11/15/2014

probably major Belgian social secretariat is hacked and data was leaked on the internet

why do we know that now

as the paste is done we have typed the emailaddress in pastebin and than we found another bit of information  and there we see that it is about a person that is sick and has prolonged his period of leave

so which firm does the social secretariat for Thomascooktravelshop in Belgium ?

you shouldn't be surprised about this because one of our backoffice operations that were not published because of the sensitivity was about a social secretariat that had all her files open to the public internet and that we had closed down after that we contacted the responsable authorities in Belgium with that information

if this is confirmed this is huge

because in that database will and can be so much personal, financial and medical information that this is enormous

and it is not because it is not anymore on pastebin that it is not somewhere on the server of somebody or sold or traded or exposed elsewhere - we go hunting now

any more information, mail me

just a reminder : these are logical assumptions that haven't been proven yet but based upon the information before us, this seems to be the best logical explanation

and more from pastebin search

 

 

Permalink | |  Print |  Facebook | | | | Pin it! |

a datapack of half a million Belgian and french personal data has been shortly online

we don't have more information for the moment but it seems that a number of passwords to emailaddresses or logins which use an emailaddress as identifier have been hacked and that that site uses also paypal and vista

the other seems on the first site to be a hacked (sql injection probably) french or Belgian database which has lost all its customers or contactsdata

if some-one has more info, please free feel to contact me - even if it is only the name of the sites that have been emptied so we can warn the necessary instances to get them offline because if you can hack them anybody can (with some tools and some minimal guidelines)

so for one day that I don't do the normal checks in pastebin because of some heavy offline shit happening that needed my attention, I miss this one and it goes under the carpet (because nobody will inform you that your website was hacked and your personal data were leaked). I doubt that even the privacycommission is informed. If I were the persons mentioned in these lines I would write to the Privacycommission to ask to investigate. They can than ask the authorities to ask pastebin where the information came from and what it was and so on.... based on that information they can than go to the site that was a victim and in most cases even doesn't know that something happened.

the only bunchpacket of belgian data that big is the hack of VOO and normally Rex Mundi will have had an agreement about that and so that data shouldn't be in the open except if Rex Munid has resold it or some of his friends have decided to put it online anyway .....

but it is maybe just another victim of the new stupid ideology of Big data (without investing the big costs for security because it is all about limiting costs, not increasing efficiency (which is more expensive)

Permalink | |  Print |  Facebook | | | | Pin it! |

hackers talk of 500.000 creditcards to put online and want to play Sint Nicolas

first we would warn that in the paste old or fake listings have been published on these forums and that this is for the moment nonconfirmed but it is interesting enough to give it some attention and if real to follow up

and this is the first bunch (and these listings are also popping up elsewhere on pastebin)

Permalink | |  Print |  Facebook | | | | Pin it! |

world of warcraft servers under typical heavy DDOS attack (are you reaady)

DDOS attacks today are so enormous that if you don't have contracts with your hoster and your ISP to displace your servers, a communication strategy and the essential appliances or contracts with the ISP's to stop (part of those attacks) you will just be overwhelmed and dead in the water

and yes you can say that these DDOS attacks are nowadays 1 GBPS instead of the 20 or 100 MBPS they were before (and what could be handled)

but now DDOS attacks need a clear strategy - before they take place

and to show the importance is that after the DDOS attack the login process of the WOW servers was a mess and needed an enormous lot of work from the firm and its serviceproviders increasing another time the already enormous cost of stopping this

the only way to stop this is an international anti DDOS war room that can contact all the major routers and hosts once those attacks are under way and coordinate a FAST response (cut off) to limit already the biggest overwhelming volume and to keep the infrastructure and the securitytools online to work through the other connections that have to be cleaned

Permalink | |  Print |  Facebook | | | | Pin it! |

11/14/2014

Russian Pravda threatens Western Europe with nuclear surprise blackmail

"Here is another surprise. As for tactical nuclear weapons, the superiority of modern-day Russia over NATO is even stronger.

The Americans are well aware of this. They were convinced before that Russia would never rise again. Now it's too late.

