Tuesday, November 27, 2012

Dotcom: We've hit the jackpot--FBI misconduct

From Down Under, the latest on the Dotcom Megaupload case--

Dotcom: We've hit the jackpot - National - NZ Herald News: " . . .However, the application to seize the domain names, made on January 13, 2012, did not state the earlier search warrant was not issued against Megaupload. Instead, the Department of Homeland Security application sought the help of Megaupload to track down files of interest in its investigation of NinjaVideo. The warrant application was by Special Agent William Engel and stated that the data storage company Carpathia "will work with its customer Megaupload to access content to provide in response to the search warrant". The investigation was a success and saw its central figure Hana Amal "Queen Phara" Beshara sentenced to prison for 22 months and ordered to pay $256,000 of her illegally gained money to the Motion Picture Association of America - the same Hollywood lobby group blamed for pitting the FBI against Megaupload. The access was granted after a bid by the Electronic Frontier Foundation on behalf of a Megaupload customer whose business files were lost when the cloud storage site was shut down. Mr Dotcom's US-based lawyer Ira Rothken said he would ask the US court to return the Megaupload websites. He said the discovery of the FBI's evidence of wrongdoing was part of a "trail of misconduct" stretching from the US to New Zealand which would ultimately lead to asking for the FBI charges to be dismissed. "What we have uncovered, in our view, is misleading conduct. It looks like the Government wants the confidentiality because they would be concerned their conduct would be scrutinised. . . . "

Saturday, November 24, 2012

Some strange stuff on the internet

Sometimes you just come across some strange stuff on the internet--

The strange case of the inte1sat domain name - Security Labs: "Using the registration information, we found a paper authored by Command Five that indicates that the contact has been registering domains involved in APT and corporate cyber espionage attacks. The entire document is available here: http://www.commandfive.com/papers/C5_APT_SKHack.pdf  We cannot confirm that there is a problem in the Google OCR PDF caching mechanism that results in instances of "inte1sat.com" showing up in search results, particularly those of papers hosted by the FCC. We can conjecture that if there is a flaw, it is being exploited via a typo squatting technique to deliver an exploit. Continuing our search, we discovered additional strong evidence. Going back to the beginning of the analysis, it turns out that the IP address, where "inte1sat.com"  is hosted, also hosts many other domains. Four especially attracted our interest. Specifically: . . . "

Thursday, November 22, 2012

Cybersecurity and cybercrime 2012 review

A year in cybersecurity and cybercrime: 2012 review | ZDNet: "The Stop Online Piracy Act (otherwise known as "SOPA") would have been the most threatening act of legislation to the global Internet to date had it passed. Along with the PROTECT-IP ("PIPA") and OPEN acts, which ran through the Senate, these bills in singular and collectively would have threatened the very existence of the open Web as we know it. SOPA alone would have allowed Web sites to be shuttered, no matter where they are in the world, by blocking them at server level and starving them of oxygen. Any site even to have allegedly breached copyright could be effectively shut down by the U.S. government with little oversight or process of appeal. Google-owned YouTube, for instance, could have fallen foul of the law if someone uploaded a copyright infringing video, leading to a widespread site block. . . ."

Tuesday, November 20, 2012

Think about Security from the Inside Out

Thinking about Security from the Inside Out | Innovation Insights | Wired.com:Historically, IT security has been all about defending against external threats. However, the recent cyber-attack against oil giant Saudi Aramco reinforces the need to give equal weight to internal threats as well. On August 15, 2012, an insider at Saudi Aramco used privileged access to the company’s network to release a computer virus called Shamoon. The virus infected roughly 75 percent of employee desktop computers, wiping them clean and replacing the files with a picture of a burning American flag. The company immediately took action once it knew what was going on. Saudi Aramco disabled its internal network to stop the virus from spreading, but it was too little, too late. The attack is regarded as one of the most destructive acts of computer sabotage to be inflicted upon a private company to date. Despite speculation that third-party perpetrators were involved due to similarities with various other incidents, the nature of the attack was such that the perpetrator had to be an insider. . . Intelligence officials insist that the Saudi Aramco hack should serve as a wake-up call to other organizations. No longer are we to protect our data solely from external threats. Networks must be protected from potential threats inside and out, and this will force a profound change in network management strategies. . . "

Thursday, November 15, 2012

Petraeus and Broadwell used common e-mail trick

Petraeus and Broadwell used common e-mail trick: " . . . Covering up your online tracks can be time-consuming — even for high-powered men who manage secret operations, said Janet Sternberg, a communication and media studies professor at Fordham University. "Being anonymous would take so much trouble, you wouldn't have time to do the behavior you were trying to hide," said Sternberg, who argues that almost all forms of electronic communication leave traces. "What's surprising is how much there is to discover. Look at his (Petraeus') cellphone and text messages. If he left this evidence around there is probably more evidence to discover." With cloud services, long e-mail chains, and more storage capabilities, e-mail inboxes and drop boxes can contain thousands of pages of e-mails that users may think are gone but may simply be stored out of sight but within reach of searching authorities, experts said. "Every circumstance is going to be a little different," Henry said. "It may have been relatively easy or difficult for FBI investigators. It depends on how hard someone tried to hide their transactions. And they can try really hard and then make a mistake." The FBI would deploy its resources to uncover the sender of an anonymous e-mail depending on the credibility of the suspicious e-mail, the severity of the threat and the target, said Henry, who worked at the FBI for 24 years and is now president of CrowdStrike Services, a cybersecurity firm. . . "

Monday, November 12, 2012

coming soon

Cybersecurity - Google News

Malware - Google News

National Security - Google News

"Security Threats" - Google News

Maritime security - Google News

The State of Security

TSA - Google News

Homeland Security - Google News