04/21/2014

#heartbleed a new tool by netcraft shows who didn't revoke his certificate

"As well as indicating which sites are using a certificate potentially compromised using Heartbleed, the Netcraft Extension also helps protect you from phishing attacks, displays the hosting location and risk rating of every site you visit, and lets you help to defend the internet community against fraudsters.

 

Netcraft's site report pages can also be used to determine whether a website might still be affected by the fallout from the Heartbleed bug. For example, our site report for https://www.linkedin.com shows that it no longer supports the TLS heartbeat extension and is using a new certificate.

 

In contrast, the site report for https://www.fedex.com currently shows that the server previously supported TLS heartbeat and the SSL certificate has not been replaced. Even though TLS heartbeat is now disabled, the certificate could still be used to impersonate the site if it had been compromised prior to heartbeat being disabled. Fedex's website is hosted by Akamai, a popular Content Distribution Network, which was potentially vulnerable to Heartbleed. Akamai is in the process of rotating its customers' SSL certificates and stated that "some require extra validation with the certificate authorities and may take longer".
http://news.netcraft.com/archives/2014/04/17/netcraft-rel...

Permalink | |  Print |  Facebook | | | | Pin it! |

Nederland start met een Nationaal (cyber)respons Netwerk

"Vandaag is het Nationaal Respons Netwerk van start gegaan dat de digitale weerbaarheid van Nederland moet vergroten. De Belastingdienst, SURFnet, Defensie CERT, de Informatiebeveiligingsdienst voor gemeenten (IBD) en het NCSC hebben zich als eerste aan het NRN gecommitteerd.

 

Het NRN moet ervoor zorgen dat bij toekomstige grootschalige cybersecurity-incidenten er snel en effectief kan worden gereageerd door kennis en capaciteiten van de verschillende publiek en private partners te bundelen. "Om adequaat te reageren en de schade te beperken, is het essentieel dat overheid en bedrijfsleven elkaar goed weten te vinden. Pas als deze partijen goed op elkaar zijn ingespeeld en samen de handen uit de mouwen steken, kunnen zij Nederland digitaal weerbaarder maken", aldus de Nationaal Coördinator Terrorismebestrijding en Veiligheid van het Ministerie van Veiligheid en Justitie.

 

De komende periode zal het NRN met andere publieke en private partners worden uitgebreid. Het Nationaal Cyber Security Center (NCSC) vervult hierbij de rol van coalitievormer en facilitator van de samenwerking tussen de verschillende organisaties in het netwerk. Binnen het NRN worden organisaties op die manier gestimuleerd om kennis en ervaringen met elkaar te delen om zo ook de eigen responscapaciteiten te verbeteren.
https://www.security.nl/posting/384769/Nationaal+Respons+...

Permalink | |  Print |  Facebook | | | | Pin it! |

#ukraine russia is now really anxious that time is running out

their movement is losing popular support at an increasing speed

this is in Kharkiv a city with 1.5 million citizens of which at least a third speak Russian

this is the manifestation today that should have been massive enough to take some new buildings (they attacked a police bus and some journalists instead)

that small group there is the manifestation with between 1000 and 2000 persons

of which there are a number of journalists and undercover observers and brought in Russians not locals

the whole day the Russian ministry of Defense have been tweeting threats that sound like they think they have enough proof to begin a 'peacekeeping operation'

there is also a problem with food in the cities that are occupied by russian troops and in the Crimea the situation is becoming critical (that is why the local seperatists asked yesterday to bring food)

so even if their plan failed yesterday they didn't gave it up

Permalink | |  Print |  Facebook | | | | Pin it! |

#snowden regrets now his intervention on the Putin propaganda show

how naive can you be

he says now that he sincerely wanted to show the Russian pubic that Putin is just doing the same thing and that Putin is lying about it because everybody knows that the Russian KGB/FSB is doing exactly the same thing

he says that it is impossible in Russia to have a discussion about privacy and complete survaillance because there is no alternative media anymore and others are too scared to even touch the subject

so he thought 'I do the same thing as I did in the USA and let the highest political decision-makers make declarations on tv that are just flagrant lies which everybody would find out about afterwards'

but there is no one in Russia to write about those things so people can only find out through underground press with very limited readership or through international media