To date, NATO countries have only 260 tactical nuclear weapons in the ETO. The United States has 200 bombs with a total capacity of 18 megatons. They are located on six air bases in Germany, Italy, Belgium, the Netherlands and Turkey. France has 60 more atomic bombs. That is pretty much it. Russia, according to conservative estimates, has 5,000 pieces of different classes of TNW - from Iskander warheads to torpedo, aerial and artillery warheads! The US has 300 tactical B-61 bombs on its own territory, but this does not change the situation against the backdrop of such imbalance. The US is unable to improve it either, as it has destroyed the "Cold War legacy" - tactical nuclear missiles, land-based missiles and nuclear warheads of sea-based Tomahawk cruise missiles.

To be continued.
http://english.pravda.ru/russia/politics/12-11-2014/12901...

can you imagine some-one writing this

are they totally gone bonkers ?

"In 2010, the Europeans, in the face of foreign ministers of Poland and Sweden, insolently demanded Russia should single-handedly establish two nuclear-free zones - the Kaliningrad region (enclave) and the Kola Peninsula - the territories of priority deployment of Russian tactical nuclear weapons. The regions serve as the main bases for the Baltic and Northern Fleets. In case of the Northern Fleet, the region is a base for most of Russian SNF.

Since then, the Americans have repeatedly offered Russia to follow the flawed way of solving the "problem of tactical nuclear weapons." They stubbornly insist on reaching an agreement to eliminate disparities on stocks of tactical nuclear weapons. They even tried to stipulate a condition for the effect of the START-3 Treaty. Thus, in accordance with Senator Lemieux's amendment (Amendment 4/S.AMDN.4908), the START-3 was to come into force after the Russian side agreed to start negotiations on the so-called liquidation of imbalance of tactical nuclear weapons in Russia and the US.

On February 3, 2011, Barack Obama wrote in a letter to several key senators saying that the United States was going to start negotiations with Russia to address disparity between tactical nuclear weapons of the Russian Federation and the United States to reduce the number of tactical nuclear warheads in a verifiable way.  Alas, in 2012, Putin returned to the Kremlin, and the hopes of the West to deceive Russia though unilateral disarmament failed.
http://english.pravda.ru/russia/politics/13-11-2014/12902...

and they are not going to disarm either

so what do they want to use all these  nuclear weapons for ?

blackmail ? like Dr Strangelove

Permalink | |  Print |  Facebook | | | | Pin it! |

11/13/2014

the rotten US mortgages are back again.... since 2008 (when the financial system nearly collapsed)

yep, they are trying to explain them away - but that they did also in 2008 - so there is no reason to believe them this time because it is the same old stupid trick (you put some really rotten financial loans in a big back of good financial products and sell them together saying that the global risk is 10% for example but without guaranteeing that it will stay 10% and when it is proven that one such back is in fact nearly totally rotten (because of unexpected economic circumstances not foreseen in the calculation of the risk) than all the other bags (even if they are totally different become suspicious (even if that is because the calculation of the risk is to be overdone every so many hours) and they all have to be sold at very low prices creating huge losses for those who have bought them and eventually used them against other good loans they can't repay or guarantee any more). 

so who is buying them and I hope that they are not being bought by banks that were saved with money from the taxpayers and those who would buy them should be told that they will not be saved by the state next time 

if they want to take the risk - than they take the risk - alone and with their own money 

source http://www.bloomberg.com/news/2014-11-12/bank-of-america-citigroup-said-to-sell-soured-home-loans.html

bankloans.PNG

Permalink | |  Print |  Facebook | | | | Pin it! |

two important facts about the fast increasing number of incidents with Russian military might at the European border

First, it takes a long time to prepare this, it is not done like this on a hunch which means that it is planned, coordinated, prepared and agreed upon - even at the same moment Putin is saying he just wants peace and so on. So there are two faces to Russian foreign policy. The practical guy and the tactical guy. You can chose who to believe and who to trust. If you think that practical things (the economy) will be more important than the military tactics you still think that there is not much to it and that peace will prevail (like good sense). If you prefer to look at the military tactics, than you better start preparing for the worst so you send a message that this guy better starts becoming practical because otherwise he will end up in a dead-end street as his bluff has been called. 

