• new (also belgian) massive dataleakage from gamers : gamereplays.org

    pastebin.com published the logins from this site, about 10.K in total

    the passwords itself are somewhat encrypted although If it ain't fully hard encrypted, I wouldn't count on it to last long

    the first list can be found here

    http://pastebin.com/HM8isKLt

    but the first 5000 have been deleted by pastebin

    but they will have been downloaded and they will have been used or abused

    if you use gamereplays.org and you use the same password for other purposes, you shouls change your password everywhere just to be sure

    or just use a totally different password for your important social and financial services

    or financial services should abandon passwords as authentification

    double authentification is the least you should do

  • a cholera virus defends itself like a computervirus

    This article describes how the cholera virus defends itself against antibiotics and our immune system so it can easier spread in our human body. Millions are each year infected (Haiti being the last best known)

    even more important is to know how we can move on from here and find a better defense :

    "Now that Trent and his colleagues understand the mechanism behind this resistance, they hope to use that knowledge to help develop antibiotics that can disable the defense, perhaps by preventing the cholera bacteria from hardening their armor. If that happened, our CAMPs could do the rest of the work.

     

    Trent says the benefits of such an antibiotic would be considerable. It might be effective against not just cholera but a range of dangerous bacteria that use similar defenses. Because it disarms but does not kill the bacteria outright, as traditional antibiotics do, it might take longer for the bacteria to mutate and evolve resistance in response to it.

     

    “If we can go directly at these amino acids that it uses to protect against us, and then allow our own innate immune system to kill the bug, there could be less selection pressure,” he says.
    http://www.homelandsecuritynewswire.com/dr20120530-a-50year-cholera-mystery-solved

    and in fact this isn't different from the different methods that computer viruses use to stay undetected or to infect better a system

    the research afterwards is not very different from a computervirus also, once you have identified the core defensive methods you can start researching how to disable them and attack the core of the virus

  • the US cyberplanner : an inspiration for all of us (working with firms)

    okay it should be adapted to each country and probably sector

    and yes it is based upon best of practices and not on all the standards and all the case law that is available

    but it is still a best effort that can help firms with few resources to get at least some kind of policy that can be signed by all its employees so they will at least know that they are part of the security solution (or problem)

    http://www.fcc.gov/cyberplanner

  • US enterprises sharing their dedicated attacks information to learn together from them

    important story about exchanging information  in a new US attack-information system for enterprises

    The release notes that in addition to receiving information about attacks and responses at other organizations, members will receive quick reports on malware samples they submit. Based on what they have learned from the malware repository and by reverse-engineering malicious code, GTRI researchers will be able to provide information on the potential harm from an attack, the likely source, the best remedy for it and the risks to the organization

    http://www.homelandsecuritynewswire.com/dr20120529-malware-intelligence-system-allow-organizations-to-share-threat-information

    this is important to find the dedicated attacks and their resources and it is also very important that reseachers have afterwards all the time they need to analyse and follow-up on the attacks and the results because this is the only way that such dedicated under the scanner attacks get noticed

    normally your ITsecurity product has also such an option, that you would be sending your attackinformation anonymously to them

    another very important project is from the Internet Storm Center ISC.org which is by the way already integrated as an option in firewalls from Checkpoint for example

  • it doesn't hurt to be more paranoïd when consultants are copying very important code

    an interesting story about an outside consultant caught copying some very interesting code....

     

    The code, called the Government-wide Accounting and Reporting Program, was developed to help track the billions of dollars the U.S. government transfers daily. The program provides federal agencies with a statement of their account balance, the court documents said.

    Zhang was hired as a contract employee in May 2011 by an unnamed technology consulting company used by the New York Fed to work on its computers, court documents said.

    http://www.chicagotribune.com/news/sns-rt-us-usa-crime-fedbre84s13w-20120529,0,1335941.story

    it poses three questions

    1. how is it possible that you can copy this kind of code to an external harddisk (data leakage prevention)

    2. what are the security background checks of people or consultants who work with this kind of code

    3. does anyone imagine what one could do with this kind of code - looks like a diehard4 thriller. Just imagine that you put a timebomb in it so it would slow down from a certain date or just crash......

  • about compromised military hardware, China and western re-industralisation

    There is a big story about compromised chips that have a hardware backdoor in it and that are used in thousands of military and critical installations. The story is no hype and it is not new, but it is one of the most important discoveries and it can have an important impact if it is played out in a certain way.

