Wubi

Uitasem ca mai e si acolo.

Lasa bre mai bine pe Beta ca merge "What`s New?"

DarkyAngel, nu merge bre de acolo daca ai deja RST Beta.

Temele RST2/3 se vad relativ ok, exceptand ca nu se incarca ckeditor / activity stream. Pe RST Beta nu apar Enter-urile si nu poti schimba tema. Tema Tigra, apare ca venita de pe front. In schimb merge bine Mobile Style.

Nu am zis ca esti neaparat infectat, insa rata de a fi infectat e mult mai mare fata de a unui utilizator de servicii AV. Iar in Romania, mare parte, nu folosesc, nu au sistemele la zi, descarca cacaturi fara a verifica autorul inainte, s.a.m.d.

Iar tu esti pe RST pentru trolling si off-topic.

India Prepares Cyber Offensive After Chinese Hackers Breach Navy The computer systems housed in Visakhapatnam, the headquarters of India’s Eastern Naval Command, have been penetrated by hackers who have been traced back to China. According to Indian Express, a piece of malware planted in devices from Visakhapatnam collected sensitive information and sent it to an IP address located in China. An investigation is currently ongoing, but initial analysis has revealed that the virus might have spread from one machine to the other via USB sticks, similar to the infamous Stuxnet and Flame Trojans. In the meantime, the Indian government might change its cyber security policies to “active.” If until now the country has focused mostly on its defensive capabilities, after this incident, an offensive unit will be seriously taken into consideration, India Today reports. The facility where India’s first nuclear submarines are built hasn’t been affected by the cyberattack. On the other hand, the breach, identified 5 months ago, is believed to be a result of the negligence of officers who have failed to follow procedures. http://news.softpedia.com/news/India-Prepares-Cyber-Offensive-After-Chinese-Hackers-Breach-Navy-278718.shtml

Prostii si lipsa serioasa de ocupatie. Atunci cand au fost sparte computerele de la Indian Navy de hackeri chineji, parca nu au sarit asa repede sa`i aresteze.

Romania Ranks Third on List of Countries with Most Malware-Infected Computers A report based on the results provided by BitDefender’s free online scanning service QuickScan has revealed that Romania is on the third position in the top 10 countries most affected by cyber threats. India and Thailand occupy the first two spots, followed by Romania, where 13% of the online scans identified traces of malware. Experts believe that Romania ranks so high because of the large number of pirated software that’s currently utilized by internauts. Another cause might be the lack of advanced security solutions that are capable of working autonomously for longer periods. At the other end of the poll the study places Germany (4.7%) and the UK (6.5%). On a global scale, 11.5% of the scanned machines have been found to host viruses. The most common malicious elements detected during the scans were Sirefef, Kazi, Graftor, Ramnit, and the famous Sality. http://news.softpedia.com/news/Romania-Ranks-Third-on-List-of-Countries-with-Most-Malware-Infected-Computers-278931.shtml

US Authorities Spread Fake Secrets to Identify Leakers Ever since WikiLeaks obtained large amounts of secret documents belonging to the US government, the Pentagon has been working on a plan to expose those who leak classified information. The solution appears to lie in “Fog Computing.” DARPA researchers have revealed that they’ve come up with a “prototype for automatically generating and distributing believable misinformation.” Based on what information is leaked, they can find out who is responsible, Wired reports. The main problem is that the technique they rely on is similar to spamming and it could lead to trust issues among those responsible for keeping secrets. “If only researchers devoted as much ingenuity to combating spurious secrecy and needless classification. Shrinking the universe of secret information would be a better way to simplify the task of securing the remainder,” Steven Aftergood of the Federation of American Scientists said. In the meantime, DARPA seems determined to put an end to information leakage. At the end of last year, the organization gave $9 million (7 million EUR) to a consortium led by Georgia Tech for this purpose. http://news.softpedia.com/news/US-Authorities-Spread-Fake-Secrets-to-Identify-Leakers-279797.shtml

13-Year-Old Arrested by Japanese Police for Creating Virus A 13-year-old boy from Akiruno City, Tokyo, was taken into custody by authorities on suspicion of developing a computer virus that forcefully shut down computers. According to Yomiuri-Shimbun (translation provided via Slashdot), the eighth-grader is also accused of running a hacking forum. “I was interested in hacking and wanted to study hacking, and created the site in August last year,” the young hacker said. Since the creation or possession of computer viruses is illegal in Japan, the boy’s deeds have been catalogued as a “misconduct/misdemeanor.” Related to this incident, a 23-year-old construction worker was also arrested by the Kyoto Prefectural Police after he had posted tutorials on the discussion board operated by the 13-year-old. He is also suspected of storing a piece of malware that deletes files on his home computer. http://news.softpedia.com/news/13-Year-Old-Arrested-by-Japanese-Police-for-Creating-Virus-279632.shtml?utm_source=twitter&utm_medium=twitter&utm_campaign=twitter_web

Bulgarian Hackers Group arrested Bulgarian authorities say that after months of investigation they have busted the “most powerful hacker group” in the country, the Cyber Warrior Invasion. The operation was conducted by Bulgaria’s Sector for Computer Crimes, Intellectual Property and Gambling and the territorial units of the Chief Directorate for Fight with Organized Crime in the municipalities of Pleven, Shumen, Plovdiv, Burgas, Haskovo, Stara Zagora and Kyustendil. Using cyber “terrorist” methods, the group had attacked more than 500 websites worldwide, including those of financial institutions, web-based companies, and governmental and non-governmental organizations. On the confiscated computers, police discovered databases with large amounts of stolen emails, social network profiles and associated passwords, as well as stolen credit card data. The site www.cwi-group.org was used by the members of the group to coordinate their activities. Constantly changing its location and using a complex system of "zombie" proxy servers they disguised its true location, and that of the administrators. Despite the attempts to wipe out their tracks, hackers were detected.The investigation unveiled that hacker group members followed a strict hierarchical order, evidencing the high degree of organization and coordination between them. They were structured into different groups according to their access and power: "Administrators", "Moderator", "Scanning team," "Donors / Sponsors", "Sectional moderators", "Friends," "VIP Members" and group "members." Four laptops, five desktop computers, seven portable digital information devices, three hard discs and over 200 CDs were seized. http://thehackernews.com/2012/07/bulgarian-hackers-group-arrested.html

Microsoft to patch three critical vulnerabilities on Tuesday When Patch Tuesday rolls around next week, Three critical vulnerabilities , as well as six Important issues will be addressed by Microsoft. Only three of the nine security bulletins are ranked Critical, while the remaining six are rated as Important. Although all three of of the Critical vulnerabilities center on Windows, one of them also includes Internet Explorer 9. Interestingly, the flaw does not extend to previous versions of the browser, so it appears it's something new. The two other critical bulletins could allow malicious users to remotely execute code on Windows operating systems, including all supported server and client versions. "Many are expecting a patch for CVE-2012-1889: a vulnerability in Microsoft XML Core Services, which is currently being exploited in the wild," says Marcus Carey, a security researcher with Rapid7. Get the full details when the security bulletins are officially released next Tuesday. Happy patching next week! http://thehackernews.com/2012/07/microsoft-to-patch-three-critical.html

Posteaza totusi sursa, chiar daca tu ai tradus tutorialul. (SQL injection - Security101 - Blackhat Techniques - Hacking Tutorials - Vulnerability Research - Security Tools)

Last month, Microsoft released a fix tool in order to address a vulnerability in Microsoft XML Core Services. The said vulnerability, according to the Microsoft Security Advisory, could allow remote code execution if a user views a specifically crafted webpage using Internet Explorer. It has been given the identifier CVE-2012-1889. Since the vulnerability exists in Microsoft XML Core Services by way of IE, which is installed on most of PCs in the world, we assume that this attack code would give users the extremely big impact once it is exploited by malicious users. Another factor that would contribute to is impact is the fact that its attack code was made public. In line with this, we’d like to share the results of our analysis of a malware which exploits CVE-2012-1889. Trend Micro products detect this particular malware as HTML_EXPLOYT.AE. HTML_EXPLOYT.AE Overview HTML_EXPLOYT.AE may arrive in a system through a variety of means, such as email or a malicious website. It attempts to exploit CVE-2012-1889 via Internet Explorer. It should be noted that this specific exploit does not have a function to bypass DEP (Data Execution Prevention). If HTML_EXPLOYT.AE runs on an Internet Explorer with DEP enabled, it causes IE to crash. However, considering that the attack code for this exploit has been released in the wild, it is possible that we will see a sample that can bypass DEP and ASLR. HTML_EXPLOYT.AE has three main features, which we will discuss in a 3-part blog series. For part 1, we will discuss the usage of Microsoft XML Core Services. HTML_EXPLOYT.AE Feature 1: Usage of Microsoft XML Core Services HTML_EXPLOYT.AE uses object element by using Classid to exploit Microsoft XML Core Services. Specifically, HTML_EXPLOYT.AE exploits CVE-2012-1889 by referring to uninitialized object. In order to confirm the root cause of CVE-2012-1889 vulnerability, it is better to check how this code has been used in normally. So here we have the code to exploit CVE-2012-1889, with the heap spray codes deleted: Now let’s check the vulnerable code above when executed normally: The upper [eax] points to an object by a virtual function of “msxml3!Document::`vftable”” and[ ecx+18h] point to the “msxml3!Document::weakRelease” function. Its vftable is the following: From this we can see that the exploit HTML_EXPLOYT.AE takes advantage of the Microsoft XML Core Service (mxml3.dll) vulnerability. Internet Explorer Microsoft XML Core Service (mxml3.dll) uses this module in order to process HTML/XML codes making this program and other applications that uses this module, vulnerable to this attack. Based on this, we can conclude that it is possible for attackers to use other vectors in order to exploit the Microsoft XML Core Service vulnerability. Trend Micro protects users from this threat via Smart Protection Network™, which detects and deletes HTML_EXPLOYT.AE. Furthermore, Deep Security prevents attacks exploiting CVE-201-1889 via IDF rule 1005061- Microsoft XML Core Services Remote Code Execution Vulnerability (CVE-2012-1889). In the second installation of our 3-part series about this exploit, we will share our findings regarding the second feature of HTML_EXPLOYT.AE: Heap Spray. Sursa: http://blog.trendmicro.com/technical-analysis-of-cve-2012-1889-exploit-html_exployt-ae-part-1/

