No trust without independent control - Page 6

  • #sonyhack should you set up your own corporate DDOS attack army online ?

    because this is what Sony is doing - some call it offensive security

    http://recode.net/2014/12/10/sony-pictures-tries-to-disrupt-downloads-of-its-stolen-files/

  • For those who still think that Gorbachev is a democrat and a pacifist.....

    "The former Soviet Union president further said Russia had experienced difficult times after the Soviet Union's collapse and the U.S. had taken advantage of it. Gorbachev said but today was different because Russia is well-armed. He mentioned that it was good to see Russian President Vladimir Putin taking care of security, strengthening the military and developing weapons. He has no doubt that if anything happens, Russia can "hit back."  http://au.ibtimes.com/articles/574603/20141202/russia-gorbachev-ussr-cold-war.htm

    not much different from what Putin is saying

    maybe he is afraid of his status and his pension in this virtual democracy in Russia (it seems it is there, but it isn't, like with the virtual environment you only have to pull the cable out to end it all)

  • #Sonyhack this is why emailboxes should be encrypted and protected if they are businesscritical

    "he hackers said the email boxes belong to Steve Mosko, president of Sony Pictures Television, and Amy Pascal, co-chairman of Sony Pictures Entertainment.

    The Microsoft Outlook mailbox files run to several gigabytes and apparently contain thousands of messages sent to and by both executives over several months.

    A handful of the emails, seen by IDG News Service, appear to include discussions between company executives, lists of phone messages that include contact details for executives at other companies, business information, and personal messages to family members http://www.computerworld.com/article/2857272/legal/hackers-contacted-top-sony-executives-before-attack.html

    There is nothing as critical as a mailbox from an engineer or businessmanagement 

    but they hardly get an double authentification, password or encryptionprotection or to say automatic archiving to another protected environment if it is put in for example a folder secure archive

    this is what I personally think : if one puts a mail in a folder 'secure archive' the exchange server takes them once a day and puts them in an archived but secured mailbox that the owner can only access online and only if he uses specific procedures (eventually password, specific hardware or decryption key and so on....) 

    so no more old mails that are lost during a hack or leak 

    and for the mails of today - one should use the same protection as for important files. Sometimes files are secret on the server and hard to reach but are send around in mailboxes as if it is candy 

     

  • windows10 will be the perfect platform for securitymanagement for networks

    "The new Windows will also offer a unified user experience across all devices, from PCs to tablets to phones. Microsoft drew closer to that with Windows 8, but Windows 10 will complete the vision. The new OS will also offer a universal platform for developers to deploy apps. That's something even Apple lacks, as its Macs, iPhones, and iPads all operate on different -- albeit similar, in the case of the phones and tablets -- operating systems.

     

    Offering a universal experience in which a phone app closely resembles its tablet and PC counterparts should provide a seamless experience for Windows users as they switch between devices. This will actually expand beyond phones, tablets, and PCs: Nadella said he expects Windows 10 to power even "the smallest Internet of Things devices," offering the same experience across the board. http://www.fool.com/investing/general/2014/12/09/microsoft-wants-shareholders-to-know-these-2-thing.aspx

    now read this from a security point of view 

    you can have in your network the same patching, logging, antivirus and other controls for whatever tool the person is using (desktop, server, laptop, tablet, phone) as long as it is windows10 

    imagine that, collecting your logs from all the different tools and putting them in one database being able to follow the attack on a pc, the penetration of his phone and extracting of his address book and than the attack on some-one else in the office or on a server .... 