    The paper

    https://www.cl.cam.ac.uk/~sps32/Silicon_scan_draft.pdf

    The facts

    It has been discovered by persistent research by security researchers.

    The backdoor has been installed and can not be removed, one has to remove the chip.

    The chip is present in thousands of installations.

    Things to do

    Cut any networked internet access to any of your machines that have these chips.

    If you don't want any stuxnettype incident only your own hardened portables should be used to access those machines and someone of your own ITsecurity department should be present when someone accesses it

    Why is this important

    A few years ago there was another big story because the NSA thought that she had discovered routers that were backdoored by the Chinese - so the story goes - enabling them to intercept anything that passes through. The US military and security organisations have also together with Microsoft and several other American hardware vendors worked together on initiatives about secure and trusted hardware. Nothing is secure if not everything is secure (and hardware security is becoming even more important as we are having a better code and networksecurity). This effectively proves their point. 

    But the military and security agencies have as public agencies also been subject to the national laws about the accessability of their purchases for international firms or products that were not produced totally in the US and sometimes the price of the offer was much more important than the other guarantees that had to be given. The military and those agencies (and probably critical infrastructure) did some economies but in the long end they lost control over the products and the maintenance guarantees. Voices in those circles are asking since long to make specific exceptions for specific hardware and software that have to be bought by those institutions and infrastructure.

    At the same time, economists and politicians in Europe and the US are debating fiercefully for a re-industralisation of their continents and not importing nearly everything from China and other countries. As the Chips were delivered by an American firm but produced in Taiwan to be repackaged in China, Vietnam and Korea the argument goes that if those chips would have been produced in the US under special protection this would probably not have happened (that easily).

    So if the military industrial complex, the Itsecurity industry, the hardware industry and the re-industralisationists would find each other in this battle to have our own router, chip and ITinfrastructure industry in Europe and the US with very strict security and quality rules and in with the critical infrastructure would be obliged to buy their infrastructure (that would cost more than the cheap Chinese produced material but that has been proven to be 'backdoored' and so 'totally unsafe to use') this would open a whole new set of opportunities.

  • Belgian website embassay Kazakhstan hacked

    Dr-AnGeL Ownz U

    Kazakhstan Embassy Get Down

    Yuuum yuuum ! it was delicious …

    Againts governments corruptions !!

    your security.. get down


    Contact us : FQ9@HotMaiL.Fr

    Land of liberty, home of the brave..

    GreetZ 2 : HCJ , LatinHackTeam , 4cHrf , FedeRal , Mr.H4rd3n

     

    still online : http://www.kazakhstanembassy.be/

  • 200 recent books at scribd to download - different subjects

    although scribd is cleaning up stuff and making searching for free stuff harder every month (you get more an more only paid books in the search results even when you want only to look for the free stuff)

    here is the list of 200 recently uploaded books at scribd

    http://belsec.skynetblogs.be/200-books-at-scribd-com-to-download.html

    webdevelopment, terrorism, security, funny things and so and so on

    I am not giving any guarantee that those books won't disappear fast

    and I don't hold their copyrights, I am only giving a link

  • The flare flame virus scare

    so we all have seen the propaganda machine working an allnighter to get it into every media (with as less as research and analysis as possible) so scare the hell out of you

    massive infection of computers : looking at the numbers we are talking about a few hundred at the most

    in the Middle East : no this isn't an anti-arab conspiracy because also computers in Israel were infected

    since 5 years : this shows why you shouldn't keep computers for 5 years in secret and important environments, 3 years at the latest, each time a new OS comes out you throw all the old stuff out (well the harddisks and cards are burned off course)

    for the rest it shows that these networks - although they were presented as being very secretive and very important were infected with viruses that were so capable that they probably bypassed all firewalls and IDS and all the other stuff you should have on those networks sniffing and analyzing those datapackages

    pff, I don't think so

    because if those firewalls were really professional firewalls for high security environments and if they really have installed snorts and other analyzers on the networks (or that part of the network) all the kinds of upgrades they are talking about shouldn't have happened (security is first blocking things)

    it also shows the importance of having a really total control about your machine, your network in the most totalitarian way possible - just as you should do with a rocket, a weapon or a nuclear facility

  • I had 20.000 visits this month and I didn"t post a thing

    okay

    so let's fuck the other blog that only has 20 visits a day while I posted a lot of things :)

    and as I am back on my feet and in my head again

    MONSTER (drinks)

    let's hit it

    and now you will know - i can sometimes be out for some time

    so just be patient