The myth of malicious adolescents out to wreak havoc on our technology spurs Internet regulations that are far more stringent than is reasonable. The hackers who dominate news coverage and popular culture -- malicious, adolescent techno-wizards, willing and able to do great harm to innocent civilians and society at large -- don't exist The perceived threat landscape is a warped one, which directs attention and resources to battling phantoms, rather than toward preventing much more common data-security problems. According to the Privacy Rights Clearinghouse, the loss or improper disposal of paper records, portable devices like laptops or memory sticks, and desktop computers have accounted for more than 1,400 data-breach incidents since 2005 -- almost half of all the incidents reported. More than 180,000,000 individual records were compromised in these breaches, which included individuals' names, Social Security numbers, addresses, credit-card information and more. This is compared to the 631 incidents from the same period that the Clearinghouse assigns generically to "hacking or malware." Your private data is more likely to be put at risk by a factotum leaving a laptop on a train than by a wired teen with too much time on his hands. Insider threats, otherwise known as frustrated grown-ups with real jobs, also constitute a significant challenge for information security. The Wall Street Journal recently reported on a survey which showed that 71 percent of IT managers and executives believe insider threats present the greatest risk to their companies. And the recent high-profile security breach at LinkedIn shows that one of the greatest risks to our personal security is ourselves: more than two-thirds of the leaked LinkedIn passwords were eight characters or fewer in length, and only one percent used the mix of upper- and lower-case characters, numbers, and symbols that makes passwords difficult to crack. But these more serious threats don't seem to loom as large as hackers in the minds of those who make the laws and regulations that shape the Internet. It is the hacker -- a sort of modern folk devil who personifies our anxieties about technology -- who gets all the attention. The result is a set of increasingly paranoid and restrictive laws and regulations affecting our abilities to communicate freely and privately online, to use and control our own technology, and which puts users at risk for overzealous prosecutions and invasive electronic search and seizure practices. The Computer Fraud and Abuse Act, the cornerstone of domestic computer-crime legislation, is overly broad and poorly defined. Since its passage in 1986, it has created a pile of confused caselaw and overzealous prosecutions. The Departments of Defense and Homeland Security manipulate fears of techno-disasters to garner funding and support for laws and initiatives, such as the recently proposed Cyber Intelligence Sharing and Protection Act, that could have horrific implications for user rights. In order to protect our rights to free speech and privacy on the internet, we need to seriously reconsider those laws and the shadowy figure used to rationalize them. * * * The hacker character in mainstream culture has evolved as our relationship with the technology has changed. When Matthew Broderick starred in War Games in 1983, the hacker character was childish, driven by curiosity and benign self-interest, and sowed his mayhem largely by accident. Subsequent incarnations, like those in Hackers, Sneakers, GoldenEye, and Live Free or Die Hard became more dangerous and more intentional in their actions, gleefully breaking into protected networks and machines and causing casual destruction incomprehensible to techno have-nots. The hacker in American film, almost always white, middle class, and male, is immature, socially alienated, vindictive, and motivated by selfish goals or personality problems. The plots of such films are built on apocalyptic techno-paranoia, reflecting a belief that hackers have supreme control over the technologies that make the world run. News coverage parallels the pop culture frame. Basement-dwelling hackers remain a primary villain on the evening news and the front page, even at the cost of an accurate and rational portrayal of current events. "Hacking" is used as a catch-all term to describe almost any computer-related crime or "bad" action, no matter the skills or techniques involved. Coverage often confuses what could happen with what is actually happening, reporting on theoretical exploits of the type often presented at security conferences as if they were a clear and present danger. Recent media and government fixation on the prankster-protesters of Anonymous has stoked the fires of techno-paranoia and, as Yochai Benkler pointed out in a recent article in Foreign Affairs, has conflated modes of electronic civil disobedience with outright cybercriminality in ways that damage the cause of political speech online. The hacker lurks in the network, a decentralized threat, able to cause harm far from his actual location. His relationship with technology is pathological, he is compulsive in his hacking activities, and therefore cannot be reformed. Because he is socially alienated, he lacks the normal social checks on his behavior, and is instead stuck in a feedback loop with other hackers, each trying to outdo the other in juvenile mayhem on the public internet. Add to all this the hacker's superhuman ability to manipulate anything running code, and you have a terrifying modern boogeyman that society must be protected from at all costs. * * * In the effort to protect society and the state from the ravages of this imagined hacker, the US government has adopted overbroad, vaguely worded laws and regulations which severely undermine internet freedom and threaten the Internet's role as a place of political and creative expression. In an effort to stay ahead of the wily hacker, laws like the Computer Fraud and Abuse Act (CFAA) focus on electronic conduct or actions, rather than the intent of or actual harm caused by those actions. This leads to a wide range of seemingly innocuous digital activities potentially being treated as criminal acts. Distrust for the hacker politics of Internet freedom, privacy, and access abets the development of ever-stricter copyright regimes, or laws like the proposed Cyber Intelligence Sharing and Protection Act, which if passed would have disastrous implications for personal privacy online. The hacker folk devil as depicted in popular culture and news coverage is the target of and the justification for these laws and regulations. But rather than catching that phantom, these laws invite guilt by association, confusing skill with computers with intent to harm. They snag individuals involved with non-criminal activities online, as happened in the case of Bret McDanel, who served 16 months in prison for sending a few emails, and leave the rest of us with legally crippled technology and a confused picture of our rights online. Crafting governmental and corporate policy in reaction to a stereotyped social ghoul lurking in the tubes is ineffective at best, and actively malignant at worst. There are real threats in the online space, from the banal reality of leaving a laptop on the bus and sloppy personal security habits to the growing reality of inter-state cyberwar. However, focusing on the boys-in-the-basement hacker threat model drains attention and resources from discovering what and where the actual threats are. Taking down file lockers, criminalizing jail breaking, modding, and terms-of-service violations, and casting legal aspersions on anonymous and pseudonymous speech online is distracting fear mongering and wastes governmental and corporate resources. Recent court decisions, like the opinion handed down by the Ninth Circuit in US v. Nosal, work to narrow the scope of the CFAA, which gives hope to the idea that it is possible to regulate the Internet in a more reality-driven way. In order to achieve that regulation, though, we must discard the hacker stereotype as a central social villain and legal driver. The past few years have seen the internet emerge as a central haven for political speech, domestically and internationally. The internet has been used to exchange ideas, organize protests, and overthrow dictators. We hold the right to free political speech dearly in this country, and, for better or for worse, the laws we pass regarding the regulation of the internet have a disproportionally large impact on the way this international resource operates. The question that we must ask ourselves is, do we want the next Arab Spring regulated out of existence by our fear of hackers who don't even exist? Sursa: http://www.theatlantic.com/technology/archive/2012/07/if-hackers-didnt-exist-governments-would-have-to-invent-them/259463/

