privacy - Page 57

  • EU data privacy proposition with data breach notification best thing around

    Twenty-two U.S. privacy and consumer groups have voiced support for a tough online privacy proposal being considered by the European Union, even though some U.S. businesses and government officials have described the proposal as too regulatory.


    The proposal "provides important new protections for the privacy and security of consumers," the groups wrote in a letter sent Wednesday to members of the European Parliament."We believe that the promotion of stronger privacy standards in Europe will benefit consumers around the globe, as businesses improve their privacy practices and security standards."


    The E.U. proposal could become the global standard for privacy protections online, said Jeffrey Chester, executive director of the Center for Digital Democracy, one of the U.S. groups supporting the regulation. That's why the U.S. government and our commercial interests are so alarmed," he said in an email. "U.S. businesses would rather dismiss privacy concerns ... even though they have created a powerful system of commercial surveillance on consumers."

  • blackmail or bluff ? Did PWC lose Romney's tax returns ?

    This is the posting

    "Dear PricewaterhouseCoopers LLP

    Using your Office @ 830 Crescent Centre Drive, Suite 260, Franklin, TN 37067  Telephone: [1] (615) 503-2860 we were able to gain access to your network file servers and copy over the tax documents for one Willard M Romney and Ann D Romney. We are sure that once you figure out where the security breach was, some people will probably get fired but that is not our concern.

    All major news media outlets are going to be sent an encrypted copy of the most recent tax years that your company had on file since you did not have them all in a convenient electronic form. The years before 2010 will be of great interest to many. If the parties interested do not want the encrypted key released to the public to unlock these documents on September 28 of this year then payment will be necessary.

    The deal is quite simple. Convert $1,000,000 USD to Bitcoins (Google if if you need a lesson on what Bitcoin is) using the various markets available out in the world for buying. Transfer the Bitcoins gathered to the Bitcoin address listed below. It does not matter if small amounts or one large amount is transferred, as long as the final value of the Bitcoins is equal to $1,000,000 USD at the time when it is finished. The keys to unlock the data will be purged and what ever is inside the documents will remain a secret forever.

    Failure to do this before September 28, the entire world will be allowed to view the documents with a publicly released key to unlock everything.

    Bitcoin Address to Stop Release:


    And the same time, the other interested parties will be allowed to compete with you. For those that DO want the documents released will have an different address to send to. If $1,000,000 USD is sent to this account below first; then the encryption keys will be made available to the world right away. So this is an equal opportunity for the documents to remain locked away forever or to be exposed before the September 28 deadline.

    Who-ever is the winner does not matter to us.

    Bitcoin Address to Promote Full Release:



    Reference to avoid Fakes that only you will have.

    PWC declared that this isn't the case so as with Reckzo has his 1 million Visa accounts, they will have now to show something or shut up. In any case they will have an investigation by the Secret Service and if caught, face a long sentence (even if it is bluff). It should also be clear that people holding or working with documents of important political, financial and economical persons and institutions - even if it is only administrative - that they are a very real target for even very advanced underground groups whose only goal is to blackmail them - in the best case and to publish everything in the worst case.


  • dutch IPAD users in Apple UID leakage of 1/12th of the database

    we have found dutch names in the one million release

    this means

    there will be other europeans between them

    and if not in this file, in the biggest one


    so the problem is becoming European

    because what is an FBI man doing with a file with personal info of an IPAD user of the Netherlands

    yes what the hell is he doing with this

    without a warrant

  • the 7 dangerous media myths about the Apple UID debacle

    1. You can check if your UID is compromised

        No you can't there is only 1 million who has been published from a database of 12 million. The number of 24 million is probably just a rumor that hasn't been confirmed by enough other resources. This is on a total of 140 million Apple machines.

        So if you are in it, than you know but if you aren't you know nothing

    2. Is there other information out there

        Some of the UID were accompanied by other personal information but they have been cleaned from the release. Anonymous still have them.

