03 September 2011

Could a Cyberwar Take Out WikiLeaks? | #cyberwar #hackers #espionage

A massive release from WikiLeaks of the entire unredacted database of U.S. diplomatic cables has brought renewed vigor to those calling for the government to take decisive cyber-action against what some have described as a terrorist organization.

"The latest release of stolen American secrets by the organization WikiLeaks once again proves that they are a terrorist operation that puts the lives of Americans and our allies at risk," U.S. Rep Candice Miller (R-Mich.) said in a statement in response to the latest leak.

Read full article: http://bit.ly/nrzeGk

SCADA system safeguards | #plc #cisp #stuxnet

SCADA systems automate the control of industrial systems, such as oil and gas pipelines, wind turbines and nuclear power plants. The Stuxnet virus raised the profile of SCADA systems by infecting the programmable logic controllers (PLC) in an Iranian nuclear power plant.

SCADA systems were developed with an isolated network assumption. The network operates with a simple Modbus communication protocol over serial lines. As a result, the simple "request – response" protocols leave these systems vulnerable since they cannot differentiate between legitimate requests from a human-machine interface or malicious requests from infected systems.

Read full article: http://bit.ly/oSkqeG

Leader of federal cybercrime panel gets 'skimmed' | #bankfraud #skimmers #ATM

ATM "skimmers" are sophisticated enough that they can even trick someone like Durkan, the chair of the Justice Department's Cybercrime Subcommittee.

"The thieves are very clever," she said. "What they've done is created devices they just slip over ATM machines, gas station machines, anywhere that takes a credit card."

Read full article: http://bit.ly/pIexgp

'Anonymous' defendants plead not guilty to PayPal hacking | #LULZSEC #AntiSec #cybercrime

Title: 'Anonymous' defendants plead not guilty to PayPal hacking
Link: http://bit.ly/pRKCZS

We didn't leak names of US agents, insists WikiLeaks | #hackers #infosec #diplomacy

WikiLeaks has sprung a "leak" that has reportedly resulted in the availability of unredacted copies of US diplomatic cables, according to German media outlets. WikiLeaks has admitted some sort of unspecified infosec problem while denying suggestions that its cache of US diplomatic cables has been exposed.

The whistle-blowing website has published carefully edited extracts of the cables in conjunction with its media partners since last autumn, creating a huge diplomatic and political fuss in the process. These extracts were carefully edited to remove sensitive data such as the names of US spies and informers.

Read full article: http://bit.ly/r2EfSF

DHS warns of planned Anonymous attacks | #hackers #AntiSec #DDoS

The U.S. Department of Homeland Security today issued a somewhat unusual bulletin warning the security community about the planned activities of hacking collective Anonymous over the next few months.

The bulletin, issued by the DHS National Cybersecurity and Communications Integration Center (NCCIC), warns financial services companies especially to be on the lookout for attempts by Anonymous to "solicit ideologically dissatisfied, sympathetic employees" to their cause.

Read full article: http://bit.ly/q4gsrF

Hackers target top cops in Texas | #anonymous #Leo #texas

A cyber attack on the email accounts of Texas police chiefs revealed the vulnerability even of the state's top cops and appears to have prompted a new investigation into a notorious hacking group.

The stealthy group known as Anonymous claimed responsibility for "Texas Takedown Thursday." The email accounts of 25 members of the Texas Police Chiefs Association were compromised and their contents posted online.


Read full article: http://bit.ly/n0ZV4m

02 September 2011

Apple Security poses as SFPD and threatens man with ICE for iPhone 5 | #apple #iphone #SFPD

Calderón said that at about 6 p.m. six people -- four men and two women -- wearing badges of some kind showed up at his door. "They said, 'Hey, Sergio, we're from the San Francisco Police Department.'" He said they asked him whether he had been at Cava 22 over the weekend (he had) and told him that they had traced a lost iPhone to his home using GPS.

At no point, he said, did any of the visitors say they were working on behalf of Apple or say they were looking for an iPhone 5 prototype.