    imagine having one antivirus, one patchmanagment, one application or softwaremanagment for all your tools 

    it is not only developers and programmers who may be able to re-use more or less the same code for apps on tablets that become software on desktops or serverbased applications on servers but in the first case it makes it possible for the security-industry to now make real platform for the platform that will give the network- and securityadministrators the possibility to englobe their whole network whatever the tool or the location with the same securitysolution as long as it works on windows10

    this change is as big as the famous memo by Bill Gates about security because this changes security in the networks fundamentally from a fragmented always too late solution to a global solution that after the migration and the knowledge management can start to think more preventive and make attacks from taking place instead of trying to stop or correct them

    off course, there will be new holes, new strategies and new mistakes but that won't offset this revolution that is now only theoretical but - if the security industriy has any vision left in their immediate salesvisions - also practical. If they don't than I think that Microsoft will develop and integrate its own solutions for its platform and than you will have all those shortvision norisktakers cry to the European Union and the US administration about a new monopoly and so on. If they want to be ready for this revolution - and help make our digital world much more safer than it will ever be possible to make it today - they should start today 

    just as Mozilla browser crashed when Microsoft put all of its intelligence and power behind their IE - now much less attractive than at the time - and the linux desktop that was going to replace windows crashed when windows7 came it may be a time of adapt or crash for the too fragmented security industry 

    the future is in overview of everthing digital in your network or enterprise and that overviewplatform is in the making and it is not the totally fragmented unixmarket or the confusing Applemarket or the even more individualized androidmarket 

    imagine, whatever phone or tablet or desktop you take you have the same stringent security that can be updated anywhere anytime anyhow 

    this is also a new securityservice opportunity for ISP's and other operators 

  • #tor buy stolen bitcoin wallets

    they are being stolen

    not sure if this is a scam or not but it is being advertised

  • the only reference to Belgium in the US Senate torture study

    it is a known as a fact since long time that torture does only very rarely bring real information

    just reading a book about the Great purges under Staline (nothing Great among them)

    but sometimes people just don't want to listen to real specialists who will tell you that it won't work with people who are really convinced of their case and willing to die for it and that other people will just invent thing only to make you stop

  • new #luxleaks from new sources about Skype, Koch brothers and Disney

    you can read more here http://www.icij.org/project/luxembourg-leaks/new-leak-reveals-luxembourg-tax-deals-disney-koch-brothers-empire

  • #sonyhack digital signatures of sony used on malware

    source https://securelist.com/blog/security-policies/68073/destover-malware-now-digitally-signed-by-sony-certificates/

    the same that was used earlier by North Koreans against South Korea

    it means that all certificates from Sony will have to be changed - what we said earlier

  • #ukraine now it is Finland that has put her army on a heightened state of alert

    the airtraffic over baltic where tensions are increasing daily now http://www.flightradar24.com/RYR75LM/500f160

  • De voorzitter van de Belgische Privacycommissie over de rol van de privacycommissie

    Naar aanleiding van het Mensura incident had ik voorgesteld dat ik de dossierbehandelaar zou ontmoeten om de verschillende elementen en mijn ontdekking te bespreken. Deze vraag werd in het directiecomité besproken maar om procedurale en juridische redenen afgewezen.

    In de email legt de voorzitter van de privacycommissie - die me het recht geeft om hieruit te citeren - ook een aantal elementen voor van hoe de Belgische privacycommissie haar rol ziet.

    We kunnen niet anders dan wachten op het Europees kader die deze 'poedel' (indien er geen minnelijke schikking komt kunnen we niets doen en we hebben geen enkel administratief sanctierecht) in een bulldog die alleen al door haar verschijning netwerk en websiteverantwoordelijken automatisch een betere beveiliging doet installeren om ze toch maar niet op bezoek te krijgen.

    Dit wordt verwacht in 2015 -2017 of indien de staatssecretaris voor privacy eindelijk eens begint te begrijpen wat privacy is en hoe belangrijk dat wel is en met enkele kleine wijzigingen aan de wet de Privacycommissie opeens wel de nodige administratieve bevoegdheden geeft om op zijn minst waarschuwingen te geven en indien deze niet worden opgevolgd de stekker eruit te trekken. Net zoals we restaurants sluiten die niet hygiënisch zijn, auto's van de straat houden die niet veilig zijn en electriciteitswerken niet aansluiten op het algemene netwerk omdat ze gewoon slecht gelegd zijn of logische fouten hebben.

