So the latest news with the Gary McKinnon case that was he was trying to fight against Extradition, he started off with Appeals against US Extradition, then he Won The Right to Lords Appeal Extradition Hearing and then he lost the Lords case then went for the European Court.
Sadly it seems he lost his appeal [...]
Another one bites the dust, this time for spying on a teenage girl via webcam. 4 years is a reasonable sentence this time I think as the case borders on many offenses such as blackmail, indecent behaviour, infringement of privacy, unlawful access and probably a few more.
It was a pretty simple hack as it goes, [...]
We reported on this case back in September 2007, the largest US data breach in history so far (45 million customer records!).
It seems like finally the people behind it have been busted, 11 people have been charged by US authorities.
The US authorities have charged 11 people in connection with the theft of credit-card details in [...]
For some of the long time readers, you might remember we’ve been covering the case of the UK Hacker Gary McKinnon for quite some time. The last post was about a year ago though in August 2007 when he Won Right to Lords Appeal Extradition Hearing.
The first post on the case was over 2 years [...]
In the story we recently covered where Terry Childs had locked San Fransisco officials out of their own network, there is a new development.
He’s handed over the passcode to the Mayor, Gavin Newsom. It seems he came to his senses and he also seems to have VERY little faith in the IT administration for the [...]
Another disgruntled IT worked causing mayhem, remember the guy that destroyed all the medical records?
He got a pretty hefty sentence, now we have another who has locked everyone out of the new ’state of the art’ computer network in San Fransisco - he’s on a $5 million dollar bail so I’d say he’s in big [...]
Now this is an interesting privacy related case to think about over the weekend, Google has to reveal viewing details for Youtube to Viacom.
Anyone who has EVER watched a Youtube video, that’s pretty extreme. Luckily most people are using dynamic IP addresses, so it shouldn’t be too much of a concern.
Unless of course they decide [...]
Another one bites the dust with another reasonably hefty sentence, this time a botherder or botnet master.
Just under 4 years and a big chunk of change as a fine, I guess he probably has plenty of cash stashed somewhere though. These guys can really rake it in with their mass infectors of doom.
A US-based hacker [...]
It just goes to show, however smart you think you are…don’t bother trying to wreck someones data. In this case, even if the guy was pissed it was highly responsible as it involved medical records and could actually seriously effect someones life.
He was pretty careful but left a few clues behind, more than enough for [...]
Looks like India has them moving into the hacking scene young, it’ll happen anywhere with decent network infrastructure and disparate levels of economy. Look at Eastern Europe and China as other examples, India though due to it’s outsourcing culture and plentiful legitimate jobs in the IT industry doesn’t seem to suffer so many problems with [...]
If not the magic camera in the sky might think you are a terrorist and a squad of crack F16s might be dispatched to blow up your plane..
Don’t go to the toilet too often too, or walk around too much…or do anything really. Better just sit in your seat with a blank expression on your [...]
Ah TJX in the news again….after previously having the Largest Breach of Customer Data in U.S. History, now they are screwing people over that try to help them and their seemingly ridiculous information security policies.
Hello blank passwords? Sounds crazy but I believe it happens, at more places than just TJX. It’s sad that someone who [...]
Oh dear, UK going backwards again. A bad case of Big Brother syndrome and once again under the blanket excuse of efforts against terrorism.
Please! That’s so old and tired now, do governments seriously think they can keep infringing people’s privacy and rights under the same old guise? Strike terror into the public by continually telling [...]
Another big heist in the US netting a whole lot of juicy information on credit and debit cards, over half a million USD lost in this case alone. There’s a whole lot of fraud going on..
Not bad for fiddling with the cash register system of a restaurant chain. It just shows, anyone dealing with finanical [...]
A while back we reported how US customs owns your data, now it’s getting even worse. 10 days ago the US appeals court gave them rights to COPY all your data without notice even if there are no suspicions.
Anyone want to talk about dilution of intellectual property? Privacy? Or just basic human rights..
In a letter [...]
It seems like Russia wants to keep a tight reign on things, anything with Wifi capability must be licenses! That includes your phone…imagine having to apply for a permit to have a wireless AP at home?
Rather ridiculous no?
Business travellers to Russia might want to keep their laptops and iPhones well-concealed - not from muggers, necessarily, [...]
It seems like Microsoft are starting to get serious about security, in a very progressive move they have said they are ok with ethical hackers finding security flaws in their online services.
It’s been fairly ok so far to hack away at software installed on your own hardware, but hitting remotely hosted applications has been a [...]
It seems like most countries are getting more serious about the illegal downloading and the protection of intellectual property, after the UK recently proposed disconnecting ‘pirates’ from the Internet - Australia is now considering following suit.
I guess this is just the start, laws will become more heavy handed and draconian as most of it is [...]
Hacking for money again? Well not really in this case, more like script kiddying for money - modifying an ‘off the shelf’ malware/bot package to evade detection and then cashing in on spamware affiliate fees.
I guess they could have made much with a 400,000 bot network - by renting it out for DDoS attacks to [...]
Ah I think it’s time for controversy on a Tuesday, what do you think about this case where a hacker got some info on a company about it’s soon to be plummeting share prices by breaking into their computer. By investing $41,000 in stock potion trading on the shares that were about to drop - [...]
Ok here’s something controversial for you guys to digest, there has been anecdotal evidence of US Customs seizing laptops before and examining the data…but it now seems to be rather more widespread.
It’s a little worrying to me how a government can just rummage through your data when you are totally innocent and they don’t even [...]
This is sad news, it seems UK is considering following the lead of the Germans and their recently implemented hacking law 202(c) regarding the making of ‘hacking tools‘ illegal.
It’s almost like making baseball bats illegal because you can hit someone with it, doesn’t matter its made for playing sport and that’s what most people use [...]
Interesting, a new arena for marketing spin and sales talk - the auctioning of exploits.
WabiSabiLabi is pushing hard for a good price for a ClamAV vulnerability and exploit that it has gotten hold of, it’s dosing it up with a good portion of spin to make it seem like the next big thing - I [...]
It seems Wi-Fi is actually extremely common, in fact in a recent poll up to 45% do it! I guess most people here have, I admit I do even with my phone when I’m out and about I’ll use any WiFi point that works.
We can blame it on the manufacturers for having lax default security [...]
Apparently he stopped his naughty activities back in 2006, but still…a guy that is supposed to securing machines was installing malware and had a bot totaling about a quarter of a million zombies.
Most used for info gathering, Paypal accounts and installing Malware for comission, he claims to have made $19,000 in a week installing TopConverting [...]
This story reads like something from one of those glamourised Hollywood ‘hacker’ movies like Swordfish or Antitrust.
The legendary MPAA hacker has been revealed, and it looks like he himself got social engineered and dumped…he should have realised when you are playing with unscrupulous people you are setting yourself up to get screwed.
Promises of Hollywood fame [...]
A while back it was discovered that some ISPs have taken to inserting ads into web pages you are viewing, these are ads from the ISP you are using (AND PAYING FOR) not ads from the content provider or site that you are viewing.
Some ISPs are resorting to a new tactic to increase revenue: inserting [...]
It seems India are getting serious about terrorist activities being co-ordinated via the Internet, they are starting to run extremely deep surveillance on many cyber-cafes in Mumbai.
The solution appears to be some kind of ‘legal’ trojan system that will collect logs and send them to the police.
The Mumbai police will soon have khabris deployed (not [...]
This is not exactly new news either, these kind of toolkits have been on sale for a long time, virus generators, trojan toolkits, now they are getting more polished, more stream-lined, more expensive and more easily available.
News of them is hitting the mainstream media..
Malicious hackers are producing easy to use tools that automate attacks to [...]
This has been floating around for a while and you might have noticed a warning on some German based security sites that they’ve had to move their tools due to this new legislation known as 202(c) - a couple of examples are KisMAC and Phenoelit.
Basically the new law prohibits manufacturing, programming, installing, or spreading software [...]
This case has been going on for a while but obviously hush hush, being that it is the largest breach of customer data in U.S. History. The details of the case have only started emerging in the last couple of months.
Information Week published a good article covering what has been going on recently.
Amazing the amount [...]
I’m sure everyone remembers the Diebold voting fiasco with their system getting pwned multiple times. Back in May 2006 it was announced from multiple sources that the Diebold system was critically flawed.
Then more recently Hackers in the Philippines were Invited to Crack Internet Voting, which is definitely positive step to increase security in voting applications.
Now [...]
After the recent fiasco about the Pentagon being Hacked by Chinese Military another few governments have piped up with information about cyber surveillance by China.
The latest is France.
It seems like right now china has it’s fingers in many pies.
France has become the fourth country to speak out against hackers in China [...]
The US Congress recently approved a bill that will make it illegal to spoof Caller ID in the USA.
A while back the FCC announced the wanted to crack down on Caller ID spoofing as it was still too easy.
The amount of the forfeiture penalty (…) shall not exceed $10,000 for each violation, or 3 times [...]
So the latest news is that the RFID chips in electronically enabled passports are NOT encrypted, which bright spark came up with that idea?
Ok so you implement ‘more secure’ RFID passports, and leave all the data in plain text for anyone to tamper with - nice!
So what do you think they are gonna do about [...]
As we followed the Gary McKinnon case quite closely whilst it was happening, here’s the latest update.
At least he seems to be getting a break in the case as he’s won the right to have his extradition case heard by the House of Lords.
Gary McKinnon, the ex-systems administrator accused of conducting the biggest military hack [...]
What is open music?
Open Music is music that is shareable, available in “source code” form, allows derivative works and is free of cost for non-commercial use. It is the concept of “open source” computer software applied to music.
And it has a license as source code programs have too. Even more it comes under 2 [...]
Well this is a harsh turn of events, a while back an ‘ethics expert’ said Wifi Jacking is OK, now this poor guy has got pretty harshly screwed for using an open wireless connection from a nearby coffeeshop.
A Michigan man has been fined $400 and given 40 hours of community service for accessing an [...]
As with the UK, many phones in the US are sold under contract and are given at very discounted rates or even free in some cases if you sign a contract for year withe service provider.
Before that it was illegal to unlock your phone but finally in November 2006 it came out in court [...]
It didn’t take them long! A while ago some smart chaps worked out the a way to extract the HD DVD and Blu-ray Disc “volume keys” to decrypt AACS DRM on individual films (This was about 2 months ago).
Now they have cracked the scheme behind it, the so called “processing key” used to decrypt the [...]
Ah the logic bomb, a source of humour for many due to it’s frequent showing up in ‘hacking’ movies, and it’s complete mis-use.
ZOMG THE LOGIC BOMB IT’S GONNA PWN US ALL!
A former UBS PaineWebber employee was sentenced to eight years in prison on Wednesday for planting a computer “logic bomb” on company networks and betting [...]
Ah the old mythical tale of hacking your school to change your grades to straight A’s, well I know people do it, I’ve seen it in the past…but now someone has actually gotten caught for it.
And what’s more..he’s the senior class president!
Cooper City High School’s senior class president was arrested Tuesday and charged in [...]
It seems like it’s getting really serious in the Gary McKinnon case, he’s facing what looks like his last appeal against the US anti-terror law case against him for hacking some NASA systems by guessing the weak passwords.
Not like he’s really a terrorist, or did any damage…he did something very stupid though, bruised the ego [...]
There seems to be have been some slight relaxation on the DMCA regulations lately, which is a good thing for the majority of people!
There have been many grey cases and sadly most have fallen on the side of the big corporations, finally something on our side!
The U.S. Copyright Office specified new rules Wednesday allowing cellphone [...]
It seems like phishers are changing their tactics to those similar to spammers, rather than going for big targets and mass mails they are turning to more wealthy customers and fewer but larger bounties.
Imagine if they can nail a few big ones, they are set.
Online fraudsters are turning their attentions away from large banks and [...]
This is a pretty interesting idea and for once it addresses a real requirement. A lot of stories have hit the press about people getting fired or ‘dooced’ because of stuff online or not even getting jobs because of something found on MySpace.
So up pops a company that is willing to protect your reputation online.
The [...]
The battle is heating up between the spammers e360 and the anti-spam warlords Spamhaus, some say the Internet may meltdown if Spamhaus stops its service..
Some estimates say 80% of spam is stopped by Spamhaus and e-mail could suddenly shoot to a server melting rate if their service is pulled.
The legal battle between antispam organisation Spamhaus [...]
Cyber and computer laws are always a grey area, they tend to be very vague and don’t cover specific technologies.
Spam is a good example, look at how long we’ve been getting spammed, and it’s been a SERIOUS problem for at least the last 5 years, spam legislation has only started coming in to effect in [...]
It seems like war-driving may become a thing of the past, legislation is starting to happen.
It’s a good start though, you have to target the manufacturers to educate their users, not target the users as they don’t care, sometimes ease of use has to be traded a bit with security.
California legislators have passed a law [...]
Ahah! More government cover-ups? This one was a while back too.
Digging on those archives right now yah.
A hacker stole a file containing the names and Social Security numbers of 1,500 people working for the Energy Department’s nuclear weapons agency, scary eh?
The US government security really does scare me sometimes, their internal departments have some of [...]
Ah the anti-trust battle continues, good to see someone with technical skills involved, I wonder how the case is coming along, I haven’t heard about it for a while.
Again this is quite an old story.
As an expert witness on digital crime, British computer consultant Neil Barrett has helped prosecutors in the United Kingdom convict murderers [...]
Ethical debates are always interesting, and people have gotten in trouble lately for reverse engineering and various other branches of research.
This is a fairly old topic, but as I’m clearing out some old drafts, I still find it an interesting one.
There’s been an ongoing debate in security circles concerning how security researchers should disclose vulnerabilities [...]