Calderón, an American citizen who lives with multiple generations of family members, all of whom he said are staying in the U.S. legally, said one of the men also threatened his relatives about their immigration status. "One of the officers is like, 'Is everyone in this house an American citizen?' They said we were all going to get into trouble.'"


--
Read full article here: SF Weekly

View complete blog here: CYBERWAR_NEWS

Read CYBERWAR NEWS MORNING REPORT for daily news updates



Did Apple Security pose as SFPD to search home for missing iPhone prototype? | #SFPD #Apple #iPhone

A Bernal Heights man says that six officials claiming to be San Francisco Police officers questioned him and searched his family's home in July for a lost iPhone 5 prototype they asserted had been traced to the residence using GPS technology.

The man's statements to SF Weekly in an exclusive interview add significant new twists to the unfolding story of the unreleased iPhone 5 that was reportedly lost at a San Francisco bar this summer.

--
Read full article here: SF WEEKLY

View complete blog here: CYBERWAR_NEWS

Read CYBERWAR NEWS MORNING REPORT for daily news updates



TripAdvisor's Fake Reviews Sickness Goes Critical | #srrp #yelp #seo

TripAdvisor, the leading online travel reviews site in the world, is now under investigation by the UK's Advertising Standards Authority (ASA) over concerns reviews from travelers may be illegitimate. A formal investigation has reportedly been launched on the heels of complaints TripAdvisor's reviews problems have reached monumental levels.

Some 45 million visitors rely on TripAdvisor each month for travel information, reliable reviews of venues for travelers, not to mention those businesses that rely upon TripAdvisor for what can be a veritable gold mine of bookings. For some time the website has been questioned as to the validity and origins of many of their 50 + million user reviews. Most agree there is too much room for tampering with the reviews by hotel and other business owners who might create false identities and pump up their own review stats. According to Kevin May over at Tnooz, this current investigation came about because of complaints by Kwikchex, a reputation management consultancy.

Read full article: http://bit.ly/nrn2Xw

Has LulzSec hacker Kayla aka @lolspoon been arrested? | #anonymouSabu #antisec

Two men were arrested yesterday by the Metropolitan Police Service's Central e-Crime Unit in connection with cyber attacks executed by hacktivist groups Anonymous and LulzSec.

Aged 20 and 26, the two men were picked up at separated addresses in Mexborough, Doncaster, South Yorkshire and Warminster, Wiltshire, and have been detained. The house at the Doncaster address has additionally been searched for evidence and the police has sized the found computer equipment in order to perform forensic examination on it.

According to the statement issued by the police, these arrests may have been an attempt to hunt down the LulzSec member that goes under the handle Kayla.


--
Read full article here: HELP NET SECURITY

View complete blog here: CYBERWAR_NEWS

Read CYBERWAR NEWS MORNING REPORT for daily news updates



01 September 2011

Conference addresses the legal issues of "active defense" during cyberattack | #cyberwar #hackers #APT

The rise in cyber attacks continue to increase in frequency and sophistication. Attacking the source of the cyber attacks is illegal, but in instances where the source is known and there is no collateral damage it may be occurring under the guise of active-defence.

Due to the rumoured use of active-defence, this issues is one of the core elements to be discussed at the 2nd National Cyber Warfare Conference on 14/15 September 2011 in Canberra. A roundtable at the conference will examine:

Read full article: http://bit.ly/oW5lXk

N.Korea Steps Up Hacker Attacks on S.Korean Firms | #cyberwar #infosec #hackers

North Korea attempts up to 250 million indiscriminate cyber attacks on government agencies and private corporations in South Korea per day, said an official with the National Cyber Security Center under the National Intelligence Service last Thursday.

"In the past, the North focused its cyber terrorist attacks on major government agencies, but it has recently been expanding attacks on the civilian sector, including finance, aviation, transportation, and electric power," the official added.

Read full article: http://bit.ly/qJsPsx

Expert says UK cyber-spooks are too preoccupied with launching attacks | #cyberwar #infosec #apt

Cambridge professor says only 10 per cent of UK's cyber security war chest is devoted to defence

A security expert has claimed that the UK is devoting most of its cyber crime fighting efforts to cyber attack, leaving limited resources for defence.

Speaking exclusively to ComputingRoss Anderson, professor of security engineering at the Cambridge University computer laboratory, stated that 90 per cent of the government's recent funding injection into cyber security was going to the UK's offensive capability.

Read full: http://bit.ly/nX0ObL

Feuding agencies agree to disagree on cybersecurity | #DHS #NSA #cyberwar

Since the Sept. 11, 2001, terrorist attacks, years of bureaucratic battles among federal agencies over primacy in cybersecurity — mostly between the Department of Homeland Security and the National Security Agency — seem to have settled into a working, if not always perfect, relationship. But it may be that an imperfect system is the best we can hope for, given the nature of the Internet.

Read full article: http://bit.ly/px466H

Hackers Break Into Linux Source Code Site | #kernel #fedora #infosec

As Linux fans know, there are two kinds of hackers: the good guys who develop free software, such as the Linux kernel, and the bad guys who break into computers.

The bad guys paid the good guys an unwelcome visit earlier this month, breaking into the Kernel.org website that is home to the Linux project. They gained root access to a server known as Hera and ultimately compromised "a number of servers in the kernel.org infrastructure," according to a note on the kernel.org website Wednesday.

Read full article: http://bit.ly/nSHtsC

Hackers hit Hollywood | #Wikileaks #anonymous #infosec

A new hacker gang is in town, and it's not after government secrets. Instead, it's going after movie scripts, Twitter accounts, and juicy secrets in the entertainment industry.

The group "Hollywood Leaks" has been breaking into entertainment industry insiders' email accounts for the last few weeks and disclosing their findings, news blog Gawker reported.

Read full article: http://bit.ly/pFgg6w

31 August 2011

Rule stiffens penalties for hackers | #china .#cyberwar #apt

Starting on Thursday, hackers who broke into 20 or more computers will face jail terms of up to seven years, according to a new judicial interpretation issued jointly by the China's Supreme People's Court and Supreme People's Procuratorate.

People who hack from 20 to 100 computers, or steal from 10 to 50 user names and passwords for online-payment or stock accounts, will get at least three years in prison. And those who hack even more computers or steal more passwords will face jail terms of up to seven years.

Read full article: http://bit.ly/mVfvw2

IT Security Pros Worry About APTs, but Can't Change User Behavior | #itsecurity #infosec

While security professionals are worried about targeted attacks against their company, IT professionals are not putting enough safeguards in place to defend against them, according to a new report. In many businesses, employees are allowed to indulge in risky IT security behavior even through it leads to data breaches from the outside.

About 60 percent of IT and security professionals in the United States, Canada and Europe claimed their main concern was being hit by an advanced persistent threat (APT), according to the Bit9 Endpoint Security Survey, released Aug. 30. Insider threats, such as an employee posting sensitive information to external sites such as WikiLeaks, were the second most important, at 28 percent.

Read full article: http://bit.ly/rtT6bp

Beijing curbs online dissent by menacing social network's owner | #weibo #socialmedia #communism

In a country where Twitter and Facebook are banned, the microblogging website of choice for 200 million Chinese is Weibo, but tightening restrictions on dissent mean that this platform too is on the wrong side of the vast system of control known as "The Great Firewall of China".

Fearful of the spread of Middle East-style protests against authoritarian rule, and of any destabilising influences ahead of a change of leadership next year, Beijing has been asserting itself among online outlets.

Read full article: http://bit.ly/qWmktI

McAfee Defends Its Position on Operation Shady RAT | #infosec #antivirus #cyberwar

Earlier this month, tech security firm McAfee issued a report, in which it revealed an attack that has been compromising organizations since 2006. The report is called Operation Shady RAT and is said to have infected at least 72 organizations across 14 different countries.

What's more is that the victims have been government agencies, defense contractors, and organizations such as the International Olympics Committee. From the report, it appears that the attacker, which McAfee calls a "nation state actor," was going after information regarding diplomatic, economic, and military issues such as valuable intellectual property or trade secrets.