By SARAH E. NEEDLEMAN Despite the many products and services on the market designed to protect computers from getting hacked, many businesses—small firms in particular—are still suffering at the hands of cyberthieves. Just ask Lloyd Keilson, the co-founder of Lifestyle Forms & Displays Inc., a mannequin maker and importer that had $1.2 million wiped out of its bank account in just hours through online transactions in May. His story was described in a Wall Street Journal article Thursday. So how did the company get hacked? Mr. Keilson isn't entirely sure, though experts in Web security say that cyberthieves likely covertly installed a virus on one of its computers. His company's computers run on the Windows 7 operating system and the company uses an internal firewall to connect to the Internet, he says. The company's computers are Dell Inc. machines that his staff installed with antivirus software called Neatsuite purchased from Trend Micro Inc., a Japan-based security company, he adds. Michael Sweeny, a spokesman for Trend Micro, says Neatsuite is an older product. Experts say that it's possible that after one of Mr. Keilson's staffers tried to log onto the website for the company's bank, a virus may have redirected him or her to a fake page that looked identical to the bank's site. If the employee typed in a username and temporary password provided by a secure-ID token, the virus might have sent that information to a thief who could have quickly logged into the bank's real website to make money transfers before the temporary password changed. Passwords created by tokens tend to be valid for about two minutes, say Web security experts. It's important to note that Mr. Keilson isn't able to confirm that this is what happened. Why did the company's bank allow money to be transferred out of its account? In this kind of scenario, banks commonly aren't aware anything is wrong because they're seeing someone log onto their websites with the correct information. Cyberthieves often transfer stolen funds to account created with stolen identification to avoid detection. How do viruses get onto computers that have anti-virus software? Computer users often download viruses onto the machines inadvertently by clicking on a website, advertisement or email attachment embedded with malicious content. Mr. Keilson says he isn't aware that any of his employees did this. Though anti-virus software is designed to recognize such material, it doesn't always work because hackers are regularly refining their tricks. "You have to continually evolve your technology approach to security to stay up with the latest threats," says Lawrence Pingree, an analyst at technology research firm Gartner Inc. "What worked yesterday might not work today." Does it matter what Web browser or operating system you use? Some Web browsers and operating systems have a reputation for doing a better job of preventing viruses from infecting computers than others. "We see far more infections on Windows than we do Macs, Unix and Linux," says Wade Baker, author of the Verizon 2012 Data Breach Investigations Report, a study based on cybercrime investigations conducted by Verizon's team, which is comprised of data-breach reports from Verizon and various law-enforcement groups around the globe, including the U.S. Secret Service and the Australian Federal Police. Mr. Baker says there's long been a debate over which Web browsers are the safest but that all browsers – including popular ones like Safari and Firefox -- are susceptible to viruses when users recklessly click on Web ads, email attachments and other online content. So what can I do to keep hackers at bay? Be cautious when downloading any material from the Web and opening email attachments. If you don't trust the source, don't open it. Also, contact your bank and find out what Web-related protections it offers businesses and what it's liable for in the event of a cyberattack on your firm's account. Set up limits on how much money can be transferred from your account in a day and require verbal authorization from an approved employee to make transactions above a certain amount. For more tips, see Protecting Yourself at the end of the article, "Cybercriminals Sniff Out Vulnerable Firms." Write to Sarah E. Needleman at sarah.needleman@wsj.com

