• even certificates on fake police emailmessages may be fake

    so you received a warning to pay some policefine for downloading some things

    you think that law if executed very fast by email now by computers who send out the fine automatically

    you are just being duped that is

    but there is a catch

    "Ransomware has become major concern among users, particularly those variants that mimic law enforcement agencies like the FBI (known as police ransomware). Certain features have also been incorporated into the threat recently, such as an audio file and just now, fake digital certificates.


    We encountered two samples bearing the same fake digital signature, which Trend Micro detects as TROJ_RANSOM.DDR. According to senior threat researcher David Sancho, the digital signature’s name and its issuing provider are very suspicious. Sancho believes that the fake signature’s sole purpose is likely to elude digisig checks.

    if the digital signature and certificate business will want to survive they will have to strengthen their internal controls and give securityinstallations (like antispam) lists with fake certificates to be distributed instantly

  • as feared after the online banks, now the online European payment transfersystems are targeted by Zeus

    Zeus the superbot that will never go away because it has a big business plan

    this is the next step

    "Cyber-criminals are targeting the European SEPA payments network, according to a report from security specialist McAfee. Within the EU, SEPA transactions are uncomplicated because they make no distinction between domestic and cross-border transactions. In this case, that also benefits the online crooks who usually transfer money from the victim's account to foreign bank accounts.


    The report says the malware involved is part of "Operation High Roller" where criminals extracted large sums from business accounts. Unlike traditional online banking fraud, which uses trojans such as ZeuS and SpyEye, the crooks infect only a small number of specific specialist computers with malware in order to get at money. This reduces the risks of detection considerably. In the current case, the scam only infected about a dozen customers.


    The malware acts in a remarkably similar manner to how ZeuS and others work: after infection it inserts itself into the system's browser and waits for a user to access their bank's web site. Once there, the pest adds its own JavaScript code, called Web Injects, to perform the fraudulent withdrawals. The malware takes its instructions from a command and control server which is, McAfee says, located in Moscow. The software is hard-coded to withdraw amounts ranging between €1,000 and €100,000 depending on the balance of the account.

  • don't let the dictators cut up the internet by using the ITU for it

    Today, the European Parliament passed a resolution that condemns the upcoming attempt from the International Telecommunications Union (ITU) to assert control over the Internet, and instructed its 27 Member States to act accordingly. This follows an attempt from the ITU to assert itself as the governing body and control the Internet. The Pirate Party was one of the parties drafting the resolution.


    The resolution, which was passed with a large majority, included Members of European Parliament (MEPs) from all major party groups, and the Pirate Party’s Amelia Andersdotter had been playing a central role in its drafting, together with MEPs Marietje Schaake and Judith Sargentini from the Netherlands, Sabine Verheyen and Petra Kammerevert from Germany, Ivailo Kalfin from Bulgaria, and Catherine Trautmann from France.


    In its upcoming meeting, the ITU is expected to try to decide for itself to have the regulatory power over the Internet. Many have been crying out against this shameless powergrab, now with the European Parliament – the elected legislators of the world’s largest economy – being the latest to join.

  • upload Firefox again (and solve thousands of bugs and securityproblems)

    t's time to update alternative browser software again, with new releases of Firefox and Opera out this week. Firefox 17, released Tuesday, features improved support for social networking functions, such as Facebook Messenger, as well as new features to prevent blacklisted extensions from running without user permission. Support for Mac OS X 10.5 (Leopard), a five-year-old version of Apple's desktop operating system, has been dropped.


    On the security front, Firefox 17 boasts improved protection against drive-by download attacks, thanks to a sandbox for iFrames. The release also grapples with a large number of security flaws, around six of which are critical. The critical flaws include memory corruption and buffer overflow bugs that might lend themselves towards attacks design to drop malware onto the systems of surfers running vulnerable software.


    The complete list of bugs resolved by Firefox 17 runs into the thousands (yes, really) but Paul Ducklin of Sophos has helpfully put together a blog post highlighting the main issues.


  • how the whole intranet from ex-president Sarkozy was hacked

    sometime a picture says more than words


    and the only thing you need to do that is

    The vector used to spread the malware is the popular social network Facebook , the hackers shared a link to compromised website that replicated the Elysee's intranet site gathering also user's credentials.

    yes a link to an infected facebookpage on the computer of a close advisor

    when will such people begin to learn

    if you are working at such a level, security has to be at the same level

    even if you will have two of everything (phone, laptop and computer) with only secured connections between them and even that it will only be onedirectional

  • who thought that Anonymous wouldn't hack a Russian drug site

    Anonymous is a calling name for a wide disperity and variety of cyber-activists (some doing legal stuff, others less legal stuff and that on many different fronts)

    so on faction has a brawl with this forum and so they hacked it and leaked everything online

    I hope that if you were an American or European user of this Russian drugs site that you didn't think that you would be safe in the Russian underground and that your cyberpolicedepartements wouldn't get your details and actions

    they will by now


    A very popular Russian drug forum community Narkop (http://www.narkop.com) has been hit by hackers who are against the site and its contents.