Read full article: http://bit.ly/oYqh6o

McAfee Blew Shady RAT Analysis, Kaspersky Says | #antivirus #infosec #cyberwar

A war of words has emerged over McAfee's Shady RAT report, which traced the use of a set of remote access tools to a series of online attacks.

Eugene Kaspersky, CEO of Kaspersky Lab, alleged Thursday that McAfee--and in particular, Dmitri Alperovitch, McAfee's threat research VP and author of the report--purposefully mischaracterized the seriousness of the threat he found.

"We conducted detailed analysis of the Shady RAT botnet and its related malware, and can conclude that the reality of the matter (especially the technical specifics) differs greatly from the conclusions made by Mr. Alperovitch," said Kaspersky, in hisblog post, titled "Shoddy RAT."

Read full article: http://bit.ly/pW5C9H

Police demand media's UK riot footage | #media #london #freepress

BRITISH newspapers and broadcasters have come under pressure from the London Metropolitan Police to hand over all videos and pictures related to the London riots last month.

ITN, which produces ITV News and Channel 4 News, The GuardianThe Times and also the BBC are among the media organisations resisting efforts by Scotland Yard to obtain footage filmed during the riots that ''could show crime in action''.

Read full article: http://bit.ly/ouKviA

iPhone 5 prototype lost at Mexican bar and then sold on Craigslist for $200 | #apple #stevejobs

I'm starting to wonder about these guys in Palo Alto - CW_N

Whoops, it happened again.

CNET is reporting that Apple has lost another iPhone prototype, just like it did with the iPhone 4 last year.

We're not entirely confident in the story, as a lot of the information seems to come from a source with no affiliation to Apple or the police department that's supposedly investigating the matter.


Read more: Business Insider



View complete blog here: CYBERWAR_NEWS

Read CYBERWAR NEWS MORNING REPORT for daily news updates



BART protests fizzle after swift police action outside stations | #SFBART #OpBART #transit

One of the protesters who was arrested spoke to the crowd with a megaphone before crossing into the paid area of the station, announcing that BART administration, and not protesters, were responsible for the previous weeks' station shut downs.

The protesters had gathered surrounding the fare gates, which BART has said is a free-speech zone. The demonstrator addressing the crowd used a ticket to pass through the gates, and told the crowd he was about to "test" that principle.

Read full article: http://bit.ly/ojcKSF

BART battles hackers, both sides lose | #OpBart #transit #SFBart


Sparks have been flying here in Cringeville of late. It must be all those inflammatory topics I've been tackling.

But judging by the flames shooting out of my inbox, my post about the battle between hackers and the Bay Area Rapid Transit systemgenerated the most heat.

Read full article: http://bit.ly/pPPK5l

DEA says it has taken out Utah cell of Mexican drug cartel | #drugwar #Sinaloa #CBP

Federal drug agents say they have "decimated" a Utah-based cell of one of the world's most powerful drug cartels.

With the arrest Tuesday of seven suspects — including some bosses — an outlet of the Sinaloa cartel is "out of business," said Frank Smith, assistant special agent in charge of the Drug Enforcement Administration Utah operations.


Read full article: http://bit.ly/ngbGAG

Not Even a Hurricane Is as Bad as an EMP Attack | #Irene #nuke #solarflare

Hurricane Irene hit the East Coast and left more than 6 million homes and businesses without power. Transportation services were disrupted as a result of the hurricane. More than a million people got an idea of what it would be like if the United States were attacked by an electromagnetic pulse (EMP) weapon. An EMP would cause current and voltage surges and burn out the semi-conductor chips of all electronic devices within the line of sight. An EMP is a high-intensity burst of electromagnetic energy caused by the rapid acceleration of charged particles caused by nuclear weapons, non-nuclear weapons (radio-frequency weapons), or geomagnetic storms (often called space weather).