Off: El o sa creada (despre sine insusi) ca este gay? On: Da`l in ziare la decedati. Dupa ii trimiti la usa o coroana cu ":*uie tie si ma-tii."

Pe site-ul HTCSense.com era functia Phone Finder in cazul in care il pierdeai, dar vad ca e in "renovari" iar optiunile nu vor mai fi disponibile. Poate ai noroc cu ceva aplicatie din Google Play pentru a gasi telefonul. Cu politia cel mai probabil n`o sa ai mare noroc. Rar solutioneaza un caz de genul, fie pentru ca nu au aparatura necesara, fie chef.

Cel mai probabil urmatoarele IP-uri vor avea de suferit in urma acelui Malware: 85.255.112.0 through 85.255.127.255 67.210.0.0 through 67.210.15.255 93.188.160.0 through 93.188.167.255 77.67.83.0 through 77.67.83.255 213.109.64.0 through 213.109.79.255 64.28.176.0 through 64.28.191.255

DNSChanger Malware : Thousands May Lose Net Access On July 9th Thousands May Lose Net Access On July 9th July he warnings about the Internet problem have been splashed across Facebook and Google. Internet service providers have sent notices, and the FBI set up a special website. Thousands of Canadians could be among the hundreds of thousands of people around the world who might lose Internet access on July 9.That's the day the FBI will shut down all the "clean servers" it set up to combat a massive hacking operation. Last November the FBI arrested and charged six Estonian men behind the malware as part of Operation Ghost Click. These hackers were able to make a fortune off their project, raking in millions for ads placed on their fraudulent websites.On the eve of the arrests, the FBI hired Paul Vixie, chairman of the Internet Systems Consortium (ISC) to install two temporary Internet servers that would prevent infected users from losing access to the Internet once the DNSChanger botnet was shut down. DNS (Domain Name System) is a core Internet technology used to convert human readable domain names suchasfacebook.com into an IP address such as 10.181.211.1, which a computer understands. It's estimated that there is still around 277,00 infections worldwide, despite a massive clean up operation. If you're concerned about your own PC, or family members, then there's a DNS checker website or more information over at the DNS Changer Working Group. Running the temporary servers for eight months has cost the FBI $87,000. Both Facebook and Google created their own warning messages that showed up if someone using either site appeared to have an infected computer. Facebook users would get a message that says, "Your computer or network might be infected," along with a link that users can click for more information.Google users got a similar message, displayed at the top of a Google search results page. It also provides information on correcting the problem. Ensure that the DNS Servers are not within the following range of Internet Protocols (IPs): 85.255.112.0 through 85.255.127.255 67.210.0.0 through 67.210.15.255 93.188.160.0 through 93.188.167.255 77.67.83.0 through 77.67.83.255 213.109.64.0 through 213.109.79.255 64.28.176.0 through 64.28.191.255 If DNSChanger is detected, users may use software from McAfee, Kaspersky Labs, Microsoft, Norton, or Trend Micro to clean the infection. Sursa: http://thehackernews.com/2012/07/dnschanger-malware-thousands-may-lose.html

