Researchers with RSA, the security division of EMC, said they have discovered a Boleto malware (Bolware) ring that compromised as many as 495,753 Boleto transactions during a two-year period. A Boleto is essentially a document that allows a customer to pay an exact amount to a merchant. Anyone who owns a bank account - whether a company or an individual - can issue a Boleto associated with their bank.Though it is not clear whether the thieves successfully collected on all of the compromised transactions, the value of those transactions is estimated to be worth as much as $3.75 billion USD.
"The first signs of its existence appeared near the end of 2012 or early 2013, when it began to be reported in the local news media," according to a whitepaper RSA released today on the malware. "The RSA Research Group analyzed version 17 of the malware, gathering data between March 2014 and June 2014. The main goal of Boleto malware is to infiltrate legitimate Boleto payments from individual consumers or companies and redirect those payments from victims to fraudster accounts."
read that 3.75 BILLION DOLLARS
since 2012 and nobody is taking this serious enough ?
this is fraud worthy of the worldcup :)
"EMET is designed to prevent software vulnerabilities from being exploited by using various mitigation technologies, including Structured Exception Handler Overwrite Protection (SEHOP), Data Execution Prevention (DEP), Heapspray Allocations, Null page allocation, Mandatory Address Space Layout Randomization (ASLR), Export Address Table Access Filtering (EAF) and Return Oriented Programming (ROP) mitigations.
Research papers such as "Bypassing EMET 4.1" and "EMET 4.1 Uncovered" detail mitigation bypass methods, but Offensive Security has focused on disarming EMET, rather than on bypassing mitigations, as this method gives an attacker the ability use generic shellcodes such as the ones generated by Metasploit. This also represents a generic way of disabling all protections, and "not having to rely on functions that are not critical to EMET when trying to defeat the MemProt ROP protection, especially when having 'Deep Hooks' enabled," the company said.
The researchers managed to disarm EMET and get a shell after finding a global variable in the .data section of the EMET.dll file. The said variable, which is located on a memory page marked with read/write permissions, acts as a switch to enable or disable all the ROP protections at runtime.
the article gives more information and links to the exploit code and a video tutorial
EMET is only the very last protection so it is even more important that your first defense (firewall, proxy, application control etc....) is strong and Advanced
EMET will not protect anymore if these défenses are bypassed or too lax.
"Based on a secret source code of the NSA WDR and NDR were able to identify victims of the NSA surveillance, especially in Germany. One of them is the Erlangen Student Sebastian Hahn, who in his spare time engaged in encryption technology. He is by Angela Merkel, the first known victim of the NSA.
Basis of the research is a part of the source code of the monitoring program XKEYSCORE, NDR and WDR exclusively present. The source code is the foundation of software.
For the first time the public insight gets so into the closely guarded operation of the NSA software developer and in how monitoring victims are attacked specifically.
Erlanger student targeted by the NSA
Sebastian Hahn devotes his free time with encryption technology, he runs a server for the Anonymierungsnetzwerk goal. That's what has made him the target of the NSA.
Sebastian Hahn is advised because of his hobbies in the crosshairs of the Americans. He runs a server for the Tor anonymizing network, the users try their mark on the Internet to blur. In particular, human rights in countries like Iran are dependent on this program.
The IP address of a server operated by Hahn is precisely defined in the source code of Xkeyscore than to be monitored object. The Target: All users, every day hundreds of thousands who access the TOR server provided by Hahn are specially marked by the NSA, their connections saved. The NSA filters out so that everyone who uses the anonymizing network. This land, according to research from NDR and WDR then in a special NSA database. Sebastian Hahn finds the spying "shocking". Because he wanted to do something good, he random "in the focus of the intelligence services. This is a huge invasion of my privacy."
In addition to the IP address of Sebastian Hahn there is yet another German IP address, that of the Chaos Computer Club.
Whether Sebastian Hahn was spied from German soil, present from the NDR and WDR source code, however, can not be read.
Thomas Stadler, lawyer specializing in IT law, sees a "suspicion of intelligence agents work". The lawyer specializing in IT law, Thomas Stadler, sees a "suspicion of intelligence agents work". The Attorney General expressed only in general: it was examining all instructions.