And the more further away or the bigger the incursions, the longer the planning and the preparations. 

And the real question is the following : if all this has been planned long time in advance, what else will come ? And what is the endgame ? 

The first important fact is that this is NOT incidental, this is planned and is part of a longterm strategy based upon a number of suppositions. Understand the strategy and the suppositions and you have a first choice of possible responses. 

Secondly, the number of incidents is not 30, no for Europe it is MUCH HIGHER over the last year. We are already at 100 military incidents in our airspace and before our coasts. 

"Allied jets have intercepted Russian fighter aircraft along Europe’s fringes 100 times this year, three times the 2013 total, according to NATO. The increased activity coincides with the U.S. and the European Union accusations that Russia is fueling the separatist conflict in Ukraine, where a September cease-fire is wobbling. http://www.bloomberg.com/news/2014-11-12/poland-renews-ba...grow.html

THis means that every THREE days there is somewhere at our NATO borders a military incident with a Russian military aircraft, submarine or warship (some nuclear). I repeat - so you understand it - every THREE days. 

So when military commanders start getting nervous and worried, you have to ask yourself how you would react if somebody is knocking on your windows and doors every three days and sometimes is standing in your hall way or kitchen and leaving afterwards saying, sorry - no harm done. 

This is way beyond 'tension' and way beyond 'military incidents'.

This is an explicit military strategy of creating a permanent atmosphere of military tension.

And you only need one ship, submarine or fighter plane to make the mistake of beginning to fire to find ourselves in a totally different situation. And this has happened before. Only at that time the lines of communication between the White House and the Kremlin were still open and there were enough backchannels. With a permanent cutting of ties in all spheres between NATO and the US and the Kremlin at the other side one can hope this will still be the case (even if Obama wouldn't do something military without thinking months about it) 

It does mean for Belgium which has foreseen new cuts in its military forces that it would take years to adapt afterwards to the new international environment and its NATO obligations. Or we should just say that we don't want a Belgian army and want to pay a part of an European Defense Force or NATO force (or combination). But that is a bit difficult if you don't have One Commander in chief but 26 (as if the Governors of the US would decide where US troops would be send abroad). 

Permalink | |  Print |  Facebook | | | | Pin it! |

11/12/2014

if you are on windows95 windows98 or windowsxp you are NOT protected against SUPERBUG

"Microsoft has patched a critical flaw in Windows that has existed in every version since the introduction of Windows 95 more than 19 years ago. IBM security researchers discovered the flaw earlier this year and notified the software giant privately in May. The rare bug allows attackers to remotely execute code on an affected system just by convincing Windows users to visit a URL in Internet Explorer. IBM says the exploit can be triggered on Internet Explorer 3.0 onwards, and every currently supported version of Windows is affected.

 

"This vulnerability has been sitting in plain sight for a long time despite many other bugs being discovered and patched in the same Windows library," says IBM researcher Robert Freeman. While Microsoft is providing patches for Windows 8.1, Windows 7, Windows Vista, and its various server releases, the company stopped supporting Windows XP earlier this year so consumers will not be protected if attackers attempt to exploit the bug. There’s no evidence this bug is being exploited in the wild yet, but it has been rated 9.3 out of 10 on the Common Vulnerability Scoring System (CVSS) so it’s well worth patching through Windows Update if you haven’t already. http://www.theverge.com/2014/11/12/7202801/microsoft-patc...

advice : change to Firefox and don't use Internet Explorer for the internet if you are still on those systems and you can lock down your Firefox so it is as protected as the latest version of Internet Explorer

advice : if you are somewhat commercial than you should really change those systems - just to make sure that are not responsable for any dataloss you may have when you are attacked 

advice : install some free firewall (zone-alarm) antivirus (avast) antispyware (search and destroy) and so on 

Permalink | |  Print |  Facebook | | | | Pin it! |

it is not the number of Russian incursions but their strategy that is in fact worrying western military

""What is significant is that across history, most of these incursions have been very small groups of airplanes, sometimes singletons or at most two aircraft," the Supreme Allied Commander in Europe, U.S. Air Force General Philip Breedlove, said at a Pentagon briefing.