It turns out yesterday one of the planned speakers at HOPE Number 6 was arrested on Saturday and is being charged by the FBI.
Security Fix obtained a copy of the complaint against “Steven Rambam” the private investigator arrested Saturday at the Hope Number Six hacker conference in New York City. The government document says Rambam [...]
This is actually a very important case depending on which way it goes.
It could become a landmark case in regards to liability for machines on your network, or actually any traffic originating from your IP range.
A boutique Washington, D.C.-based law firm is accusing IBM of hacking into its e-mail system and is seeking recourse.
The firm, [...]
Using standard script kiddy tools a consultant managed to compromise some of the FBI’s computers containing confidential information.
Quite a hack eh?
A government consultant, using computer programs easily found on the Internet, managed to crack the FBI’s classified computer system and gain the passwords of 38,000 employees, including that of FBI Director Robert S. Mueller III.
The [...]
An interesting interview had been posted on Wired with Gary McKinnon about what he actually found whilst penetrating the US government networks.
After allegedly hacking into NASA websites — where he says he found images of what looked like extraterrestrial spaceships — the 40-year-old Briton faces extradition to the United States from his North London home. [...]
It seems even though vendors are pushing their snakeoil harder than ever, the actual figures show that the money lost due to cybercrime has decreased every year for the last four years!
Perhaps people are finally getting more secure, it’s not suprising with the advent of cheaper and easier to use intrusion detection and intrusion prevention [...]
Ah the big boys can’t get in legimately, so they are starting to use underhand tactics eh?
A lawsuit filed Wednesday accuses the Motion Picture Association of America of hiring a hacker to steal information from a company that the MPAA has accused of helping copyright violators.
The lawsuit (click for PDF), filed in U.S. District Court [...]
It’s sad when a country has to resort to this to control it’s people, freedom to watch porn for Cambodians!
Heeding a request from his wife, Prime Minister Hun Sen on Friday banned the latest generation of mobile phone services in Cambodia to curb the dissemination of pornography.
Bun Rany, along with the wives of several other [...]
Irrepressible Adj. 1) Impossible to repress or control.
Chat rooms monitored. Blogs deleted. Websites blocked. Search engines restricted. People imprisoned for simply posting and sharing information.
The Internet is a new frontier in the struggle for human rights. Governments – with the help of some of the biggest IT companies in the world – are cracking down [...]
MySpace owned again..let’s quote them for a penetration test or vulnerability assessment haha.
TWO New York teenagers are reportedly in police custody after allegedly threatening to give out the personal information of users of MySpace.com unless they are paid $US150,000 ($200,000). Associated Press reported Shaun Harrison, 18, and Saverio Mondelli, 19, of Suffolk County, face computer [...]
Well it happened a while back, remember? The French researcher Guillaume Tena who got in trouble for breaching French copywrite laws by decompiling some software.
Now people are generally starting to worry about disclosing vulnerabilities through any channels, does there need to be some kind of anonymous PGP key based system for vulnerability disclosure? So people [...]
It is a little over the top, this guy used over the counter kiddy tool and ‘hacked’ into systems because of blank passwords.
Not rocket science, and apparently the machines he had access to were air-gapped, or segregated from the networks containing sensitive information, so the charges are greatly trumped up and are NOT relative to [...]
It turns out Gary McKinnon got sloppy, that’s why he got busted. He forgot the computers he was comprimising were in a completely different time zone, and as he was using remote control software, the person in the office saw their mouse moving around. We have reported about this guy before, when he was fearing [...]
I don’t know what he was thinking really, tampering with US military or governmental systems without some SERIOUS protection.
A British man accused of being behind the largest ever hack of US government computer networks could end up at Guantanamo Bay, his lawyer has claimed.
Gary McKinnon, from London, denies causing $700,000 (£400,000) damage to military and [...]
Basically the Americans are saying a lot of their sensitive govermental organisations are using Snort and they don’t want the software to be controlled by an Israeli company, they see it as a threat.
The same Bush administration review panel that approved a ports deal involving the United Arab Emirates has notified a leading Israeli software [...]
Is it ethical or even legal to charge for other peoples work?
As far as I know France seems have some pretty strong (and weird) copyright laws.
And yes, they are blaming French Laws prohibiting full disclosure.
In conformity with applicable French laws prohibiting Full-disclosure, the FrSIRT will no longer distribute exploits and PoCs on its public [...]
This could be the end of reverse engineering in France sadly, I hope it doesn’t have repucussions in other parts of the world.
I think it’s the end of using reverse engineering tools to find flaws in France. Maybe the next step will be to forbid the possession of debuggers and disassemblers.
It’s a valid course of [...]