    Wij zullen blijven met nieuwe zaken naar de privacycommissie te sturen iedere keer we dit nodig achten. Dit is onze rol. Volgend jaar nemen we trouwens een ander orgaan in het vizier - niet om het te bekritiseren maar om te proberen haar aan te zetten om de volheid van haar mogelijke bevoegdheden te gaan gebruiken.

    Juridisch formalisme is niet iets wat ons voluntarisme zal tegenhouden. Indien dit zo was dan hadden we al 10 jaar geleden gestopt.

  • Mensura nieuws sommige instellingen die klant waren zijn NIET getroffen door het lek

    het blijkt dat sommige instellingen en organisaties geweigerd hebben om gebruik te maken van de online formulieren van Mensura voor het aanvragen van medische controles

    Deze instellingen en organisaties zijn dan ook NIET getroffen door het datalek omdat ze enkel gebruik hebben gemaakt van email of van de veiliger fax

    Het staat uw instelling of bedrijf ook vrij om NIET gebruik te willen maken van online formulieren of procedures die u onveilig of gevaarlijk lijken (test de site vb eens op https://www.ssllabs.com) of waarop teveel informatie wordt gevraagd die in feite niet nodig zijn of beter niet online staan

    Verschillende andere instellingen hebben GEEN online formulier voor het aanvragen van een aanvullende medische controle.

    U bent de klant, u kunt weigeren van een dergelijk online formulier in te vullen. Uw vakbondsvertegenwoordiger kan in uw bedrijf of organisatie eisen dat dergelijke online formulieren niet worden gebruikt (zeker niet als uw rijksregisternummer, persoonlijke informatie en medische informatie online wordt verzameld)

    De enige uitzondering zou zijn wanneer de applicatie voor het invullen van de gegevens volledig is afgescheiden van de publieke website en achter een VPN met een sterke login staat.

  • what will come in the place of bitcoin ?

    "It wouldn’t be the least bit surprising to see the best bits of Bitcoin be grafted into new products and services (like facilitating international transfers),” said David Yermack, professor of finance at New York University Stern School of Business, to CNN.

     

    “A lot of the breakthrough products tend to get taken over pretty quickly by improved versions and I think that’s likely going to be the fate of Bitcoin. It’s certainly played a role in raising issues and opening possibilities that people were only dimly aware of before. But if I owned Bitcoins, I would be a seller at the current market price as I think a year from now they may be all but worthless.”

    http://www.mintpressnews.com/bitcoin-hype-spent-whats-next-2/199680/

    first they seem to forget that some - even essential parts - of bitcoin (like for example the encryption) seem to have some fundamental logical mistakes which makes it insecure an sich. So incorporating parts of bitcoin into new digital currencies that are part of the normal financial systems can introduce some grave mistakes into the normal financial system. 

    secondly the biggest advantage of Bitcoin is that it is anonymous but governments all over the world are trying to limit the anonimity of money transfers because they want to receive the right amount of due taxes. So this fundamental part of bitcoin won't ever be incorporated without a backdoor for tax and law agencies. It will also be much easier to follow digital currencies through their CHAIN if there is such a backdoor than with our present ways of paying. 

    and last but not least

    bitcoin has shown what the internet have shown in so many other industries and that is that if there is an unfair interference from businesses in a normal process it can and will be replaced by an internetbased direct system. It costs much too much to transfer money around the world - and even across accounts. But I don't see the bitcoin replace the dollar as an international currency. It will be much easier to have a 'digital dollar' with the possibilities of a digital bitcoin than a bitcoin with the financial trust of the dollar. 

    and so

    there will always be anonymous digital currencies because there is a reason for them to exist and if you use them for that reason (to give anonymously to support causes by example) whatever the value of the bitcoin at any moment. But it will never become a real investment product (except as pure speculation with the risk of losing nearly everything) because it is insecure, prosecuted by law agencies and not supported by any financial institution. 

    if you use bitcoin, use it to do something with the same value you have bought it 

  • java is the low hanging (rotten) fruit of the Google App engine

    "According to the security firm, the flaws can be exploited by attackers to achieve a complete Java VM security sandbox escape, as well as to execute an arbitrary code. The researchers estimate that the number of issues is "30+ in total."

