Wednesday, July 13, 2011

Somehow I knew this was the case...

http://news.cnet.com/8301-27080_3-20078948-245/reports-u.k-paper-paid-police-to-ping-phones/

Reports: U.K. paper paid police to 'ping' phones

The scandal surrounding Rupert Murdoch's News of the World is growing, with new allegations that his papers bribed police to use cell phone-tracking technology to find the exact whereabouts of news subjects, as well as to obtain information about the royal family, and also targeted former Prime Minister Gordon Brown, according to reports.

Two former News of the World journalists said the practice of using the illicit cell phone tracking was known as "pinging" in the newsroom, according to The New York Times. The technology, for which one reporter said the News of the World paid nearly $500 each time it was used, is supposed to be restricted to law enforcement and security officials, a former senior Scotland Yard official said. A former News of the World editor told The New York Times that the Murdoch paper also tracked people by hacking into their credit card details to see where the latest charge was made.



If real, why plaintext passwords (or were they decrypted?)

http://www.databreaches.net/?p=19582

Toshiba Hacked?

July 12, 2011 by admin

The message on the first Pastebin post said:

Toshiba HACKED BY V0iD

DATABASE LEAK: 16%
More To Come….

What followed was a list of 11 admins’ email addresses from the TACP database with associated plaintext passwords and ID number. The admin with superuser status was noted.

There were also 333 users’ email addresses and plaintext passwords.

The message on the second Pastebin post said:

Toshiba HACKED BY V0iD

DATABASE LEAK: 49%
More To Come….

Some Info:
>_ There is total 14 “user”-lists. Who the fuck knows where they go?
That’s not the purpose; try with facebook, email, paypal and other
crap. Have Fun? In Part 2:
>_ Service Places. These are a small list of Toshiba resellers. They all
Have passwords.
More E-mails+Passwords from tabel “Public_Users”

There were 451 email addresses and plaintext passwords posted from the users’ table.

If there’s a part 3, it hasn’t been posted yet.

No statement appears on Toshiba’s site at this time about the breach claimed by VOiD.



Everyone should secure their wifi like they taught an Ethical Hacking class...

http://www.wired.com/threatlevel/2011/07/hacking-neighbor-from-hell/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+wired%2Findex+%28Wired%3A+Index+3+%28Top+Stories+2%29%29

Wi-Fi–Hacking Neighbor From Hell Sentenced to 18 Years

A Minnesota hacker prosecutors described as a “depraved criminal” was handed an 18-year prison term Tuesday for unleashing a vendetta of cyberterror that turned his neighbors’ lives into a living nightmare.

Barry Ardolf, 46, repeatedly hacked into his next-door neighbors’ Wi-Fi network in 2009, and used it to try and frame them for child pornography, sexual harassment, various kinds of professional misconduct and to send threatening e-mail to politicians, including Vice President Joe Biden.

His motive was to get back at his new neighbors after they told the police he’d kissed their 4-year-old son on the lips.

… Ardolf’s attorney, Kevin O’Brien, said in a telephone interview that “it was a lengthy sentence for a first time offender.” The defendant also forfeited his house and computer gear.

Ardolf had no criminal record, but an investigation revealed that he’d also hijacked the Wi-Fi of other neighbors, and terrorized them as well.

A father of two, Ardolf had turned down a 2-year plea agreement last year to charges related to the Biden e-mail. After that, the authorities piled on more charges, including identity theft and two kiddie-porn accusations carrying lifetime sex-offender registration requirements. He pleaded guilty to them all last year.



Local definitely worth following!

http://news.cnet.com/8301-31921_3-20078993-281/encryption-defense-attorney-fights-doj-demands-q-a/

Encryption defense attorney fights DOJ demands (Q&A)

The U.S. Department of Justice is determined to make sure that a case in Colorado will set a legal precedent allowing it to force Americans accused of crimes to decrypt their computers' hard drives.

Phil Dubois is equally determined not to let that happen. The Colorado Springs-based attorney is representing Ramona Fricosu, accused of a mortgage scam, who is refusing to divulge the passphrase to an encrypted laptop found in her bedroom.

Dubois, who specializes in criminal defense and Internet law, says requiring Fricosu to decrypt the hard drive would be a clear violation of his client's Fifth Amendment right to remain silent. The case is currently before U.S. District Judge Robert Blackburn, and Dubois says if he loses, he'll appeal.

It's not Dubois' first encounter with encryption and threats of criminal prosecution. In the 1990s, he represented PGP creator Phil Zimmermann when the programmer was being investigated for allegedly exporting the encryption utility by posting it publicly online. The charges were dropped in 1996.



The US polices the world! And don't you forget it...

http://www.wired.com/threatlevel/2011/07/domain-seizures-defended/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+wired%2Findex+%28Wired%3A+Index+3+%28Top+Stories+2%29%29

Feds Defend Internet Domain Seizure in Piracy Crackdown

Federal prosecutors are asking a judge not to return the domain names of one of Spain’s most popular websites, seized as part of a major U.S. crackdown on internet piracy.

The legal filing over Rojadirecta.com represents the government’s first legal response to a lawsuit challenging “Operation in Our Sites.”

Commenced last year, U.S. Immigration and Customs Enforcement has seized as many as 208 domains the authorities claim are linked to intellectual-property fraud. The court-ordered seizures are aimed at web sites that sell counterfeited goods, as well as sites that facilitate illegal music, film and broadcast piracy.

The Rojadirecta .com and .org domains were seized in January along with eight others connected to broadcasting pirated streams of professional sports.



Every port is a potential avenue for hackers...

Patched MS Bluetooth Flaw Exposes Even Disconnected PCs

"Among the 22 security holes Microsoft issued updates to fix yesterday is a critical kernel-level Bluetooth flaw that could let nearby attackers break into vulnerable systems even when the targeted computer is not connected to a network. An attacker could use the bug to gain access to any unpatched, Bluetooth-enabled Windows Vista or Win7 computer within 100 meters (or much further with specialized tools), all before the target system even gets an alert that another computer is requesting a Bluetooth connection."



Encryption is easy.

http://www.makeuseof.com/tag/download-lockdown-secure-files-truecrypt/

DOWNLOAD Lockdown: Secure Your Files With TrueCrypt

To really keep your data safe, you need to encrypt it. Not sure how to start? You need to read “Lockdown: Secure your Files With TrueCrypt”, by author Lachlan Roy.

DOWNLOAD Lockdown: Secure Your Files with TrueCrypt or Read now on Scribd


No comments: