Topic: SECURITY - on March 31, 2008 at 10:29:00 AM CEST
The Curious Case of Dmitry Golubov
Earlier this month, Security Fix took a look at Dmitry Ivanovich Golubov, a Ukrainian politician once considered by U.S. law enforcement to be a top cybercrime boss.
Golubov took rather strong exception to the way he was characterized in that post, denying involvement in any type of cybercrime activity. The problem, Golubov claimed, is that the FBI confused him with someone else.
According to Golubov, he was the victim of identity theft. Someone gained access to his passport, scanned it and posted it online along with a note confessing his involvement in a multinational credit card theft ring. According to Golubov, the note read:
"I Dmitry Golubov, leading hacker, I hack banks, but I have nothing to fear because the police with me at the same time, and in order for you to believe me that I am not afraid I show you my passport, as well as my home address and home phone."
... Link (0 comments) ... Comment
Topic: SECURITY - on March 24, 2008 at 9:54:00 AM CET
SecurityCompass Exploit-Me - Firefox Web Application Testing Tools
Exploit-Me is a suite of Firefox web application security testing tools. Exploit-Me tools are designed to be lightweight and easy to use. Instead of using a proxy like many web application testing tools, Exploit-Me integrates directly with Firefox. It currently consists of two tools, one for XSS and one for SQL Injection.
... Link (0 comments) ... Comment
Topic: SECURITY - on March 16, 2008 at 2:26:00 PM CET
Wikileaks Publishes FBI VoIP Surveillance Docs
The folks on wikileaks have published a new interesting and shocking report: FBI Electronic Surveillance Needs for Carrier-Grade Voice over Packet (CGVoP) Service. The 88 paged document, which is part of the CALEA Implementation Plan was published in January 2003 and describes in detail all needs for surveillance of phone calls made via data services like the internet. Wikileaks has not published any analysis yet, so maybe some of the techies hanging around this end of the internet are interested in taking that one on.
... Link (0 comments) ... Comment
Topic: SECURITY - on February 28, 2008 at 9:55:00 AM CET
British ISPs Hand Over Your Surfing Data To (Former?) Spyware Firm
Earlier this month, we noted that three large UK ISPs had agreed to a questionable deal with a startup named "Phorm." The ISPs would share all of your surfing data with Phorm who would then target advertisements to you based on your surfing patterns. We raised some privacy concerns, and noted that Phorm's claims that it would anonymize the data were laughable, since every "anonymized" data set seems to get quickly de-anonymized. In the comments to that post, one commenter noted that the story was even worse, as Phorm was merely the reincarnation of a spyware firm that had made a rather infamous rootkit.
... Link (0 comments) ... Comment
Topic: SECURITY - on February 23, 2008 at 11:03:00 AM CET
EU wants RFID tags turned off
RFID tags used in retail products will have to be deactivated at the point of sale to protect consumers’ privacy under draft guidelines drawn up by the European Commission (EC).
A public consultation has been launched that will run until 25 April 2008. The EC hopes its recommendations will be adopted by all 27 member states by the summer.
... Link (0 comments) ... Comment
Topic: SECURITY - on February 23, 2008 at 10:28:00 AM CET
cDc automates Google Hacking
Infamous hacking group the Cult of the Dead Cow (cDc) has published a tool that searches for vulnerabilities and private data using carefully-selected Google search queries.
The process of so-called Google hacking is already well known, largely due to the efforts of Johnny "I Hack Stuff" Long, whose presentation on the subject have become a fixture of conferences such as Black Hat. cDc's Goolag Scan allows unskilled hackers or the simply curious to use the same techniques.
... Link (0 comments) ... Comment
Topic: SECURITY - on December 22, 2007 at 8:28:00 PM CET
Ad hijacking Trojan targets Google
The Qhost-WU modifies an infected computer's hosts file, thereby poisoning systems with bogus DNS lookup records. The hosts file matches domain names of websites with corresponding IP addresses. By corrupting the file hackers can redirect surfers to domains controlled by hackers even when users visit a trusted location.
... Link (0 comments) ... Comment
Topic: SECURITY - on December 11, 2007 at 12:45:00 PM CET
Chinese Theft o' the Day: U.S. Weapons Lab Hack
A cyber attack reported last week by one of the federal government’s nuclear weapons laboratories may have originated in China, according to a confidential memorandum distributed Wednesday to public and private security officials by the Department of Homeland Security.
... Link (0 comments) ... Comment
Topic: SECURITY - on December 11, 2007 at 12:28:00 PM CET
Using The Onion Router network
The Onion Router is a great online network that allows you to browse anonymously. By sending your TCP/IP packets through an encrypted network, it ensures that the destination of those packets has no idea who the original sender was. It also makes it difficult to do traffic analysis on your outgoing connection to see what you’re up to - all in all, a great first step on the way to complete online anonymity, for those of you concerned about your privacy.
... Link (0 comments) ... Comment
Topic: SECURITY - on December 5, 2007 at 12:29:00 PM CET
Blind Hacker Says He's No Friend of Convicted SWATters
The FBI is circling around a blind 17-year-old phone hacker in Boston suspected of being the brains behind a gang of phone phreaks who sent police SWAT teams bursting into the homes of party line foes.
... Link (0 comments) ... Comment
Topic: SECURITY - on November 30, 2007 at 1:47:00 PM CET
DHS building handheld lobster spy-beam scanners
The world-famous US Department of Homeland Security (DHS) is working on astounding handheld lobster technology which could let operatives "see through walls, wood, concrete, earth, and steel". Just like lobsters can. (Hold on ...)
An article in the latest DHS Science & Technology Snapshots newsletter entitled "Eye of the Lobster" unveils the new kit, which resembles a handycam with a pistol grip and bulging orange lens on the front.
... Link (0 comments) ... Comment
Topic: SECURITY - on November 24, 2007 at 2:09:00 PM CET
Expert Unveils 'Scary' VoIP Hack
Kurtz'sKompund passed us a link to a Techworld article on a frightening new vulnerability for VoIP. The UK's Peter Cox has put together a proof-of-concept software package to illustrate the flaw, a program he's calling SIPtap.
... Link (0 comments) ... Comment