     

    By exploiting the vulnerabilities, security researchers were able to bypass Google App Engine whitelisting of JRE Classes and gain access to full JRE (Java Runtime Environment). They discovered 22 full Java VM security sandbox escape issues and were able to exploit 17 of them successfully.

     

    Moreover, the researchers were able to execute native code, specifically to issue arbitrary library/system calls and to gain access to the files (binary/classes) comprising the JRE sandbox. They even siphoned off DWARF information from binary files, PROTOBUF definitions from Java classes and PROTOBUF definition from binary files among others.

     

    However, the researchers have been unable to finish their research because Google suspended their test Google App Engine account.

    http://thehackernews.com/2014/12/google-app-engine-hosting-security.html?

    it is a bit cloudy with heavy storms expecting in some programming and security departments while it will be icy in the managmentsdepartments of Google App Engine 

    sunshine is expected later this week when the securityresearchers and Google exchange their results and start working on solutions 

    I never liked Java because I think it is too open and too insecure and maybe I will like it when they change course the way Microsoft did one day and become more closed, better monitored and with a huge security infrastructure and a set of clear procedures and frequent updates 

  • #regin is espionageware from the NSA say those two researchers

    "Prins, the researcher whose company was hired to investigate the Belgacom hack, has no doubts. Based on Snowden documents leaked last year and the analysis that his company has done of the Regin malware, Prins said he is fully convinced that the NSA and the GCHQ are behind Regin.

     

     

    UNITEDDRAKE and STRAIGHTBIZARRE are codenames of NSA programs, according to leaked documents. While those codenames are not mentioned in the malware, Prins explained that their description in the Snowden documents matches with "the functionality of parts of the Regin framework."

     

    Kaspersky researchers, however, did find codenames of a somewhat similar style inside parts of the Regin malware.

     

    http://mashable.com/2014/11/25/regin-spy-malware-nsa-gchq/

    except if this is done to fool everybody and it is the Russians installing it to follow the mobile phones of NSA agents in the Middle East  

    it seems logical but it is not because it seems logical that in the spyworld this is the right answer - it is a normal and a fast answer but not necessarily the only possible answer 

    exceot in this case these infections at Belgacom coincide with the Snowden files that come from the intranet of the NSA - so there are two independent sources 

  • #regin was responsable for the #Belgacomhack says Foxit in this article

    "This is why the recent disclosure of Regin is so disquieting. The first public announcement of Regin was from Symantec, on November 23. The company said that its researchers had been studying it for about a year, and announced its existence because they knew of another source that was going to announce it. That source was a news site, the Intercept, which described Regin and its U.S. connections the following day. Both Kaspersky and F-Secure soon published their own findings. Both stated that they had been tracking Regin for years. All three of the antivirus companies were able to find samples of it in their files since 2008 or 2009.

     

    So why did these companies all keep Regin a secret for so long? And why did they leave us vulnerable for all this time? To get an answer, we have to disentangle two things. Near as we can tell, all the companies had added signatures for Regin to their detection database long before last month. The VirusTotal website has a signature for Regin as of 2011. Both Microsoft security and F-Secure started detecting and removing it that year as well. Symantec has protected its users against Regin since 2013, although it certainly added the VirusTotal signature in 2011.

     

    Entirely separately and seemingly independently, all of these companies decided not to publicly discuss Regin’s existence until after Symantec and the Intercept did so. Reasons given vary. Mikko Hyponnen of F-Secure said that specific customers asked him not to discuss the malware that had been found on their networks. Fox IT, which was hired to remove Regin from the Belgian phone company Belgacom’s website, didn’t say anything about what it discovered because it “didn’t want to interfere with NSA/GCHQ operations.”

