret and important environments, 3 years at the latest, each time a new OS comes out you throw all the old stuff out (well the harddisks and cards are burned off course)
for the rest it shows that these networks - although they were presented as being very secretive and very important were infected with viruses that were so capable that they probably bypassed all firewalls and IDS and all the other stuff you should have on those networks sniffing and analyzing those datapackages
pff, I don't think so
because if those firewalls were really professional firewalls for high security environments and if they really have installed snorts and other analyzers on the networks (or that part of the network) all the kinds of upgrades they are talking about shouldn't have happened (security is first blocking things)
it also shows the importance of having a really total control about your machine, your network in the most totalitarian way possible - just as you should do with a rocket, a weapon or a nuclear facility
so let's fuck the other blog that only has 20 visits a day while I posted a lot of things :)
and as I am back on my feet and in my head again
let's hit it
and now you will know - i can sometimes be out for some time
so just be patient