    The attack which has occurred around the 20th of November has left the complete database of the forum leaked which means that all 36,000 users who registered with the site.


    The attack has been claimed by anonymous hackers who have even made a website (http://antinarkop.com/) which is titled “AntiNarkop – anonymous против наркотиков” and translates to “AntiNarkop – anonymous on drugs”.


    On the website is a search feature for the leaked accounts as well as links to the complete database, members list in XLS or HTML format, forum database and other downloads from the Narkop

    The links to all the files and users is online here for all to download

  • #OP ISRAEL hacking attacks also affect Belgians

    around 1 million email accounts from jewish and Israeli sites seem to have been leaked or hacked the last week

    but not all the affected people are jewish or israeli

    the sometimes are just members of an interesting site

    and they are victims in this online hacking spree

    like for example  http://pastebin.com/dNMJ0w4c

    and a lot others on pastebin under the #OPISRAEL banner


  • Adobe connectusers.com breached and leaked

    A breach of Adobe's Connectusers.com forum database has once again exposed password security foibles, as well as website security shortcomings on Adobe's part.


    Adobe suspended the forum on Tuesday night in response to the hack, as previously reported. The software developer stressed in a statement that its Adobe Connect web conferencing service itself was not affected by the breach.


    An Egyptian hacker named "ViruS_HimA" has stepped forward to claim he hacked into "one of Adobe's servers" before extracting a database containing email addresses, password hashes and other information of over 150,000 Adobe customers, partners and employees.

    If you are an user, change your ID and if you don't need this lousy secured service, don't use it anymore

    use also the password if you use it elsewhere especially your mail, ebay and so on

  • Did Anonymous stop Republican tricker Rove's plan to change the results in three states

    It was the big fear that the 2000 history would be done all over again in Florida - and it took nearly a day to have that one done but Floriday didn't count that much this time. It as again Ohio and even with all the legal and practical tricks to prevent poor and ethnic people from voting they didn't want to leave anything to chance.

    Karl Rove is known to be a good dirty hand rude campaigner who would leave no trick unused to get the results he wants. He was very confident before the election, totally astonished afterwards and protesting on election night that Ohio (one of the three crucial states) was called too soon for Obama.

    the story from Anonymous goes like that

    "After a rather short time, we identified the digital structure of Karl’s operation and even that of his ORCA. This was an easy task in that barn doors were left open and the wind swept us inside.


    So what do we do with these doors? Do we lead them open and catch the thieves as they steal the prize? Or do we close them so they cannot steal the price?


    Our decision-protect the citizens.


    We coded and created, what we call, The Great Oz. A targeted password protected firewall that we tested and refined over the past weeks. We place this code on more than one of the digital tunnels and their destination’s that Karl’s not so smart worker bees planned to use on election night. We noticed that these tunnels were strategically placed to allow for tunnel rats[2] to race to the server sewers[3] from three different states. Ah yes, Karl tried o make it appear that there were more than three but we quickly saw the folly of his ploy.


    We watched as Karl’s little boys and girls confidently ran their tests while Karl told his barons to smoke cigars.

    so he wouldn't rig the voting machines, he would ring the local tabulators of the votes, even not the regional or other ones, he would just rig the national ones

    it means that in future you will always have to set up a second process independently of all the numbers in the centralised computers that counts the results on the different servers individually seperately.

  • if you don't want securityresearchers to become Anonymous, give them Responsable Disclosure Protection

    Auernheimer was convicted of violating the federal Computer Fraud and Abuse Act (CFAA) after he and friend David "JacksonBrowne" Spitler – part of a group calling itself Goatse Security or Goatsec — ran an automated script that "slurped" email addresses of iPad owners from an unprotected AT&T server.