    3. The FBI is listening on these devices

       THis is a presumption but there is no evidence even if commercial spyware like finspy would do the trick with this information to capture everything on the phone

    FBI said that it as an organisation didn't have that file and didn't use it and so it was probably some file he got on a freewheeling basis that couldn't be used for official business (so what was the business ?)

    4. Anonymous knows where the data came from, some say from Apple or something linked but others say it comes from a server

       For the moment nobody knows and everything else is speculation. It could even be done by Apple because the agent was also working for an organisation that is a platfrom for private and public partnerships in intelligence and cyberforensics.

    5. How long the data has been stolen before being published

    Since march and it is now september, so what  happened in between and for sensitive operations one will have to go back to that data to search for penetration and datalosse

    6. Is the machine of Obame included

    There is a name but you can give yours whatever name you want - so maybe someone thinks he is the real president. No confirmation and a simple FBI agent running around with a database of 12 million UID's having the one of the President of the US in the same file somewhere in between is hardly believable

    7. Are new machines also compromised

    The theory is that the new machines since january 2012 have no or other UID and that those would be less worried than the others (stil more than 100 million which makes it a chance of 1 out of 10 roughly)

    more links and info will be published on my twitterstream

  • check your apple ID here to see if it is in the one million

    if you don't like it, you can type in only a part of it

    and remember there are about 12 million in the hands of the FBI and Anonymous (who ever you like or dislike the most) with sometimes personal info and for Iphones your tokens

    If you are on it, depending on your info, your use, your position and the data, you should take the necessary steps, beginning with contacting the security officer of your firm or office

    If you are not on it, than you still may be on it, awaiting to have more information about the source of the database

    Apple stopped using this technology the beginning of this year, they say

    for a network or firm with high security necessity

    * throw it away

    * control the logs starting march when the data was stolen

    * trust Apple again ?

  • java exploit attacks increasing and no patch in sight

    Over the weekend, researchers at the SANS’ Institute’s Internet Storm Center and security firm Websense separately warned of new email phishing campaigns that direct users to rigged websites that take advantage of a widespread Java vulnerability that became public in late August. One, discovered by SANS, impersonates a Microsoft email regarding a real change to Microsoft’s terms of service announced last week. Another, spotted by Websense, spoofs an Amazon order confirmation email.

    read the story about the FBI agent who lost a file with 12 million apple ID's and personal info to know what can happen

    disable java for the moment

    website developers who are stuck with java will have to think about non-java alternatives as failover when java fails again

  • where it all begun and why changing emailaddresses after leaks IS important

    remember the story when hackers could intercept an Interpol teleconference about hackers and publish the material, fact is that they intercepted the invitation email in february (not difficult with 50 million emaillogins stolen since last year) and they have sent to the different agent since then an email with every new exploit for a new vulnerability since then

    and one has clicked on it and has given access to its pc and to the files that are published now

    the question is also why they are published today when they have been intercepted since march and what has happened to the data since that moment - was it already used for other attacks (so very secretive and financial networks should go back to march in this case)

    the 40 agents that were targeted are now published, just to be sure that they will change their emailaddresses

    Since that original e-mail list is all over the Internet, and the addresses should all be changed anyway, I'm reproducing it here for reference:

    MIME-Version: 1.0
    acceptlanguage: en-US
    Accept-Language: en-US
    Content-class: urn:content-classes:message
    Subject: Anon-Lulz International Coordination Call
    Date: Fri, 13 Jan 2012 19:21:49 -0000
    X-MS-Has-Attach:X-MS-TNEF-Correlator:thread-topic: Anon-Lulz International Coordination Call 
    From: "Lauster, Timothy F. Jr."<>
    To: "Reichard, Gerald A." <>,
        "Gillen, Paul G" <>,
        "Gallagher, Colm" <>,
       <>, <>,
        "Helman, Bruce C. Jr." <>,
        "Sporre, Eric W." <>,
        "Buckler, Lesley" <>,
        "Geeslin, Robert C." <>,
        "Plunkett, William R." <>,
        "Roberts, Stewart B." <>,
        "Brassanini, David" <>,
        "Stangl, Christopher K."<>,
        "Patel, Milan" <>,
        "Ng, William T." <>,
        "Adams, Melanie" <>,
        "Culp, Mark A." <>,
        "Arico, Nicholas J." <>,
        "Tabatabaian, Ramyar" <>,
        "Penalosa, Jensen" <>,
        "Bales, Will" <>,
        "Burton, Kevin C." <>,
        "Nail, Michael A." <>,
        "Grasso, Thomas X." <>,
        "Thomas, Christopher T." <>,
        "Caruthers, John" <>,
        "Phoenix, Conor I." <>,
        "Hunt, Chad R." <>,
        "Willett, Bryan G." <>,
        "Patrick, Kory D." <>

    when your email is published you should change it when you are in that function

    this why emails with names for such attackable targets is not a good idea

    another option is to oblige them to use webmail and to keep everything blocked frozen online with no interference with the machines

  • get the 1 million Apple ID file and what are the other info Lulzsec has ?

    1. there you have. 1,000,001 Apple Devices UDIDs linking to their users and their
    2. APNS tokens.
    3. the original file contained around 12,000,000 devices. we decided a million would be
    4. enough to release.
    5. we trimmed out other personal data as, full names, cell numbers, addresses,
    6. zipcodes, etc.
    7. not all devices have the same amount of personal data linked. some devices
    8. contained lot of info.
    9. others no more than zipcodes or almost anything. we left those main columns we
    10. consider enough to help a significant amount of users to look if their devices
    11. are listed there or not. the DevTokens are included for those mobile hackers
    12. who could figure out some use from the dataset.
    13. file contains details to identify Apple devices.ordered by:
    14. Apple Device UDID, Apple Push Notification Service DevToken, Device Name,Device Type.

    so they have 12.000.000 Apple ID numbers of which a certain has all the personal info and they can identify the kind of Apple Machine but they only published 1 million without the personal details

    they published also the DevTokens for the mobiles so mobile hackers can use them to impersonate you for example or make the machine think it should download some malware :)

    this is enormous

    This is the file - for the moment

    1. Download links:
    11. first check the file MD5:
    12. e7d0984f7bb632ee19d8dda1337e9fba
    13. (lol yes, a "1337" there for the lulz, God is in the detail)
    14. then decrypt the file using openssl:
    15. openssl aes-256-cbc -d -a -in file.txt -out decryptedfile.tar.gz
    16. password is:
    17. antis3cs5clockTea#579d8c28d34af73fea4354f5386a06a6
    18. then uncompress:
    19. tar -xvzf decryptedfile.tar.gz
    20. and then check file integrity using the MD5 included in the password u used to
    21. decrypt before:
    22. 579d8c28d34af73fea4354f5386a06a6
    23. ^ yeah that one.

    so this panick for every security  or high risk environment with Apple Iphones, Ipads or Ipods

    there are 11 million others in the blue some with personal details

    It is not only US based info and could be linked to a general service (not said yet) and Iphones become hackable in a 'trusted way'.

  • why a hoster should limit the danger of police seizures (ID apple)

    the person responsable for the popular Mobile App Instapaper published the following today




    "Since it was returned so quickly, it’s likely that they determined that it wasn’t part of their target group and wanted to avoid any problems that could have resulted from its continued seizure. While they could have copied the data for future analysis, I believe it’s unlikely that they would have reason to do so. Regardless, I have no way to know what they did (or didn’t do) with it.

    For whatever it’s worth, I have deleted the code, data, and keys from the server and asked DigitalOne to cancel my account immediately. I’m not convinced that they did everything they could to prevent the seizure of non-targeted servers, and their lack of proactive communication with the affected customers is beneath the level of service I expect from a host.

    Many commenters and emailers have taught me that bcrypt and scrypt are better than salted SHA-1 hashes for password storage, so I’m researching them and will begin load-testing with them next week. If all goes well, I’ll deploy one of them and migrate all subsequent logins and password changes away from salted SHA-1 hashes.

    I appreciate the outreach from people wanting to help me fight the FBI or DigitalOne somehow, but that’s honestly the last thing I’d want to do. Even if money were no object, I can’t afford the time or the stress, I’m not looking for any sort of reimbursement, and nothing they say would absolutely assure me (or even the slightest skeptics) that they had zero copies of the data.

    so an official investigation is against a specific server with an specific client and with specific data, not against your whole cloud or whole parts of it or of the backoffice

    if you don't follow that up, than you will be in a lot of problems (some legal and financial) with the other clients who have become victims of your negligence

  • Fon is better than this stupid german proposal

    This suggestion was worked out by a team of researchers led by PhD student Kamill Panitzek from Technische Universität Darmstadt in Germany. The proposal requires the creation of a so-called “emergency switch” which would allow the government staff to turn off the security mechanisms in the Wi-Fi routers from private homes.

    In other words, the first responders will be able to use all the routers within range to increase the capabilities of the mesh networks which let them communicate with each other. The suggestion was laid out in the peer-reviewed International Journal of Mobile Network Design and Innovation, and is currently getting some attention, predominantly thanks to a press release titled “Your Wi-Fi Router Could Save Lives in an Emergency”.

  • about finspy the targeted infostealer working for who-ever pays for it

    It was proposed to the Egyptian Moubarak at the height of the protests that led ultimately to his downfall and would have cost no more than 300.000 Euro.

    It is being developed and marketed by Gamma in the UK who denies it is a spyware and that it is sold to dictatorships because it is marketed to police services to target criminals (which is legal if they follow the procedures and have the oversight)

    It is being used against dissidents in Bahrein who have done nothing wrong criminally.

    It is being installed through a socalled 'update' and is used against all the mobile OS around (apple, windows, blackberry,.....) and against normal workstations with different OS (windows, mac,....)

    It is not being detected by standard antivirus installations but you will need a full securitypackage with application controls, behavourial monitoring and so on ...... If you are serious about your online business or your digital information you should spend the extra money to protect it as such.

    It contacts 10 servers around the world in different countries of which the US and the Netherlands. These have  now gone black after the publication but there is still the following legal question. Is the hoster responsable for the fact that on his server there is stolen private and confidential (business) information on his server ? Is the hoster obliged to contact the policeservices and give them all the possible information he still has (logs, backup) ? If we take into account the Europan and US legal obligations, this could be the case. And what did the hoster do with the information in the backup ?

  • After the terror watch list with a million people on it, the new secret 'inhibited person list' limits international travel

    A lawyer acting for WikiLeaks founder Julian Assange says she was stopped at Heathrow and  told that she was on a secret watch-list and required special clearance before she could board her plane.

    Australian Jennifer Robinson said she was left stunned after being told  by an airline crew that she was on an ‘inhibited person list’ that means she must have ‘done something controversial’.

    Ms Robinson said that she could not understand why she was on the list as she had never done anything controversial or criminal.

    She had only represented clients around the world, one of whom was Mr Assange.

    She added that under Australian law, a citizen does not need special clearance when returning to their own country, regardless of whether they are on any watch-lists.

    Although WikiLeaks supporters believe that the ‘inhibited person list’ may  be a secret US or British watch-list that monitors the international movements of certain individuals, both governments have denied they operate such a database.

    The Australian government has also denied having such  a list. Ms Robinson, 31, said: ‘This incident raises so many questions.

    'Why would I need clearance to travel to my own country? So far I have not had a proper explanation.’

    This is so kafka, so like in his book the trial that it is astonishing and so unreal that it is hardly believable

    but possible

    and for newsspeak, how can you confirm that such a secret list exists when the most important thing about the list is to deny that it exists but while you will need to use it to give it any purpose by which you show that it exists

  • #trapwire and the 5 essential questions your internal security should ask the stratfor contacts in your organisation

    this is one of the activities or businesses of stratfor

    "Every few seconds, data picked up at surveillance points in major cities and landmarks across the United States are recorded digitally on the spot, then encrypted and instantaneously delivered to a fortified central database center at an undisclosed location to be aggregated with other intelligence. It’s part of a program called TrapWire and it's the brainchild of the Abraxas, a Northern Virginia company staffed with elite from America’s intelligence community.

    The employee roster at Arbaxas reads like a who’s who of agents once with the Pentagon, CIA and other government entities according to their public LinkedIn profiles, and the corporation's ties are assumed to go deeper than even documented. The details on Abraxas and, to an even greater extent TrapWire, are scarce, however, and not without reason. For a program touted as a tool to thwart terrorism and monitor activity meant to be under wraps, its understandable that Abraxas would want the program’s public presence to be relatively limited. But thanks to last year’s hack of the Strategic Forecasting intelligence agency, or Stratfor, all of that is quickly changing."

    So: those spooky new "circular" dark globe cameras installed in your neighborhood park, town, or city—they aren't just passively monitoring. They're plugged into Trapwire and they are potentially monitoring every single person via facial recognition"

    the more documents and mails are being released from the 5 million (millions in the waiting) the more one is becoming alarmed about the way the company worked internally and how it really is the big private worldwide CIAlike operation (which they found amateurish and limited) that nobody knew about

    when you go to the site  you will think it is all about international analysis (what are spies otherwise doing) but behind the forefront we now see that all those people that are becoming contacts on conferences, publications and internet exchanges or freewheeling conversations with stratfor 'operatives' even if they had all other kinds of normal names (consultants, analysts, publisher, representative,.....) In some mails it even becomes clear that as internal information was their main business they used any method possible to get that information (in one mail the boss they have to use any method against their contacts to get it, financial, sexual, blackmail, threats, promises, whatever....)

    this is a spy agency

    and some of your employees may have been abused or pushed into giving or explaining internal information

    for Belgium, there are public servants, diplomats, politicians and others on their lists (but they could have been just subscribers to their mailing list)

    in any case, some-one in your organisation should sit down with the stratfor contacts and go through all the information (sometimes under sworn testimony)

    * did you only receive stratfor email briefings and was that your only contact

    * did you go to a conference organised by stratfor or with speakers from stratfor

    * did they meet you and did you have a conversation and what was it about

    * did they contact you by mail and can you give us all these emails

    * what information - in full detail - did you give or send Stratfor and were you paid for it (in whatever form)

    * when was the last time you had contact and what was it about

    if you look into this dazzlepod database (you can search for a specific emailaddress, the one from your network for example or even for a domainextension as .be, .nl,.... or a name in an emailaddress)

    you will be surprised how many people were caught in the web, even if they not all were that all deep into the dark corners of their spyhole

    if it sounds like spies and it looks like spies and it acts like spies you should treat it as ..... spies

    and if their contacts were naïve you should tell them so

  • TMF mobile hacked

    TMF Mobile
    Username. Password. developed by FutureProof.
    TMF Mobile - Vertaal deze pagina
    Own3d by Group x3. Go To Hell .. administrator idiot. Greetings : Lov3rDns. Shark Hidden | The Lion-Heart.


    both hacked - cert informed

    what did they do - get the data ?

    nobody cares about that ?  Maybe you do ..... because you are a member

    if you don't ask they won't tell you or take a certified consultant to set things straight

    complain here

  • will Samsung save the most private secure mobile phone blackberry

    Samsung the only firm so capable of freightening Apple to death that it uses lawyers all over the world to try to stop the product from being sold is in talks with RIM who needs to be sold to survive

    if Samsung saves blackberry it has in fact two choices

    it saves the firm and we all rush to the shops to get a blackberry if we want to have some really private conversations and it invests in keeping these conversations safe and private (it has its own network that is fully encrypted). They keep them cheap and easy to use and in every case, private and secure, which would be the reason to use them as a second phone.

    it saves the technology and incorporates the technology and the seperate network in a new phone that you could use for personal use (samsung normal phone and normal network) and financial and professional business (other simcard that goes to a private seperate blackberry network fully encrypted). You chose or your boss or correspondent choses.