he was so surprised by the negative reaction to his performance in this Putin propaganda show that he decided to write a column in The Guardian which he finds very daring and explicit

well if I compare this article with the things that have been written about our democratic elected leaders - rightfully - I just find this piece very lame and no counterbalance to his performande the day before

his biggest problem now is that he can go nowhere else because no country is interested in harboring a 'traitor' of USA intelligence responsable for the biggest intelligence leak of all times - and so he can only hope to stay in Russia (in august Putin will have to make a decision about that) even if he is experiencing close-up that there is not as much room for debate in Russia as in the US (if any)

it also appears that Obama (and probalby a lot of other US officials) took the appearance of Snowden in the Putin Propaganda show as a personal insult which will not make his return to the US any easier

it appears that he took the initiative for his performance, he wasn't asked to, he proposed it himself, naively thinking that this way he could proof that he was as critical of the USSR as of the USA

the result is just the opposite

and that only because he failed to understand that the US is 1000 times more a democracy than Russia right now

if you would have understood that you would never have given such a lame performance on such a staged Putin Propaganda show - but watching Russia today you should have known

Permalink | |  Print |  Facebook | | | | Pin it! |

#ukraine intelligence sources have more info on the staged attack yesterday

The person killed this night at the checkpoint in Sloviansk has been identified.

"The deceased is Pavlo Povelko who resided in the village of Oleksandrivka in Sloviansk rayon [district]. His relatives went around the village and collected money for his funeral. Pavlo leaves behind a wife and two small children. He drove his car at night. He was stopped at the checkpoint and shot there. His car was burned. All the residents from Pavlo’s village who talked to our source, said that Pavlo was set up and killed to stage the attack by “Right Sector” and a news story for Russian TV channels. Here’s what type of bloody news is being created for Russian television…
http://maidantranslations.com/2014/04/20/dmitry-tymchuk-o...

this information-operation group has links with different intelligence services on the ground and tries to get interesting information out to the public without operational intelligence so that manipulated events like the one yesterday are uncovered before they can be used for their strategic goal

according to their sources there was actually a plan yesterday to invade three regions in Ukraine after this event but I suppose that they thought that the Right Sector would now act stupidly by avenging their losses

it was a near-miss but we have still a long way to go

 

Permalink | |  Print |  Facebook | | | | Pin it! |

#snowden the lawyer of snowden has ties to the KGB

But it is worth noting that Anatoly Kucherena, Snowden’s Russian lawyer, has deep Kremlin ties and sits on the board that oversees the FSB, the successor to the KGB. Getting on state television wouldn’t have been much trouble.

http://www.thedailybeast.com/articles/2014/04/20/snowden-s-camp-staged-putin-q-a-was-a-screw-up.html

Permalink | |  Print |  Facebook | | | | Pin it! |

#ukraine this is why the shooting yesterday was a staged event

from the moment the russian media frenzy started there was something quite wrong but you had to find the proof so people of all kinds started analyzing all the proof that was presented to the local and international press while the commander of the occupying russian forces (there is no better word for it) asked Moscou to send in the troops (and start in fact a war on easter the day before the US vice president would land in Ukraine

but the propaganda work of the Russians is not what it was in your days, Mr Putin. You think that you have the best propaganda (you have but only in the press that only copies what your news agencies are feeding to the world) and the best information operatives but it isn't like in the old days

they are too hasty, they leave too many details behind, they don't think things throu, it was all done too quickly and without real professionals on the ground (giving instructions on the telephone but you can't tell them everything, you can't think of every detail, you suppose that if someone participates in an information operation that he thinks also about the consequences of some small mistake)

"The Russian TV coverage of the story of the “Slavyansk slaughter” starting early  the morning of Easter Sunday contains a major blooper. The cache of so-called Right Sector paraphernalia, proudly displayed to prove its complicity, was already filmed  by Russian TV cameras  during the day of April 19 at least ten hours before the attack. (The camera crew did not bother to remove the date of the filming – the day of April 19). The April 19 film shows the same pile of Right Sector paraphernalia used the next day to prove Ukrainian extremist guilt in broadcasts throughout  Easter Sunday (April 20)! (I imagine some TV personnel are losing their jobs or worse).