The XKeyscore source code also shows how easy it is to fall into the pattern of the NSA. Because not only permanent user of this encryption software become the target of the secret service. Anyone who wants to visit the official Torwebseite and merely inform is highlighted. In the case of other encryption providers already forwards the request to a search engine to act suspicious for the NSA.
With the source code can be proven beyond reasonable doubt for the first time, that the NSA is not only so-called metadata, ie data connection reads. Be used emails to connect to the Tor network, then according to the programming command, including the contents of the so-called E-body are evaluated and stored. The relevant quote from the source code is:
The source code contains both technical instructions and comments of the developers that provide an insight into the mind of the NSA. Thus, all users of such programs with "extremists" equated.
On request, the NSA shares with only general, you keep strictly to the law and the "privacy and civil liberties always be considered in the computer monitor."
It is worth noting that this application Tor network is an original idea of the U.S. Navy and is funded until today, with around 800,000 dollars a year from the U.S. government.
Months ago, the "Guardian" had already reported on attempts by the NSA to spy on users of the Tor network, but without knowledge of the source code."
First we thought that the documents had been given to one journalist Greenwald, than it surfaced that several journalists of several papers have different collections from the total cache
and just as with Wikileaks and the diplomatic cables
it seems that the cache or big parts of it have been copied and wandering around and that some activists are really thinking about releasing them all (or all they have because nobody has told exactly how many documents are in which stack held by which journalist)
this means that our first comment that all the lost documents should be considered compromised and that the services impacted by this loss should act as if these documents are in the hands of their enemies or will become public soon
it also means that the editorial, legal and political vetting and considérations of different international media has been bypassed now and that it will be up for each which documents are of internest to them - even if nobody hadn't published anything about them
this is an interesting discuccion on twitter
"A new study funded by DARPA, the scientific research arm of the military, has figured out how human red blood cells can be modified to produce and deliver protein antidotes and other antibody-based medicines throughout the body. With blood transfusions, these cells could theoretically neutralize biological toxins for soldiers on the battlefield.
"We wanted to create high-value red cells that do more than simply carry oxygen. Here we've laid out the technology to make mouse and human red blood cells in culture that can express what we want and potentially be used for therapeutic or diagnostic purposes," Harvey Lodish of the Whitehead Institute for Biomedical Research in Massachusetts told the Independent.
"This morning the BBC received the following notification from Google:
Notice of removal from Google Search: we regret to inform you that we are no longer able to show the following pages from your website in response to certain searches on European versions of Google: http://www.bbc.co.uk/blogs/legacy/thereporters/ robertpeston/2007/10/merrills_mess.html
What it means is that a blog I wrote in 2007 will no longer be findable when searching on Google in Europe.
Which means that to all intents and purposes the article has been removed from the public record, given that Google is the route to information and stories for most people. So why has Google killed this example of my journalism?
Well it has responded to someone exercising his or her new "right to be forgotten", following a ruling in May by the European Court of Justice that Google must delete "inadequate, irrelevant or no longer relevant" data from its results when a member of the public requests it.
so it seems that who-ever can ask for it and that it is more or less automatically done without further investigation
there is nobody you can call to protest or to change the post (by changing the name with inititials for example)
there is no procedure that is published for those who are the victims of this
there is no difference between press reports and comments or other personal stuff that was published somewhere
they didn't think it through
so if you want to go to an uncensored Google, you should go to
and if you use Google in your website you should change it to the world edition and US edition and not the EU one
it means you have to seperate clearly the comments from the content so that Google forget the commentspage without having an impact on the article itself
it means that we have to say goodbye to
and set our Google now to this
Under the page - if you have a Google account you will find use Google.be or french or uk or whatever
or use Google.com the general server
if you are looking for a french version you can also try https://www.google.ca/
and so on (oh you can suppose that Google.ru and Google.cn aren't censored like that :))
so the only result is that people who know how to search will never search on the European Google platforms or will always doublecheck on the international ones
They also do it about the other Snowden relevations about the interceptions in Germany and so on.
But that they do it citing also the Belgacomcase is a bit strange because Belgacom should have filed a complaint. Belgacom has filed a complaint but against unknown (X). This is strange because there is ample proof of leaked documents that it was a NSA-UK operation from the beginning till the end, which would have enabled them to file a complaint against the GCHQ in the UK so that they or the government would have to answer it and refute or confirm the documents.