    or it does both for eveyones pocket

    but never forget, the only selling point for a blackberry is that it is so private and secure and it has its own networks

    all the rest is blablabla and done-that seen-that also stuff

  • #leaks are you a member of a porno site ? your accounts are targeted for leakage

    they do it by stealing cookies while you surf

    they do it by intercepting the logins of malicious proxies

    they do it by infecting your pc with loginstealing functionalities

    they find them in cracked online emailaccounts

    they hack pornosites for logins

    and than they collect them and dump it online (as they do for filehosting, facebook and lots of other accounts)

    and if you use an emailadres or login that can be connected with others or your real life, than you are f..... you s....

    an example of a posting

    or just search for passwords porn on

    allways lucky or should I say f....y :)


  • #pedohunt will take action at the executive level

    What is the sense of bringing down websites all the times if they can buy domainnames with names as boylover, pedowhatever, nakedteens, lolitaporn and whatever

    so while #pedohunt is now trying at one side to pressure hosters and dns services to stop hosting and helping pedoservices (or those that are used as such) it has made one big victory now that (the mother of all .com registrations) has decided to bring together an executive managerial committee to see how they could use their user reglementations to block domainnames that are clearly used for these illegal purposes that are even less without question or discussion than normal porn

    for these reason it is even advisable that other organisations and lawyers should work together with the community to help them use the right terms and use the possibility of bad publicity brought by bigger known reputable organisations to bring down those sites with clear pedoservices and content

    if this doesn't work some in the community will do what they may find necessary to do to send a message - even if they may be prosecuted for that (but which judge will punish such an activist who brought down a pedo site because the law or the hoster themselve refused to act (quickly enough))

    off course it is so that the first and last thing to do before doing something like that is to inform the qualified police services of the existence of these sites before attacking them (it may help them in their investigations when they not only can bring the site down but also keep all the proof of access and abuse that could be used later in court as evidence). Bringing down a host should be a last resort, if we have really really tried anything else

    At the other side, the community of activists will need a really anonymous secure dropbox for such information without having to publish it on pastebin

    and also remember, you don't have to see pictures to know it is a pedosite (googledorking gives you already enoug information to start with) and really not only is it illegal but it will fuck up your mind (and if you don't have enough selfcontrol make you react irresponsable) which I didn't by the way (for whom it may concern)

    if twitter has closed down hundreds of pedo-accounts and networksolutions will study how to shut down pedodomains and hosters and online services are starting to investigate how to stop helping those f.... b.... and if the policeservices start having more secure and anonymous lines of communication (under certain rules) than maybe the only ones breaking the law will be the pedo's themselves

    #pedohunt should produce pedohunters in each big internetservice 2.0 and in each internetinfrastructure provider who each will make clear that they are being cleaned out and that such services and content aren't distributed or promoted through them

    something to think about

  • sponsored (ad) Start opleidingen Belgisch Data Protection Institute


    Valt een foto van een werknemer onder de privacywetgeving?

    Weet u, wat u kan, mag en vooral moet doen met de persoonsgegevens in uw bedrijf?

    Lijkt die privacywetgeving duidelijk in theorie, maar hebt u bedenkingen bij de praktische invulling?

     Hoe is het geregeld in België en wat is de verhouding tot de andere Europese lidstaten?

    Hoe dienen we om te gaan met informatie via sociale netwerken?

    Bavo Van den Heuvel en Nicolas Delcroix starten voor al deze vragen een nieuwe opleiding.  


     Het is nu zover. Deze vragen worden uitgeklaard tijdens de opleidingen van het Data Protection Institute. Deze zijn uniek voor de Belgische markt en beantwoorden aan de vraag rond de do's and don'ts bij de verwerking van persoonsgegevens.


     In onze 2-daagse introductie bekijken we de definities van privacy en de toepassing ervan in België. In het certificatieprogramma tot Data Protection Officer wordt in detail besproken hoe u deze wetgeving implementeert in uw ICT systemen en wordt u tevens voorbereid voor de eventuele uitvoering van de rol van Data Protection Officer. Dit programma behandelt risicoanalyses, de toepassing van cryptografie, de impact op het human resources domein en natuurlijk een aanpak tot gebruikersbeheer. Tot slot worden ook de controle- of audittechnieken bijgebracht. Voor het volledige programma, surf naar .