"The New York Times featured the “Slavyansk Massacre” in a piece entitled  Mystery Gunfight in East Ukraine Sparks Blame, Counter-Blame. If the Times dug a little deeper, they could have solved the mystery themselves. The famous gun battle on the outskirts of Slavyansk was another example of faked footage of staged attacks.
http://www.forbes.com/sites/paulroderickgregory/2014/04/2...

what is even more interesting is that the big secret GRU officer who has become known to the world as the officer who was coordinating his forces on the ground from his office near the border was before already active in the region of the shooting

"Another character in Ukraine’s case against Russia is Mr. Strelkov, the alleged military intelligence officer who Kiev says took part in a furtive Russian operation to prepare for the annexation of Crimea and, more recently, in insurgent action in Slovyansk.
http://www.nytimes.com/2014/04/21/world/europe/photos-lin...

and those history buffs under us know that it now looks like a stage event like in 1938 the Nazi's did to invade Poland

"This provocation was the best-known of several actions in Operation Himmler, a series of unconventional operations undertaken by the SS in order to serve specific propaganda goals of Nazi Germany at the outbreak of the war. It was intended to create the appearance of Polish aggression against Germany in order to justify the subsequent invasion of Poland.
http://en.wikipedia.org/wiki/Gleiwitz_incident

only than we didn't have twitter and social media and realtime news coverage so the staging of the event wasn't discovered but after the war - this was also why it was important to uncover all the missing links as fast as possible and this is why people made the link yesterday between that incident, the increased readiness of the Russian troops closer to the Ukrainan border, the russian propaganda and the possibility of an invasion or some Russian troops send to a certain region (as a first try)

we are going to see many more incidents like that - they will just not stop trying - and it will be for the western media very important not to become a tool of propaganda because it wants to report it first or faster. In a war faster can have enormous consequences.

for those who want to laugh a bit there is also this quote

"Among the more unusual finds were diapers, which the Russian correspondent explained are worn by snipers, as they hide for hours lurking to shoot innocent pro-Russian supporters. (Strange: If they are hiding, why not answer the call of nature in the woods?)
http://www.forbes.com/sites/paulroderickgregory/2014/04/2...

and now all the mothers understand why there are no diapers any more in their regiona - all these guys with weapons have them because they can't go for 10 minutes to the toilet

Permalink | |  Print |  Facebook | | | | Pin it! |

#ukraine this is the soviet declaration of war on Poland in 1939 - looks familiar to russian propaganda now

now you understand why people who have been told or have read about that part of history in the west and the east (even more) are anxious and watch the event with (even sometimes real) bewilderment

read it but change Poland by Ukrain and keep only the russian with the people and read it again and than take the Russian declarations of propaganda and you will see that it is the same

it is the same ideology, it is the same strategy, it is the same madness

but now that we know where it leads to we have to stop it and we can't stop it we have to try to control it and to limit its impact and its possibilities to bring wars

Permalink | |  Print |  Facebook | | | | Pin it! |

04/20/2014

digiminds hacked again .... yep again and again and again

they don't have their mind or any budget for security

don't be mad at me I already mentioned it a few times before

Permalink | |  Print |  Facebook | | | | Pin it! |

certificate intranet europaziekenhuizen needs to see a real ITdoctor

Permalink | |  Print |  Facebook | | | | Pin it! |

certificate intranet RTL total mismatch and so inexistant

Permalink | |  Print |  Facebook | | | | Pin it! |

certificate belfius needs some real fixing too

Permalink | |  Print |  Facebook | | | | Pin it! |

certificate concentra needs some real fixing

Permalink | |  Print |  Facebook | | | | Pin it! |

certificate jetair intranet needs some real fixing

Permalink | |  Print |  Facebook | | | | Pin it! |

certificate national bank belgium needs some hardening

Permalink | |  Print |  Facebook | | | | Pin it! |

certificate province antwerp needs some hardening

Permalink | |  Print |  Facebook | | | | Pin it! |

certificate extranet administratie Oostvlaanderen needs some hardening

Permalink | |  Print |  Facebook | | | | Pin it! |

certificate webmail persgroep needs some hardening

Permalink | |  Print |  Facebook | | | | Pin it! |

certificate connect.telenet.be needs some work (ssllabs)

Permalink | |  Print |  Facebook | | | | Pin it! |

certificate KUL leuven needs some work (ssllabs)

Permalink | |  Print |  Facebook | | | | Pin it! |