    To policy and tech experts, the verdict is puzzling because Auernheimer didn't write the script or compile the data. Nor did he publish the compiled email addresses. Instead, he reported the security flaw to the media

    this is an extension that will make it even more harder for securityresearchers to do the right thing as most firms and countries have no responsable disclosure policies and even if they have, these policies may not be balanced enough to protect them enough to feel safe enough to talk.

    you cannot imagine the stress that is going through you head and that of your family if you have to announce them that some big firm like Apple, a very big energyfirm or some police inspector may or may not push you through court - even if you did nothing wrong and only wanted to do or write about the right thing

    and if the firms or countries don't play that role, let the certs take that role

  • sex and espionage, not only in James Bond

    Undercover UK police officers had long-term sexual relationships with political activists and joined them at family gatherings and on holidays to make their targets "emotionally dependent" on them, according to papers submitted to the high court.

    The allegations were revealed at the start of a legal attempt by the Metropolitan police to have the claims heard in secret.

    Ten women and one man have launched a legal action claiming they were conned into forming "deeply personal" relationships with the police spies.

    The case is the first civil action to be brought before a court since the Guardian revealed police officers frequently slept with political campaigners as part of a spy operation over four decades.

    Lawyers for the police are applying to have the cases struck out of the high court and moved to a little-known tribunal that usually deals with complaints about MI5

  • Greek hacker wanted to sell 9 million full ID info of Greeks

    The 35-year old computer programmer was also suspected of attempting to sell the 9 million files containing identification card data, addresses, tax ID numbers and licence plate numbers. Some files contained duplicate entries, police said.


    Greece's population is 11 million.

    Belgian population is 11 million

    impossible here ?

  • Gaza : the first airborne drone war : drones as advance airplanes

    Drones overhead were buzzing in the background, completely non-stop. They are very annoying at first, but then you sort of get used to it and it becomes a bit unusual when they're not there.


    Bombing here usually occurs on two phases. First, a drone fires a rocket, which is sort of a sign for owners to leave. Ten minutes later, an Israeli F-16 comes swooping over and blows up the whole place.

  • Gaza : the most important attacks were not where the camera's were

    She said the UN, was however calling international humanitarian efforts for Gaza of which construction material, which had been severely lacking previously as well, was now in even more need. She said they were hearing the almost all the tunnels into the strip which had previously been used to transport the material into the strip had been destroyed by the Israeli missiles onto the strip. 

    so this may explain a lot

    you read that the Israeli's had x hundred of attacks a day during the few days of attacks

    but on tv you only saw now and than a building exploding or burning

    and you ask yourself where were those hundreds of other bombs or missiles going ?

    To the tunnels they were

    The last weeks the Israeli's said that the border with Egypt was a very virtual one because everything - including missiles and weapons were passing under the ground - some said that there were thousands of these tunnels (which were also the lifeline for the local economy and society)

    maybe the real targets were not only the launching pads but also the provisioning lines for the missiles - for once and for all

  • anti missile systems have become more sophisticated (Israel - Gaza)

    So after having received about 500 rockets the last year the Israeli military have waited the finish of the US elections to start some response - and as a war with Iran is not really an option and Lebanon and Syria are better to leave it to the internal dissidents to change the dictatorship or pseudo-democracy - responding to this continuous barrage of missiles was the best and fastest thing to do.

    I do not know any country that would not respond to 500 rockets a year that are being fired at its towns, schools and business and where several times a week citizens have to take cover in cellars and leave everything behind, not knowing where the missile will fall and if everybody is safe and if when they come out they will still have a house or a car.

    I do not know of a state that says at one hand that it controls its territory and at the other side can't take it upon itself to stop militants firing 500 rockets a year without being arrested or stopped.

    This does not give Israel the right to do whatever it wants and that shooting back is not always the best response or the wisest, but Israeli politicians have to be elected in a few months and if there is one thing that the citizens want from their politicians or leaders, than it is peace and tranquility and safety and prospects.

    So if now both sides would like to stop firing or stop others from doing so, than there could be a basis for another cease-fire and talks about how stopping the barrage of rockets at one side and getting more trade and exchanges with Gaza at the other side. The only sides who win with a further escalation are the extremists and extremists only leave blood and lies in their trail.

    See how the anti-missile systemt works sometimes (even if the numbers of intercepted rockets vary wildly)


  • new term : bitsquatting (getting visitors with hardware problems)

    Bitsquatting refers to the registration of a domain names one bit different than a popular domain. The name comes from typosquatting: the act of registering domain names one key press different than a popular domain. Bitsquatting frequently resolved domain names makes it possible to exploit computer hardware errors via DNS

    so when the hardware has these hardware memory problems with some bytes, than the site doesn't arrive at for example cnn.com but ccn.com and if that site is infected or whatever than the user can be attacked, spoofed or whatever

    on a few billion machines connected to the internet you may be sure that for all the highlevel domainnames it stays a good business to take all the nearby domainnames, even when people type the right domainnames

    this changes also the whole discussion about the registration of such domainnames because if these domainnames would be so easily abused without any knowledge or interference from the user, than those users need to be protected or alerted (especially if these domainnames are known to be attack, spoof or advertising-spam sites). The user should still have the possibility to correct this (even if he won't understand why he arrived there and even if it is not that easy to correct this corrupted memorycache problem)

  • Millions of cyberattacks on your infrastructure, this is wat OPISRAEL learns

    More than 44 million hacking attempts have been made on Israeli government web sites since Israel began its air raids on the Gaza Strip almost a week ago.