     

    My guess is that none of the companies wanted to go public with an incomplete picture. Unlike criminal malware, government-grade malware can be hard to figure out. It’s much more elusive and complicated. It is constantly updated. Regin is made up of multiple modules—Fox IT called it “a full framework of a lot of species of malware”—making it even harder to figure out what’s going on. Regin has also been used sparingly, against only a select few targets, making it hard to get samples. When you make a press splash by identifying a piece of malware, you want to have the whole story. Apparently, no one felt they had that with Regin.

    http://www.technologyreview.com/view/533136/antivirus-companies-should-be-more-open-about-their-government-malware-discoveries/

    we have information that there are newer versions of Regin and that there would also be a Regin version for Linux and Unix machines - but as you should have understood from the article above - our sources are not allowed to talk nor to give us such versions 

    but fox-it said so also because it calls Regin something that is made up of modules and something that is a platform and that nobody has all the different parts 

    this is why a working group Regin would have have to be formed between the different biggest security companies 

    the sensationalistic stories from the AV companies that have come out with some information pose more questions than they give answers and should make us feel safe because they discover some files, some destinations or some functions of the virus 

    at the same time some antivirus softwares seem to be much stricter about the process of normal software and are giving in a complicated network with an enormous list of different old and diverse software big problems because they are starting to block processes and files that they didn't even look at before

    this means that the functionality of whitelists and program management is a necessary part of any securitypackage that you would install nowadays in your businesscritical environment 

  • some infected .be domains that should be cleaned (there are a lot .eu domains)

    http://barns.be/search/search_term/android/admin.php,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
    http://boatcare.be/top-quality.html,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
    http://decrolyschool.be/backup/1_1_777.exe,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
    http://ever-move.be/Info.zip?R5KCZDA0=metalproject1,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
    http://home.base.be/vt6279514/martien/bio/biopage.html,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
    http://kleinamsterdam.be/wp-admin/js/images/docss/Login.html,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                
    http://msport.be/,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
    http://preud-homme.be/agivenlike.exe,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
    http://topcongo.be/site2/logs/bmw.exe,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
    http://users.telenet.be/smart.projects/downloads/isobuster/dlls/Korean.dll,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
    http://www.saveursettraditions.be/libraries/phputf8/jj/?XSBWEU5JGF3B44VJQZR3EMF0I74X37IFJRWLVHXSJHUVICE6A5RHSGN8IEB6FLHP14BO8ILFHXISTXS5PNM93NRIE2FRODADCTN6EW6FAQ241X2GZKDD89Q862DRSJ1ELWTZHNKTZWGR30776TZW97L0SE95S4KTODV7GSVKKHQTZ18A7HHS5HCPA6YUN12LN8TRAA2P1EV9S54R4IV3W8YIO0JZEADRIEMPZ738BPW2GLULWW5PK0FPXR1G1YKA91B2LG13IET81GHTJO9Q3PSA3MCBI1N8UYVR23SBLGLRGO1F4U95HJ183VKKVFLHBBBUD4GYJV0ORAEEID5WRQ5JYHN759F6N1MALH1YCOSZX0NQS0V2WB59PHM69E57W4T5O9FC2V7OZMSGYJHJX0ZACUGI8XPLZKVBMDQ4MFGPXCTJZ8ZGTLPQUL704U6DYETWGVW83DM6PGP1W8DPLABJ9QSDT6HJTMMV7RY,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,                                                                                                                                                                                                                                                                                                                                                                                          
    http://www.toll-net.be/images/stories/14814.c,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    

    https://www.linkedin.com/groupItem?view=&item=5947476674869231619&type=member&gid=2677290&trk=eml-b2_anet_digest_weekly-hero-9-grouppost-0&midToken=AQGp6q-sNRDBFA&fromEmail=fromEmail&ut=3Pyl6mhlUgE6w1