Read full article: http://bit.ly/or3WXX

Security tester uses Google for DDoS | #hackers #cyberwar #infosec

On the IHTeam Security Blog, Simone Quatrini, also known as R00T.ATI, demonstrates how users can make Google's servers act as a proxy to fetch content on their behalf. Quatrini has written a shell script that will repeatedly prompt Google's servers to make requests to a site of the attacker's choice, effectively using Google's bandwidth rather than their own.

Read full article: http://bit.ly/ngqJlr

DDoS Attack Sends Wikileaks.org Website Down | #hackers #amazon #infosec

Ironically, many DDoS attacks have been carried out in the name of Wikileaks since the site began gradually leaking 250,000 classified government documents last year. Attacks on PayPal, MasterCard and Visa (to name a few) saw the websites crashed in all cases, the only company to survive an attack from hackers was bullet proof Amazon.com.


Read full article: http://bit.ly/rt1VI6

NSF Funds Search for New Computer Virus Defense | #malware #crimeware #hackers

The battle against computer viruses is nothing less than an arms race, according to UT Dallas computer scientist Kevin Hamlen, but he may have hit on a decisive advantage: What if you could identify the enemy not just by analyzing its appearance but by anticipating its actions?

That's the idea behind a five-year, $500,000 project funded by a Faculty Early Career Development Award from the National Science Foundation.

Results from the research will lead to powerful new strategies, concepts and practical tools that give defenders a significant new advantage in the virus-antivirus arms race," he said.

Read full article: http://bit.ly/nevFWk

Nations With Low Malware Rates Have Better ISPs | #infosec #hackers #CERT

Countries with good national security teams (CERTs) and diligent ISPs show consistently lower rates of malware infection than those states that adopt a less paternalistic approach to security, a new analysis byMicrosoft researchers has suggested.

According to statistics drawn from the company's widely-used Malicious Software Removal Tool (MSRT), the countries which have shown notably lowerinfection rates of malware are Austria, Finland, Germany, and Japan.

Read full article: http://bit.ly/nAa27J

Android Devices Exposed: 7 Ways to Thwart Hackers | #Samsung #malware #google


Take a deep breath. There's a new report out highlighting a huge spike in threats against Google's Android platform. Yes, it's something to be concerned about. But don't freak out or return your cool new Samsung Galaxy Tab.

Mobile threats are rising, but actual attacks against smartphones and tablets are still a tiny fraction of the number of new threats that target your PC, and to a lesser extent, your Mac. And remember the law of big and little numbers. When a number is small, it doesn't take a huge addition to pack a big percentage change.

Read full article: http://bit.ly/r2tbD4

30 August 2011

Anonymous and LulzSec case: police fly to US to gather hacking evidence | #Topiary #AntiSec #FBI

British police officers have flown to the US to gather evidence of computer hacking that could be used in the prosecution of two UK teenagers suspected of carrying out online attacks on behalf of Anonymous and LulzSec.
Jake Davis, 18, from the Shetland Islands, and Ryan Cleary, 19, from Wickford, in Essex, will appear in January before Southwark crown court in London charged with attacks on websites including the Serious Organised Crime Agency (Soca).
Read full article: http://bit.ly/rnl36e

Did LulzSec exposes alleged child porn traders? | #anonymousabu #hackers

There appears to be some discrepancy in our earlier post regarding LulzSec and exposing a child porn site.  An early article seemed to indicate that AnonymouSabu and the remnants of LulzSec seem to be taking a turn for the good as they allegedly exposed and took control of a child porn trader website http://bit.ly/pfoPaR

However, recent claims by Justice Duck (Twitter: @_Golden_Rule_) seem to indicate that this may have been a fraud perpetrated by some LulzSec copy cats.  Justice Duck posted his investigation here.

Justice Duck seems to think that this hack was perpetrated by some LulzSec copy cats, possibly to give Sabu and the other yet-to-be-arrested LulzSec alum some good PR.  I personally do agree with the copy cat theory but I don't think Sabu was really involved it this nor do I believe that this action is going to counterbalance the months and millions of dollars of damage caused by LulzSec.  Would love to hear my readers opinion on this issue What do you think?