    The figures, released by the Israeli government, indicated that attempts on defence-related sites had been the highest, while 10 million attempts had been made on the site of Israel's president, seven million on the country's foreign ministry and three million on the site of the prime minister.


    Israeli Finance Minister Yuval Steinitz said just one hacking attempt was successful on a site he did not want to name, but it was up and running after 10 minutes of downtime.


    Anonymous, an international group of cyberactivists, has posted online a list of nearly 700 Israeli websites it claims it has targeted, defaced and disrupted in response to the latest airstrikes on Gaza. 


    One of the most major targets of the "OpIsrael" campaign was the foreign ministry’s international development programme, Mashav


    so this is what you should be able to withstand, even if not all attacks have the same intensity and maybe nothing more than some ddospings, it is the scale of the attack that should awaken networkadministrators over the world.

    In how far do you have sufficient backupstrategies and personnel and caching and anti-ddos attacks and a high-security strategy 24h a day ? In how far do you close down networks and limit email and internetuse to the strict minimal ?

  • now that individual debt is so cheap to buy, lets destroy it buy buying it

    The Rolling Jubilee project is seeking donations to help it buy-up distressed debts, including student loans and outstanding medical bills, and then wipe the slate clean by writing them off.

    Individuals or companies can buy distressed debt from lenders at knock-down prices if it the borrower is in default or behind with payments and are then free to do with it as they see fit, including cancelling it free of charge.

    As a test run the group spent $500 on distressed debt, buying $14,000 worth of outstanding loans and pardoning the debtors. They are now looking to expand their experiment nationwide and are asking people to donate money to the cause.

    David Rees, one of the organisers behind the project, writes on his blog: "This is a simple, powerful way to help folks in need - to free them from heavy debt loads so they can focus on being productive, happy and healthy.

    but do not create a market for it because otherwise it will become more costly

    this is better as an undercover project if it doesn't want to create this market

    and the more undercover the cheapier and the more people can be helped

    by phoney investment funds for phoney banks buying up debt and than disappear or go broke themselves (in theory)

  • why you shouldn't take and write email too lightly

    The FBI had been investigating Petraeus for several months after his alleged mistress, author Paula Broadwell, was suspected of sending “harassing” e-mails to another woman close to Petraeus.




    During their probe of Broadwell’s activities, FBI agents uncovered information about a reputed romantic relationship between Broadwell and Petraeus. Broadwell is the author of a flattering biography on Petraeus’s extraordinary military career that was released early in 2012.


    There were also concerns that Broadwell may have obtained sensitive information

    So if she didn't have written those emails - there would have been no investigation and even if there were already rumors, it would have taken more time

    or like in the time of President Kennedy and some girls (spies) he was interested in, others took care of the problem for him (the women go back where they came from and are told to shut up)

    stupid stupid stupid

  • SMS as double authentification ? Risks maybe growing

    The lobby group for Australian telcos has declared that SMS technology should no longer be considered a safe means of verifying the identity of an individual during a banking transaction.


    Communications Alliance chief executive John Stanton, representing the interests of mobile providers Telstra, Optus and Vodafone, took the extraordinary step of of declaring the technology insecure in the wake of numerous reports of Australians being defrauded via a phone porting scam first uncovered in Secure Computing magazine.


    "SMS is not designed to be a secure communications channel and should not be used by banks for electronic funds transfer authentication," Stanton told iTnews this week.

    The trick is that by porting or fooling the system one can give the sms authentification even with another phonenumber. For the moment this system is not developed like spam or botnetattacks. In other words, it is still amateuristic and not industrialised and automatic and able to be done on an enormous scale.

    This means that for the moment the number of incidents is low compared for the use by millions and for the banks the costs are quite low (because the transaction sum is every time low) even if they bare the full responsability.

    But in fact, the protocol is not made for this and shouldn't be used for it and so this would limit the number of uses of sms as double authentification to small sums and not very important administrative acts.

    But once a crimeware infrastructure has been built and developed that could do the same tricks on hundreds or thousands of phones without much human intervention, this will change the picture and the costs and they will have to look for something else