Traffic Interception Vulnerability found in Cyberoam The TOR team have discovered a fake certificate in the wild. The certificate, issued by a US company called Cyberoam, was used in an attempt to trick a user in Jordan into believing that her/his connection to the TOR website, was private and secure, though in fact it was being spied upon by a Cyberoam device. This issue was discovered and analysed by Runa A. Sandvik of the TorProject and Ben Laurie. A certificate handling flaw in Cyberoam’s deep packet inspection (DPI) devices allow traffic from a single ‘victim’ to be intercepted by any DPI device from the vendor, according to the Tor Project. Cyberoam make a range of DPI devices which are capable of intercepting SSL connections. “While investigating this further, Ben Laurie and I found a security vulnerability affecting all Cyberoam DPI devices. Examination of a certificate chain generated by a Cyberoam DPI device shows that all such devices share the same CA certificate and hence the same private key,” Runa A. Sandvik, security researcher at Tor Project, explained. Because the devices all use the same CA certificate, anyone in the possession of one of these devices can intercept traffic from any user accessing the network through a different Cyberoam device. Since all of the devices also include the same private key, this key can be extracted and imported into other DPI systems as well, enabling that same traffic to be intercepted. Tor Browser Bundle are not impacted, but other users should check to ensure that the certificate in question is not installed in their web browser. Victims should uninstall the Cyberoam CA certificate from theirbrowsers and decline to complete any connection which gives acertificate warning. Sursa: http://thehackernews.com/2012/07/cve-2012-3372-traffic-interception.html

Indian Navy Computers hacked by Chinese Hackers Chinese hackers allegedly plant bug via flash drives on India navy's computers, which relayed sensitive data to China IP addresses. The sniffing tool was found in the naval computers exactly as INS Arihant, India’s first nuclear missile submarine, was in trials at the targeted facility in Visakhaptnam. he virus had reportedly created a hidden folder, collected specific files and documents based on certain "key words" it had been programmed to identify. It remained hidden on the pen drives until they were put in computers connected to the internet, after which the bug quietly sent files to the specific IP addresses. Officials of the Indian Navy stated for The Indian Express that “an inquiry has been convened and findings of the report are awaited. It needs to be mentioned that there is a constant threat in the cyber domain from inimical hackers worldwide.” So far, India has arrested six officers for procedural lapses which led to the breach. It is not clear if any of them will later face spying charges. The Naval headquarters in New Delhi is looking into the case closely, since several other sensitive projects are also being undertaken at the Eastern Naval Command situated at Visakhapatnam besides the Arihant trial. The extent of loss however, is still undergoing investigations, and it was premature at this stage to comment on the sensitivity of the compromised data, officials noted.These kind of incidence gives a clear shot of self hyped cyber security strategies implemented by government. Such confidential headquarters have physical security layers as well, like no or disabled USB ports. It seems proper measures were not taken here by the authorities. Sursa: http://thehackernews.com/2012/07/indian-navy-computers-hacked-by-chinese.html