The number of ISP's doesn't impress me much because no major ISP has participated in the complaint and this is understandable because all the major ISP's are working with the NSA, GCHQ or another intelligence institution and a legal complaint and trial could make it possible that more information would become public because once you are in the box you 'have to tell the truth and nothing but the truth' except if you want to go to prison just for not telling the truth
this is also the reason why in Belgium we need a coalition of organisations that would make it possible to file complaints when our data has been leaked or it is known (or not yet) that information or networks are too vulnerable to stay in operation and should be 'plugged off'.
the complaint is against the global surveillance and interception methods that are being used, which are Under any situation not only illegal, very expensive, not always productive but also very dangerous
source http://www.bbc.com/news/technology-28106815 nothing quoted
"Observers said fund managers are becoming more conservative in the wake of global developments such as the U.S. Foreign Account Tax Compliance Act and other U.S. efforts.
Following large settlements paid to the U.S. by Credit Suisse Group AG and BNP Paribas SA, "Other countries are getting angry about the size of the fines and are grumbling about retaliation," said Jonathan Lachowitz, a cross-border investment adviser based in Lexington, Mass., and Lausanne, Switzerland.
Mutual funds are regulated differently from other investments and could be a target, he said.
David Kuenzi, an investment manager in Madison, Wis., who works with Americans abroad, said that selling U.S. mutual funds to those investors had long been prohibited. "But it was matter of 'Don't ask, don't tell.' Now the firms are getting more aggressive about compliance," he said.
A spokesman for Putnam Investments said the firm is no longer accepting additional investments into existing accounts held by non-U.S. residents.
The spokesman said the changes were made "in accordance with U.S. anti-money-laundering and 'Know Your Customer' policies" and in response to recent tightening of European laws limiting sales of funds not registered in their jurisdictions.
this is a fundamental change that will change the Financial industry for ever - especially after the enormous fines that BNP-Paribas has received and which are the real incentive for every US firm to abide by the rules nobody cared about before.
this is a bit like our information securitypolicy - don't ask and we don't do anything and as long as there are no fines, we really don't care
and you just need one big victim paying a big fine to get a whole industry moving out of fear of being the next one
No more Jupiler for me - there are other beers but check if it isn't part of Inbev
and no vodka either
Greenwald has announced that he will publish the most atomic of all the relevations that have come out from the Snowden documents (if you have forgotten everything that was published in 2000 about the NSA that is because in fact it only shows that with the expansion of the use of the internet, the NSA has only adapted to the new situation and possiblities).
so after building up the pressure and hype, this happened
"At midday on Monday, journalist Glenn Greenwald announced that revelations he has termed among “the most important” to result from documents leaked by NSA whistleblower Edward Snowden would be published at midnight. However, despite the growing anticipation on Monday and just hours prior to the expected publication, Greenwald went back to Twitter and announced:
After 3 months working on our story, USG today suddenly began making new last-minute claims which we intend to investigate before publishing
— Glenn Greenwald (@ggreenwald) July 1, 2014
we know that he was planning to publish the names of the targets of the NSA in the USA (the real targets, not the general surveillance)
just sit down and read this aloud before you continue
Greenwald was planning to publish the names of all the people in the US who have been accepted by the US courts - even if it is not real oversight - to be such great threats or necessary targets for the national security of the US that they should be spied upon by the NSA
the problem is that the NSA can't argue in public why they have or are spying on some persons or organisations because that is based upon information that they can't publish for privacy reasons and because otherwise their sources may become uncovered which would lead to an enormous loss and internal turmoil
if you want to destroy the NSA or the spying capacity of the USA momentarily - this is the best way to do it - all the rest was maybe not known but if you know something about the security of information on the internet you could suppose that it would happen this way
greenwald is now earning big bucks for his new mediacompany (which isn't breaking through anyway) and in such companies there are also lawyers whose only function it is to be sure that the company, its owners, publications, servers or whatever won't be blocked, sued for damages or treason
I would doubt that any lawyer would take that risk here - unless he thinks he will be the next big symbol for the good fight making a name (and fortune) for himself
there are in my eyes some red lines that you never cross, publishing online the names of the specific targets of a spy institution is really a very big red line
and if people have the right to know, the people on that list probably know because they know what they are doing and the impact of what they are doing and that it is highly probably that they are spied upon or watched (unless you totally don't care). This is not to say that they are doing illegal things, just that because of their activities there is a possibility that they are being watched - even if this is totally unacceptable because there is no criminal reason for it or because they are just the third or fourth layer of a network and don't know what is happening at the heart of the network.