 

"What you saw this past week was a larger, more complex formation of aircraft carrying out a little deeper, and I would say a little bit more provocative, flight path.

http://www.businessinsider.com/russia-flies-provocative-a...

Every action needs a response and was the response to the first incursions with single aircraft, submarines and boats a bit annoyed, this one got the attention of the highest military planners and eventually our political leaders.

What in fact does he want to say ? 

I will and I can attack you at any time before you can respond ? I am a big nuclear power ? You are just so frightened that you don't know what to do when I decide to become very angry with you ? 

And this from the US to Europe at every existing border in the air or on the sea. 

never before in history have Russian military aircraft taken so many risks in so little time against so many possible targets in such a manner

just needs a small misunderstanding or a defender who is too nervous or not listening anymore to his commanders and wants to show them a lesson ..... to be starging off something 

Permalink | |  Print |  Facebook | | | | Pin it! |

#ukraine why Kharkiv is a better target than Mariupol in this offensive

Several terrorist and subversive groups and cells have already been arrested in the city by the Intelligence Service from Ukraine. 

But there is more that story it seems 

"The so-called Novorossia project has foundered in recent months, and could be strengthened if the separatists were able to get control of Kharkiv, Ukraine's second-largest city.

 

Lozowy notes that the city has "symbolic significance," as well as being a major industrial center.

 

In December 1917, Kharkiv was the first Ukrainian city to recognize the Bolshevik coup in Russia, and the city served as Ukraine's capital until 1935. Ukraine's largest tank producer is located in the region, among many other military-industrial enterprises.

 

"Undoubtedly, Kharkiv, which has remained on the whole indifferent to calls to join 'Novorossia,' really upsets certain circles both in Moscow and in the LNR and DNR," Russian military analyst Aleksandr Golts told openrussia.org on November 10.

http://www.businessinsider.com/robert-coalson-russia-rest...

There is Mariupol but that may seem to be an enormously difficult target and maybe they just will pass it and go on the Crimea to take it on afterwards when it is isolated by land and sea. 

Permalink | |  Print |  Facebook | | | | Pin it! |

11/11/2014

#ukraine no more trust in #osce mission with Russian observers abusing the mission

strange in any case that one of the parties is observing how its own tanks and military are passing borders that are being monitored by an organizing that is using its official representatives as observers

strange in any case that one of the parties participates in investigations of incidents and conflicts while their army and tanks are on the other side of the front

and it seems just to have become a Russian spy organisation after all

Permalink | |  Print |  Facebook | | | | Pin it! |

Obama asks wife of Chinese leader to give the information about his postmen back

Obama to the wife of the Chinese leader "I know it was not one of our postmen you had an affair with when you visited the states lately, so please ask your husband to stop hacking us to find out who it was and give back the information about our postmen"

her husband saying to Putin

I did as you have said, I have taken all that data about all their postmen and I will find the man who was according to his workfiles at our holiday resort while I was in conference - she thinks I can't proof it but I will

Putin is saying nothing because he already knows who it is, he has it all on film made by his spies and said he wanted to sell it to the Chinese leader but he thought that the price was too high and for that price he could try to find it for himself whatever the means

Obama is telling the Chinese wife that he knows the KGB knows because the CIA was filming the KGB filming the Chinese and he knows that even the Chinese know that the CIA knows that the KBG knows because they were filming the KGB and the CIA (but they forgot to film the Chinese wife so they don't know who she met during one hour while her husband was away). The problem is that Obama is under wife and daughter surveillance all the time and Putin is having athletic erotic exercises with his new lover every day so he has hardly any energy left afterwards. So they don't have any dirty stuff yet to blackmail back - even an operation on the computers of the White House just before this meeting didn't turn up anything that could be used.

the other guest in the row doesn't know how not to start laughing out loud (LOL)

"All United States Postal Service (USPS) employees’ personal data—including names, addresses, social security numbers—has been exposed as the result of a hack believed to have originated from China. According to its own tally, USPS employs over 600,000 people.
http://arstechnica.com/security/2014/11/all-us-postal-ser...