One Man Fights for 7 Billion People, One Mother Battles to Wake Them Up The Truth About Julian Assange And Wikileaks By: Ann Smith, Executive Editor The Hacker News Last night I had the privilege of speaking to Christine Assange, the mother of Julian Assange who has been a reluctant hostage of a global political war among the United States, the UK, and Sweden and of all places Ecuador. Christine was very informative and thorough in explaining the history and current events regarding the heinous manner in which her son has been treated for supporting one of the most sacred rights of man this being right to have and freely provide access to truthful information. Still, facts and information do not cover the love and concern a mother feels for her child. As a mother myself, I felt Christine's immense and intense worry for her son's safety and his life. As a citizen of the world who carries many of the same concerns we all do of political strife, injustice, world war, poverty, and economic failure, she is above all a mother. I respect Christine Assange for her courage and her unfailing efforts to get the truth out regarding her son and I admire her for reaching out to every single means of possible help. Mostly, I empathize with her as a mother and understand how as a parent we share on a very deep level our children's joys, their successes, the disappointment of their failures and the hurt of their pain. I want to share and summarize what I learned from Christine. So, today I am speaking to you, the great warriors of internet justice, princes and princess for global peace, fighters of the environmental strife afflicting the world, and spiritual leaders praying for a more just world. The one million plus subscribers of The Hacker News and anyone else lucky enough to know that it is an inherent right of every human being to know the facts and the truth of their world. I am asking you to take a few moments and read this article, not only to understand and then communicate the truth around the issue of Wikileaks and Julian Assange, but to share in the experience I had with Christine Assange when she brought me to understanding that the issue of her son is not about politics or process but of the one thing that binds all of us together and without it, all of our causes fail this being the right of the people to know the truth. As she spoke of Wikileaks and information being available to the public, it became clear to me that everything we do in life, everything that we aspire towards and everything that we fight for, be it the environment, the issue of war, corruption in government, world hunger, spiritual awakening, economic balance, all tie to one word. Truth. Without the truth about the misuse of our environment, without the truth about corruption and greed, without the truth about why people suffer from hunger, without the truth about what to pray for, we are doomed. This made me think about how truth drives us. The knowledge of the real facts around our causes is what motivates us to take action and not be complicit with wrongdoers in our everyday living. Truth forms the web of living and without it we will continue to spiral towards global destruction and oppression. Christine talked about how very important it is to fully understand what this is all about. She is very clear that people must first educate themselves on what the facts are surrounding the persecution of Julian Assange, why this has happened, and who is behind it. To best convey the facts surrounding the sexual allegations from Sweden and our discussion I am providing here the content of Christine’s open letter to the Australian people on this issue. “After the Afghan War Diary release 25/7/10 Julian visited Sweden to obtain residency and base WikiLeaks there because of the good whistle-blowing laws. The US was aware of more WikiLeaks releases to come and wrote threatening letters. Julian was warned of entrapment plans. Woman A.A. invited Julian to speak in Sweden at a seminar about Afghanistan in mid-August 2010. Woman S.W. stated she went to the seminar to meet Julian. Both women have stated to the police and media that sex was consensual and non-violent. Exculpatory evidence (texts to friends) show women had no complaints regarding sex until finding out about each other and 100+ texts between A.A. and S.W. speak of revenge, making money and ruining Julian's reputation by going to the press. Woman S.W. was so upset police were going to allege rape she does not finish her interview or sign her witness statement, which was then altered again without her consent. She stated she felt railroaded into making a complaint. In Sweden, consensual non-violent sex can be legally defined as rape. Contrary to Swedish police procedure the women's interviews were not video or audio taped and the first prosecutor, Maria Häljebo-Kjellstrand, unlawfully told the press Julian was wanted for rape. Julian was not interviewed or informed - he found out in the tabloid newspaper Expressen that he was "being hunted down for double rape". Within hours, there were millions of website hits for Assange plus rape, causing irreparable harm to Julian's reputation. The next day after reviewing the file, Stockholm's chief prosecutor Eva Finné threw out the rape allegation. "I consider there are no grounds for suspecting he has committed rape," she said. For the last three years, the political advisor to the Swedish Prime Minister has been Karl Rove, a notorious, disgraced former Bush administration advisor who orchestrated vicious smear campaigns against political opponents. Karl Rove is a personal friend of the Swedish Prime Minister Fredrick Reinfeldt and of the Swedish foreign minister Carl Bildt. Sweden has close ties to the US and was the major arms supplier to the US-Iraq War. Around a week after the dropping of the rape allegation by the chief prosecutor, a politician/lawyer named Claes Borgström appealed the decision. Claes Borgström and his business partner Thomas Bodström run a thriving legal practice based on representing claimants in sex cases. Woman A.A., Irmeli Krans (interrogating police officer of woman SW) and both Borgström and Bodström are members of the Swedish Social Democrat Party. They all stood together for elections at the same time, one month after the sex allegations were made against Julian, with one of the platforms being widening the definition of rape within consensual sex. Woman A.A. produced new evidence for the appeal. She submitted a condom which she states Julian tore deliberately. Forensic tests showed there was no DNA evidence in the condom from either Julian or herself. Julian was not informed of