but there are other rumours about another bombshell coming our way
the full publication of all the Snowden documents (this happened also with wikileaks)
"Germany announced Thursday it is canceling its contract with Verizon Communications over concerns about the role of U.S. telecom corporations in National Security Agency spying.
“The links revealed between foreign intelligence agencies and firms after the N.S.A. affair show that the German government needs a high level of security for its essential networks,” declared Germany’s Interior Ministry in a statement released Thursday.
The Ministry said it is engaging in a communications overhaul to strengthen privacy protections as part of the process of severing ties with Verizon.
The contract is being awarded to Deutsche Telekom.
It could become an example for other governmental contracts with US providers worldwide. The problem is that Under the US law the US firms are obliged to give the information the NSA and other intelligence agencies may ask wherever it is stored.
The only way to counter this is by splitting the company in many seperate parts so it isn't possible for the US company to ask its European Partner for that information. The only link between the two firms would be the royalties the European company would have to pay to the US company for using its products, information and so on. The disadvantage of this would be that the European countries would hardly get any income out of this because this will be used - as is even the case now - to empty the other companies of any gain by setting these royalties so high that these companies would hardly make any profit.
Last night, the Russian State Duma (parliament) passed the first bill requiring that the personal data of all Russians should be stored inside the country.
The effects of the bill, if passed, would be wide-ranging, touching just about every international service used by Russians. Essentially, it would mean that Facebook, Google or any other international online service – including apps – used by people in Russia would need to have physical servers inside Russia’s borders.
Furthermore, these non-Russian companies would not be allowed to send data outside the country unless they can provide certain guarantees on data storage inside the country. For those who do not, the state telecommunications agency Roskomnadzor will require carriers to restrict access to those services.
The bill also proposes amendments to laws covering personal information and data protection.
A rough Google translate version of the key part of the bill says:
“When collecting personal data, including through information and the internet telecommunications network, the operator is required to provide a record that the systematization, accumulation, storage, updating and retrieval of personal data of citizens of the Russian Federation, is held on databases located in the territory of the Russian Federation.”
If this law is enforced to the letter — it would take effect in September 2016 — it could mean a fundamental change to how both international and Russian tech companies use international hosting services, not to mention huge costs for implementing the changes.
This does not only have an effect on the webservices and apps who would need to store that information in Russia and Russia alone (and according to the Russian laws make it available for surveillance, becoming in fact a Partner or collaborator in the limited democracy autocracy of Putin)
it will also have an impact on anyone working in or with Russians or working from Russia.
If one is really interested in extending democracy a big investment in Tor services and access is one option to bypass these and other limitations.
The 13 million dollar worth of bitcoins that the FBI had seized from Silk Road was auctioned off for the first time.
'With just 13 million bitcoins in circulation, it can be hard for new companies to buy large chunks of the digital currency without driving prices up. But the arrangement with Draper will help Vaurum provide its clients with easier access to bitcoins. “It’s still quite difficult to get access to bitcoin in these developing economies, Bhama wrote in blog post announcing the news, “and that’s exactly where it is needed the most. Our goal is to build reliable infrastructure and increase liquidity, which are two major challenges in the ecosystem.”