 

Permalink | |  Print |  Facebook | | | | Pin it! |

why your smarttv is a dumb privacy-idea (put a post-it on its cam and disable the microphone)

"I just bought a new TV. The old one had a good run, but after the volume got stuck on 63, I decided it was time to replace it. I am now the owner of a new “smart” TV, which promises to deliver streaming multimedia content, games, apps, social media and Internet browsing. Oh, and TV too.The only problem is that I’m now afraid to use it. You would be too — if you read through the 46-page privacy policy.

The amount of data this thing collects is staggering. It logs where, when, how and for how long you use the TV. It sets tracking cookies and beacons designed to detect “when you have viewed particular content or a particular email message.” It records “the apps you use, the websites you visit, and how you interact with content.” It ignores “do-not-track” requests as a considered matter of policy.

It also has a built-in camera — with facial recognition. The purpose is to provide “gesture control” for the TV and enable you to log in to a personalized account using your face. On the upside, the images are saved on the TV instead of uploaded to a corporate server. On the downside, the Internet connection makes the whole TV vulnerable to hackers who have demonstrated the ability to take complete control of the machine.

More troubling is the microphone. The TV boasts a “voice recognition” feature that allows viewers to control the screen with voice commands. But the service comes with a rather ominous warning: “Please be aware that if your spoken words include personal or other sensitive information, that information will be among the data captured and transmitted to a third party.” Got that? Don’t say personal or sensitive stuff in front of the TV.

You may not be watching, but the telescreen is listening.
http://www.salon.com/2014/10/30/im_terrified_of_my_new_tv...

big brother

first the product than the security and last but not least the privacy

smarttv have been hacked already

Permalink | |  Print |  Facebook | | | | Pin it! |

the TORsweep was a result of undercover police work, technical knowledge and a cooperative host

it was good old police undercover infiltration work (while waiting patiently instead of jumping immediately on the chance just to break everything up but without really arresting everybody involved) and the cooperation of the host of the site (most of the TOR webservers are in fact on western hosts)

"Authorities said that they were able to arrest Benthall after an undercover Homeland Security agent was able to gain the trust of Silk Road 2.0′s administrators and received access to “private, restricted areas” of the site reserved for its leaders. Through that operation, the agent said he was able to interact directly with Defcon.

 

That agent detailed his investigation in full in the criminal complaint against Benthall, noting that he had attained moderator privileges on a forum that formed after the closure of the original Silk Road site. On that forum, the agent was able to see discussions between users who toyed with the idea of creating a successor site.

 

In May, agents were able to locate the server hosting Silk Road 2.0 in a foreign country, tracing alleged ownership back to Benthall. As the agent wrote: “Based on a review of records provided by the service provider for the Silk Road 2.0 Server, I have discovered that the server was controlled and maintained during the relevant time by an individual using the email account blake@benthall.net.”
http://www.forbes.com/sites/ryanmac/2014/11/06/silk-road-...

well once you get the emailaddress you get anything else, why didn't the guy use a tor emailserver - didn't trust it or lazy - those amateur undercover anonymous activists and wouldbe online gangsters don't really have the knowledge or guts or time to keep their identity anonymous (and so they get caught)

 

and these are the main targets for the next operation because not all of the top five illegal bazaars have been taken offline

"A study by the non-profit Digital Citizens Alliance in September found that the six most popular Tor-based markets by total product listings were Silk Road 2, Agora, Evolution, Pandora, Andromeda, and BlueSky. Operation Onymous captured fully half of those top sites. But Agora, Evolution and Andromeda remain online and will likely absorb many of the refugee buyers and sellers from the law enforcement busts. In fact, Agora had already passed the Silk Road in total product listings with more than 16,000 mostly-illegal offerings, and the fast-growing marketplace Evolution was already on pace to soon take the second place spot in the underground economy. via Andy Greenberg/WIRED
http://leaksource.info/2014/11/09/list-of-dark-market-sit...