the appeal and had no chance to make a submission. The appeal was successful. Julian Did Not Flee Sweden He remained in Sweden for five weeks seeking an interview with the new prosecutor Marianne Ny. She made excuses not to interview him and gave him permission to leave Sweden for business on September 15th (meeting with Cablegate media partners). He offered to fly back into Sweden for interview on October 9 or 10. Ny refused because it was a weekend. He offered to fly back on October 11th. Ny refused because it was too far away. During October and November Julian stayed at the journalist's club in the UK preparing for the release of the US diplomatic cables (Cablegate). During this period, he offered to be interviewed by Marianne Ny via the normal protocol for this situation called Mutual Legal Assistance (MLA) (via Skype, phone or videolink). Marianne Ny refused all offers. Around the time of the release of Cablegate in late November, Marianne Ny issued a European Arrest Warrant (EAW) for questioning, stating that Julian had fled the country, and a public Interpol Red Notice for his arrest. For the entire 16 months that Julian has been under house arrest in the UK, Marianne Ny has refused all his offers to be interviewed at the Swedish Embassy or in Scotland Yard. Marianne Ny has misled the Swedish and UK public by stating that she was legally not allowed to interview Julian by mutual legal assistance or in the UK. Sweden is a signatory to MLA. Many legal people investigating the case are of the opinion that the Swedish extradition case is not bona fide but merely a holding case awaiting a US extradition.” You may be feeling the same concern and fear I have and it is important to note what will happen if Julian goes to Sweden. As Christine states, “There is no bail in Sweden for foreigners and he will be held in indefinite detention in a Swedish remand prison incommunicado except to Swedish lawyers and in solitary confinement. If and when the case proceeds to trial he will be tried in secret (no media or observers) by four judges. Three of the four judges will be "lay" judges, that is, they have no legal training and are appointed by political parties. The other alternative is that the US will immediately unseal its Grand Jury indictment against Julian and from any point that he arrives in Sweden he could be extradited to the US. Many people falsely believe that the UK would have to sign off on an onward extradition to the US. This is true, if it is by way of a normal European extradition. However, under a separate US/Swedish Bilateral Treaty, Julian can be legally rendered to the US via a component of that treaty called the Temporary Surrender Regime. This is a secret, fast-track, no-test rendition.” After listening and comprehending what Mrs. Assange was saying, I want you to pull your chairs close and listen carefully to what I am about to say. Read the attached documents of the facts on this matter but know this: you are being duped and lied to for one reason to keep you from the truth. The United States and other countries do not want you to know their roles in driving issues of war, famine, economic collapse, environmental deterioration and other facts affecting your health and your welfare. It is as simple as that. A government wrought with corruption and no moral compass will do anything to shoot the messenger of news that will expose their fraud and deception. For all of Julian Assange’s efforts to bring truth and information to the world he now sits alone in the Ecuadorian Embassy in the UK after requesting asylum based on the well-founded fear of persecution, torture or death in the United States in connection with the publication of truthful information of matters of interest to the public. Although I will give you a plethora of ways you can help, I believe that the single most important step you can take now is to submit to the President of Ecuador, Rafael Correa, an email or letter stating that he must become the hero to all the people of the world by showing governments and corporations that telling the truth by releasing factual information on issues affecting all of us is the single most important act of his career. He has an opportunity to show the world that truth and justice can prevail in a fragile and tempestuous world. Julian Assange is a lone voice against ominous and uber-powerful forces speaking for YOU! He cannot do it alone. Let's help: Go to Justice for Assange and educate yourself on the facts and the chronological history of abuse Julian Assange has suffered in the name of freedom of information. Go to WL Central | The #1 unofficial WikiLeaks resource and read Christine Assange's open letter to the Australian people Email the President of Ecuador, Rafael Correa, you can contact him here. Message President of the Republic of Ecuador on Facebook: Rafael Correa | Facebook SPREAD THE WORD text, talk, fax, email, phone, Facebook, etc. and ask others to help. Join Wikileaks Forum: The Official WikiLeaks Forum - Index Write letters/email to your government representatives asking for support of Julian Assange and the cause of freedom of information. Since President Correa is looking to other countries for support and advice, contact your own government and get other countries on board supporting Ecuador allowing Julian asylum. Inform your friends, family and neighbors by having a Freedom of Information meeting or party! Ask for space to speak at local schools and Universities. Rally at the US embassy in your area. Financially support Wikileaks. It will be money well spent. Sursa: http://thehackernews.com/2012/07/one-man-fights-for-7-billion-people-one.html

Hacker made calls worth £10,000 from public phone Computer expert Dariusz Ganski, of Sunny Bank, Kingswood, used a router to tap into BT phone boxes and made hours of calls to expensive numbers. He make calls worth £10,000 of premium-line bills and he has been jailed for 18 months. Prosecutor David Maunder commented: "Police located the vehicle and they found Mr Ganski with two laptop computers and numerous mobile telephones." Bristol Crown Court heard that the 27-year-old committed his crimes to get electronic credits for music and on-line games, while still on licence from prison for almost identical offences. Ganski made 648 calls, totalling nearly 43 hours, from a phone box in Kelston, North East Somerset. BT was alerted to unpaid calls costing them about £7,700 on that box. He said: "Your counsel says you’re intelligent. What a waste that what you really do is go round defrauding companies in this way." Sursa: http://thehackernews.com/2012/06/hacker-made-calls-worth-10000-from.html