DFAS Cybersecurity Survey Results | #Military #DoD #infosec

In July, CTOvision.com created and distributed a survey on the new proposed Defense Federal Acquisition Regulation Supplement (DFARS) to safeguard unclassified Department of Defense information on contractor networks. After receiving responses from government, industry, and academia, we've summarized feelings and expectations towards the policy below. Of the respondents, 73% said that they were familiar with DFARS, so we believe we hit a good community with our survey. Additionally, about a third of the respondents reported that they were security executives, and another third said they were practitioners. It is good having inputs from both those groupings. A quarter of respondends were in government and three fourths came from industry and academia.

Read full article: http://bit.ly/oX1dwh

The Apache Web Server's Not-So-Secret Weakness | #hackers #infosec #security

If you thought the hacks by Anonymous and AntiSec were bad, boy, are you in for a revelation.

This past week brings news that the Apache Web server -- the one that powers the majority of the Internet and most websites -- has a vulnerability that can be exploited with relatively little effort.

The Apache Software Foundation has been working on a fix and has, in the meantime, put out some mitigations that it admits are just stop-gap measures.


Read full article: http://bit.ly/qAao4W

A flash mob law for Maryland? | #socialmedia #flashmob #twitter

Montgomery County officials concerned about flash mob robberies, not content tosimply denounce such behavior, like some local leaders, are reportedly seeking to enact new laws which would specifically punish such criminal activity. Reports the Washington Times:

Montgomery County Council member Craig Rice said lawmakers are in discussion with the state delegation on the possibility of introducing legislation in next year's General Assembly session to specifically address crimes committed as part of a mob. [...] "I think that the message is clear: You've got a community that's come together and is saying that we no longer are going to tolerate things like this happening," Mr. Rice said Friday, as police announced charges against many of the youths involved. "We have to make a stand and show that our community, the Germantown community, is a growing community that is safe."

Read full article: http://bit.ly/qdj5jE

The evolution of flash mobs from pranks to crime and revolution | #OpBART #SFBART #hactivist

CW_N note: Not sure the BART protesters would call themselves a "flash mob".  Interesting article about the subject nonetheless.

They had instructions to carry masks, wear black and converge en masse to foment chaos at specific times and places. They were divided into green, yellow and red risk categories. They were compartmentalized into cells to avoid compromising the secret master plan.
They weren't terrorists, but a so-called flash mob that BART spokesman Linton Johnson said was hell-bent on disrupting train service on Aug. 11.
Such flash mobs — seemingly spontaneous gatherings of people organized by mobile phones and social networks — can range from cute forums for creative expression to a powerful tool in the anarchist playbook. From the protests of BART and the so-called Arab Spring to recent U.S. flash mob robberies and the organized looting in London, 2011 is shaping up as the year of the flash mob.


Read full article: http://bit.ly/qhGg0X

FAKEAV Distribution - Increasing Due to New Linking Unit | #crimeware #russia #antivirus

Affiliate.gifIt is expected that soon the distribution of FAKEAV (fake antivirus software) will grow rapidly due to new connection made to cooperative payment processors.

The spread of fake antivirus programs has been going down, because of the pressure exerted on the payment processors. Without such processors to perform the credit card transactions for cyber criminals, FAKEAV becomes non-profitable for their creators. Researchers think that with the innovations rolled out, the FAKEAV business will flourish.

Read full article: http://bit.ly/pe50NS

Gaddafi Could Seek Refuge in Croatia or Serbia? Not Likely |#NTC #NATO #Libya

Unless captured by the rebels and tried or even killed before the trial, among the handful of countries in which Libyan leader Colonel Muammar Gaddafi could seek political asylum are two former Yugoslav republics, namely Croatia and Serbia – at least according to Libyan rebel representatives.

Over the weekend, Libyan National Transition Council (NTC) member Fatima Mahmoud said that Gaddafi could seek asylum in Chad, Algeria, Burkina Faso, Nicaragua, Venezuela, Croatia or Serbia.