but there are more operations to come because the police forces have set up a central command center for this kind of operations

2014-11-07_DarknetActionDay[1]

"The operation fits the objectives of Project ITOM (Illegal Trade in Online Marketplaces), an official Dutch initiative, supported by the European Union, to enhance cooperation between law enforcement and judicial authorities in an effort to hinder the development of online marketplaces.
http://www.deepdotweb.com/2014/11/08/129-seized-onion-dom...

and the goals of this operation are

http://www.deepdotweb.com/2014/09/28/itom-europes-plan-cr...

itommodel

what did you think that you could sell freely for millions of drugs online and that no police force would come to get you one way or another ?

if you read the chart above than you could also have - as a police officer - the following idea - let's shut down all those email and other contactservices on TOR so that they are obliged to use 'public' services to make contact - or set up honeypot torservices with email and so on so you can attract them, follow them and arrest them in another sweep - and if you do it you have another big advantage - that is that people won't trust any TORservice anymore because they don't know if it is a real one or a honeypot from the police (palace of mirrors)

and that is just the biggest problem or advantage of TOR for undercover operations - there is no way any user can know if a service if really anonymous, secure, hosted in an unreachable country or relayed with a real and not a fake relay tor server, operated by the police or not because otherwise TOR wouldn't be as anonymous

By the way the Belgians DO NOT PARTICIPATE in this operation - for now (fccu ? how come ? You have some of the best specialists on TOR it is being said)

Permalink | |  Print |  Facebook | | | | Pin it! |

a bitcoin mining farm on fire ......

they were on first sight only out on the quick buck not ready to invest in real safe infrastructure - just as most of the rest of the bitcoin world with their totally unsafe codes that are being broken faster than it is corrected

and they were really farming in a farm house on farm land (not joking)

they don't have the same rules and controls like the rest of the financial industry even if they have become a real financial (black) industry

https://bitcointalk.org/index.php?topic=521520.msg9451926#msg9451926

because this doesn't look like a real datacenter - more a cannabisplant :)

and this is the result of their non-investment

Permalink | |  Print |  Facebook | | | | Pin it! |

these are the kinds of illegal webshops on ToR that are taken down

so before you think that it is only drugs (sample of 410 webservices on 29 servers  according to the latest account) oh and indexing only illegal services is also illegal (a directory for pedos is taken down also - hoera)

if it is criminal and illegal and has nothing to do with politics 

than you are on the next list to do

Permalink | |  Print |  Facebook | | | | Pin it! |

very few news sites offer full https protection to their readers

at least they could give it to readers from overseas if they don't want to give the protection at their national readers because normally there is no reason to do so but people from outside our western world are running risks for even reading your news sites

and TOR - the anonimity of TOR is being dismantled and the coders are only discovering now that there are a whole bunch of different attack codes, attacks and undercover surveillance relays on their networks and are crying for urgent help to stop the flood and keep their Titanic from sinking (I always found that they should have kicked all these drugbazaars and pedos out of their infrastructure)

source https://freedom.press/blog/2014/09/after-nsa-revelations-...

Permalink | |  Print |  Facebook | | | | Pin it! |

the unsafe gosafe webpage from the university of Ghent proofs that ....

they are making life very difficult for themselves, the programmers, hosters and securitypeople by not putting all the websites on one big platform with the same security and rights and checks and controls

and if this is the case, they don't have any decent monitoring or a decent securityguy looking at his environment because he would have seen this if only he would have monitored zone-h.org for ugent.be (there is a free monitoring service available for your domain)

Permalink | |  Print |  Facebook | | | | Pin it! |

let's give this hacker a gasboete (administrative fine)

Permalink | |  Print |  Facebook | | | | Pin it! |

before launching an ecommerce website, check your code (defaced already)

this is the intention

(and no, there are no minimal securitynorms you have to abide before going online with an ecommerce site - that is only when you open a real business - than you are submerged with papers and controls)

this is the security warning they got and still have

Permalink | |  Print |  Facebook | | | | Pin it! |