    Daar wij geloven in de toekomst, wensen we ook de ecologische impact van opleidingen te beperken. Elke cursist ontvangt het cursusmateriaal dan ook op een tablet waar u ook notities kan op opslaan en die u mag houden.

     Voor onze piloot-opleidingen in september zijn er nu lanceringsvoorwaarden! Aarzel niet om meer info te vragen op


    interested in also sponsoring belsec ? Interesting deals available, support the securityresearcher contact me


  • alerted already about more than 3000 #leaks the last year - RSS feed at your service  (but I am not sure it works all the time because some of the RSS feeds of diigo seem fixed on position instead of add last ones (time)

    the leaks are mostly belgian or important, not all the leaks and dumps I have found are linked

    most of the links are dead or gone already (or somewhere else)

    the one Belgian leak that impressed me most ?

    that a blooddonor action somewhere in Bruges where all the personal and medical information of only 20 persons was leaked

    another one (not published but contacted the cert for that)

    the internal file of a big company with all the personal details of their personnel that was going to take part in a marathon

    the receives most of the times an alert but I cannot say that they do something with it - sometimes they do sometimes they don't saying that it is up for the sites concerned to do the contacting (which they don't they prefer to keep it covered and silent)

    as with the list of 21.000 belgian gamers of gamingo that the received from (because those passwords were broken and were being used and sold in the underworld)  they have only to go to because nobody seems to be doing anything useful with that list (even if it should be a good reminder of good passwordpolicies and so on). Everybody talks about security awareness and education but when the shit happens and you have something real that people will remember and will act upon, you do nothing......

    I am sure that you have a lot of other things to do and that you are also doing important stuff but if you can't handle 21.000 accounts you won't be able to handle hundres of thousands of millions of accounts once the big breach comes along

    and besides people are willing to forward information and do the extra mile to help out but when this happens it will be hard to motivate them again

  • #Anonymous attacks Australian gov and ISP (files and how they did it)!/search/%2523OpAustralia?q=%2523OpAustralia

    Anonymous has since the new data interception laws that are being discussed in Australia attacking Governmental websites and an ISP AAPT.

    In total there has been 40GB of data that has been 'looted' of which about 1.3 customer data of the ISP (more about that later). There has been no dumps, but clean releases in which there is for example no financial data (even if that data is present and is now in the hands of 'anonymous' outsiders and should be considered as unsafe and to be changed).

    the files are disappearing from pastebin and the net but re-appearing on Anonymous websites like here

    and the really interesting file is this one

    "Anyway, so far can present 27mb of compressed data, but most importantly we want to direct your attention to the file dsdweb-tracking.mdb. This file gives us some insights on how the Australian government was monitoring its citizens activity. Let us explain what you see here:


    4/11/2001|9:41:32 AM|538|Regional Development|17|2|Jenny|Rogan||5|4000|2|Mozilla/4.0 (compatible; MSIE 5.01; Windows NT)| 


    These lines show what the Australian government is interested in and what they are tracking. The data below was reformatted but you can view the complete database dsdweb-tracking.mdb in the archive (not linking to direct file since it is 200mb).


    Tracking Fields:


    HitDate - The date the specific Search was initiated
    SearchID- The ID of the search
    PageTitle- The title of the page that was searched
    PageType- They have their own categories of the logging software
    Classification- They classify with their own systems
    Postal Code
    Browswer- What browser they were using
    IPAddress - IP address of the user
    HttpReferer - Referer-URL (Previous website, where it was linked from)"

    well, there is more to come they promise

    oh, and the best I have kept for the last, how did they do it

    The government servers was the easiest part, a simple LFI bypass of the authentification

    The ISP AAPT was breached with a Cold Fusion exploit that was known but the ISP said they had forgotten about the server .....

    need I say more ?

    if you can expect them, you should prepare for them and not keep your gates closed but the holes in your wall unfixed