This suggestion by the Libyan rebels is rather uninformed. Firstly, all the countries of the former Yugoslavia have recognized the NTC as the legitimate representative of the Libyan people. Secondly, neither Gaddafi nor his associates could seek refuge in Serbia or Croatia as the process of granting them asylum would mean directly opposing both the US and the EU, which neither country is willing to do; neither could afford this politically or economically.

Read full article here: ISA INTEL

View complete blog here: CYBERWAR_NEWS

Read CYBERWAR NEWS MORNING REPORT for daily news updates



Libyan rebels mass for assault on Sirte | #arabspring #ghadafi #TNC

Libyan fighters have been massing outside of Muammar Gaddafi's hometown of Sirte, preparing for an assault against Gaddafi loyalists if negotiations with tribal elders fail to peacefully transfer control of the town over to the new rebel government.

Rebel fighters were organising units advance towards Sirte from both Ras Lanuf and Bin Jawad in the east and from Tripoli and Misrata to the west.

"We will move further, but we will not enter Sirte now because it is not secured so far - there are ongoing
negotiations between tribe elders in Sirte and rebel leaders and we are receiving orders from our field
commanders and we are waiting for their commands," rebel fighter Taleb al-Karaty told the Reuters news agency.

Read full article: http://bit.ly/n1vBmB

Fake Facebook Page Targets Pro-Revolution Syrian Users | #Syria #hackers #SEA

The Information Warfare Monitor (IWM) has uncovered an attempt to use a fake URL and login page to lure Facebook users into providing their login credentials. Given the nature of the content being linked to, this appears to be an attempt to target pro-revolution Syrian Facebook users. The link (hxxp://facebook.com-video-php-v222423423.homsrev.webgoof.com/video/video.php) attempts to mimic the URL and login page of Facebook, as seen in Figure 1. It has been distributed through multiple Syrian Twitter accounts, which describe the content as a "fascinating video clip showing an attack on Syrian regime". The use of Twitter accounts to distribute malicious links is a common tactic and has been documented by past Information Warfare Monitor research.

Read full article: http://bit.ly/o8tdy3

Anonymous Compares BART Protests to Libyan Uprising | #OpBART #SFBART #protest

SF Weekly chats with an Anonymous activist who -- for obvious reasons -- wanted to remain anonymous. But name or no name, this person gave us some insight as to why the organization released risque photos of BART spokesman Linton Johnson and what commuters can expect in the future. 

Here's what they had to say in a brief electronic chat with SF Weekly

Read full blog: http://bit.ly/mR2Vry

Червь Koobface распространяется через торренты | #хакеров #мошенническое #Facebook

Исследователи в области информационной безопасности обнаружили новую версию червя Koobface, которая для своего распространения использует торренты. Старая версия этого червя распространялась через сайты социальных сетей.

Koobface, появившийся в 2008 году, на сегодня остаётся одним из самых старых и успешных активных компьютерных червей. Изначально червь распространялся по социальным сетям MySpace и Facebook, но впоследствии перешёл и на другие.


Читать всю статью: http://bit.ly/qz6Z3V

From the Makers of “Gaddafi is Killing His Own People” Doha Studio Presents | #psyops #Libya #arabspring

"...The blood of the Americans is flowing like rivers through the streets of Bagdad!" - Bagdad Bob during the Iraq invasion.

Surpassing previous mass media fabrications, both in scale and boldness, yesterday morning's Al Jazeera mise-en-scène will surely go down in history as one of the most cynical hoaxes committed by corporate media since the manipulated pictures of Iraqis topplying Saddam Hussein's statue after the US invasion in 2003.

On the morning of August 22nd 2011, Al Jazeera aired a 'live' report from Green Square in Tripoli,which claimed to show the capture of the Libyan capital by rebel forces. Scenes of jubilation and euphoria enveloped Al Jazeera's reporter Zeina Khodr as she declared: " Liya is in the hands of the opposition"

Read full post: http://bit.ly/qMAP2N

29 August 2011

Facebook pays out $40K to hackers over three weeks | #whitehat #socialmedia #security

 Three weeks afterlaunching a bug bounty program that pays Web hackers cash for finding flaws with its website, Facebook said it has paid out more than $40,000 in rewards.