he will use it for his own service company that sets up bitcoin exchanges for companies
before they would have found it to hard to enter the market because there would be not enough bitcoins available for them to have immediately a critical impact on the market
"Netflix has open sourced another member of its “Simian Army,” the monkey-monikered tools its engineers use to manage the enormous number of machines that drive its popular video streaming service. The latest is called Security Monkey, and it’s a tool for monitoring and analyzing the security of its systems.Like others in the family, the tool is designed to deal with machines used through Amazon’s cloud computing service. Netflix operates several dozen accounts on the Amazon cloud, and through each of these, it can spin up virtual servers to run the various parts of its video service. The company is constantly deploying new code, adding new services, deleting old ones, and modifying server configurations. Each of these tasks can create security vulnerabilities, and that’s where Security Monkey comes into play. The tool could potentially help any company that runs its operations atop Amazon and other cloud services—and such companies are only becoming more prevalent.http://www.wired.com/2014/07/security-monkey
security is not something you talk about
and your website security is just so essential because it could be the backdoor to information or the place where you insert malware code or real spyware against the users
it shows again that some good initiative is putting enormous resources in coding and community work and not enough in real practical annoying security
Paypal has decided to freeze a 275.000 $ startfund of Protonmail, based in Switzerland, that would deliver an end-to-end encrypted mail service and wouldn't have to give the US government any information like US companies are obliged to under US law (even if these servers are based elsewhere and the people or organisations involved are not American).
source http://thehackernews.com/2014/07/paypal-freezes-275000-campaign-funds-of.html for picture of image
the same was true with Wikileaks which was blocked by Paypal as other creditcompanies without any official request from any government or judicial authority. They did it based upon their conditions of use and so on (which are so vague they could be used against anything if they wanted to)
So in the whole rethinking of the internet by the European strategists and democratic activists it is clear that we need a normal financial service like paypal but based in Europe (Switzerland or Luxembourg for example). No, we don't need bitcoin or any other *coin alternative without any reglementation and supervision and even internal security.
you should really start making a difference between surveillance and espionage
every spy organisation has the duty to spy and there is nobody having a real problem with it because that is what to they do - since the beginning of history - and that is why every country has a spy agency to find them out, mislead them and block them - if necessary and possible
surveillance is something totally different because in surveillance you control a whole population or datatraffic whatever the purpose or reason that you are spying. surveillance is something that is done by our own states and according to the democratic and judicial framework of the state (in the hope that it is a democratic country)
so what is all the fuzz about ?
it would be really astonishing if the NSA had no right to spy on targets in all these countries and organisations if that would have been necessary or could have given some interesting information
oh Belgium is in it, but Belgium is one of the toptargets in any spy-organisation (even of our neighbours) because we are host to so many international institutions that any spy organisation worthy of that name has Belgium high on its list. it wouldn't even be possible to explain to any specialists why we shouldn't be.
If our intelligence services have the resources and people to stop all those spies and intelligence operators and networkers wandering around in Brussels is another matter
the hacking of Belgacom and intercepting or taking control of the total communication flow is surveillance and that is a step too far but - if true - only extracting information about some specific telephone numbers that used this network is just logical for a spy organisation
it also means that the trust and cooperation between the different democratic spy organisations is not great that they have to undertake such operations to get information that could have been simply asked for
no, you don't have to worry they won't interrupt the matches of the world cup for breaking news that Russian tanks have now officially entered Ukraine - even if every day a few new Russian tanks are crossing the border as gifts to the militia's. This is also the reason why it is taking so long because we are no longer talking about simple guerilla's or terrorists but about militia's having tanks, mortars and longrange anti-tank guns and ground-to-air missiles that are being used. This changes naturally the possiblities of attacking them and the dynamics of the battle.
the reason is that they have to hold out untill the middle of July because the Russian Army is regrouping its troops at the Ukranian border (according to NATO and the Pentagon) and all this is just the mathematics of the logistics. How many tanks can you move from point 1 to point 2 with all the facilities for the people and the necessities for the hardware (like fuel). And we are not speaking about a few tanks here and there but about hundreds or thousands of tanks and people and trucks and so on that have to move and be prepared and approvisioned to be able to continue its attack inside Ukraine without having to wait for fuel or ammunication
all the rest is just propaganda and trying to get the best image possible in the international press and if that is not possible to have the best framework possible to be able to sell it more easily to their own public and the not-so-interested public in the west (who only read a few headlines).
it was not the president who broke or ended the ceasefire. There was no ceasefire because the firing never ceased and the only effect of the ceasefire was that the governmental troops couldn't go on the offensive which meant that their actions were very limited. The ceasefire was also necessary for the Russians to bring in more arms and tranks across the border withoiut being noticed or stopped.
these are not terrorists, guerilla's or so on. They have tanks, mortars and all kinds of specialised hardware. So don't feel sorry for them. They can defend themselves and they even attack military positions all the time.
well you can't say that you didn't know