Read full article: http://bit.ly/orKNco

The 13 Psy-Ops Against You | #infowar #cyberwar #DoD

Six months ago, Rolling Stone's Michael Hastings reported that the "U.S. Army illegally ordered a team of soldiers specializing in "psychological operations" to manipulate visiting American senators into providing more troops and funding for the war," in his article "Another Runaway General: Army Deploys Psy-Ops on U.S. Senators."

The reality that psychological operations play a big part in our 21st century, media-saturated society is rarely discussed in the print and television media, for obvious reasons. So I was very happy that Rolling Stones was shedding some light on the mental battlefield that politicians, soldiers, journalists, military generals, geopolitical analysts, think tank elitists, and citizens all live on in this century.

Read full article: http://bit.ly/qE00bd

Masked Protesters Aid Time Warner's Bottom Line | #guyfawkes #anonymous #hackers

Interesting story on how much money Time Warner makes selling the Guy
Fawkes mask.

Read full article: http://bit.ly/pgG7QK

Wireless Penetration Testing: Not Just For Hackers | #infosec #wifi #security


Read full article: http://bit.ly/qLHP7B

Skolkovo in the USA | #cybersecurity #itconsulting #Russia

The Skolkovo research center is taking a selection of its top IT companies to the United States in a road show it hopes will bring a fresh wave of investment to the Russian hi-tech sector.

The eight companies chosen to take part on the trip will be paraded at Silicon Valley in late September to early October in the hope of securing some much needed capital for Russia's poorly-funded IT industry.

Read full article: http://bit.ly/oGWHfD

On cyberwarfare, do we need PLA transparency or accountability? | #hackers #APT #shadyrat

With exquisite timing, the Pentagon released its annual China military report on Wednesday just as Chinese state television broadcast a documentary trumpeting the PLA's cyberwarfare capabilities. For those following security issues in Asia, there was nothing particularly new in the Pentagon report. It noted the challenges posed by China's new doctrine of maritime power projection, plans for multiple aircraft carriers, the new J-20 stealth fighter, and PLA interest in cyberwarfare (exclamation point helpfully provided by CCTV). Nor was there any real news in the delay of the report, which is also an annual event because of the tedious but necessary bureaucratic process of ensuring the contents are credibly presented.

Read full article: http://bit.ly/pyHW3R

China says to get tougher in fight against hacking | #cyberwar #infosec #apt

BEIJING (Reuters) - China's Supreme Court and prosecutors office will step up the fight against computer hacking by toughening penalties for those caught doing it, state media said on Monday.

Under rules coming into effect from September 1, people who "knowingly purchase, sell or cover-up illegally obtained data or network control will be subject to criminal penalties," the official Xinhua news agency cited a statement as saying.

Read full article: http://bit.ly/o1QK6C

Hackers used 'Job offer' email to breach RSA's security | #APT #hackers #china

'Very sophisticated attack', as RSA had called the March hack attack, turned out to be a targeted email to EMC employees, says computer security firm

Hackers working for a "nation state" used a targeted 'job offer' email to EMC employees to breach the security of RSA to steal military secrets from US arms supplier Lockheed-Martin, according to F-Secure.

Read full article: http://bit.ly/oaAE8h

Cybersecurity: How can I steal from Thee? Let me count the ways. | #hackers #infosec #cybercrime

I have been thinking a lot about the security challenges related to the Internet lately. Partly this is because I was at the same workshop on cybersecurity that David Ignatius summarized in a recent column. And partly it is because I keep reading stories like this one in Vanity Fair or thisWashington Times piece or this one in the LA Times, which highlight how new technologies might be putting our national wealth and perhaps security at risk.

A common thread in recent reports is the credible allegation that China is engaged in a systematic effort to use cyberwar techniques to steal massive quantities of information -- military and foreign policy secrets, valuable intellectual property, and other information of special value to the regime -- and that collectively this theft constitutes a national security threat of the first order.

Read full article: http://bit.ly/rgtjZy