Saturday, 11 May 2013

Lookout to blacklist data-snooping Android ad networks and apps

Harmful ad networks collecting more information on their users than required have been given 45 days to fix their services, or they will be blacklisted as adware by mobile security firm Lookout.
Lookout security expert Jeremy Linden said the blockade is essential to combat the growing number of – officially legitimate – mobile advertising networks running on mobile marketplaces and apps that are collecting information without good reason.
"Over the past year we've seen a marked increase in ‘adware', software that contains ad networks that compromise a user's privacy or interfere with his experience. While the majority of mobile ads are legitimate, there are a few bad ad networks that put users at risk," wrote Linden.
"Ad networks and advertisers are both the gatekeepers for vast amounts of personal data and an important part of the overall mobile ecosystem; it's important that they get user privacy right."
The devious ad networks have been able to continue operating due to a lack of clarification within the security community about what adware is.
"Currently, there is inconsistency in the way adware is classified by the mobile industry. This lack of clarity gets in the way of tackling the problem," wrote Linden.
"Today, we are announcing rules and standards for acceptable advertising practices that promote good user experience and privacy best practices. We will give the industry – ad networks, advertisers, app developers – a set amount of time to change their practices; if the advertising does not abide by these rules it will be classified as adware."
The definition will list any ad network that displays advertising outside of the normal in-app experience, harvests unusual personally identifiable information or performs unexpected actions as a response to ad clicks, without gaining the users' permission to do so, as adware.
Unmoderated advertising networks are a growing problem on mobile ecosystems. Android is by far the worst hit due to Google's ongoing policy of not pre-vetting applications and services loaded onto the operating system. Most recently Lookout discovered the BadNews malware targeting the Android ecosystem, which avoided detection by embedding itself in advertising networks hosted in legitimate applications.

Apple iPhone encryption causing police backlog

Apple iPhone 5 black 
Apple's iPhone has proven a hit with the general public, but the company's strong security protections are making the device less than popular with law enforcement agencies.
It seems that the encryption on the handset is proving to be so hard for authorities to crack that they have to petition Apple to manually unlock the handset by manually overriding the security controls and decrypting data needed for criminal prosecution.
Unfortunately, the iPhone is a major hit with the consumer market, a market which happens to include those who run afoul of the law. As such, there are so many police asking for iPhone decryption that Apple has found itself with a backlog of requests.
According to Cnet, law enforcement officials are being told that they will have to wait as long as two months to gain access to iPhone units connected to criminal investigations.
This is not the first time Apple's security protections have caught the eye of law enfrocement agencies. Earlier this year the US Drug Enforcement Agency issued a warning to agents that messages delivered over Apple's Messages App, which sends data over secured HTTP connections, was all but impossible to eavesdrop in in the course of investigations.
The issue rehashes an ongoing battle that has erupted between the need for law enforcement agencies to access data and the right for users to have their data protected from intrusion. Apple is not alone in being caught up in the crossfire. Blackberry has found itself in the crosshairs of government authorities over its strong security protections which can prevent government eavesdropping.

UEFA Champions League final brings security threats

Wembley Stadium
Security experts are warning football fans to exercise caution when browsing for information on this month's Champions League final after early reports of online scams surrounding the match.
Researchers with Symantec have spotted a series of spam attacks looking to dupe users into following links advertising travel, lodging and ticket services for the Wembley Stadium final on 25 May between Bayern Munich and Borussia Dortmund.
According to the Symantec report, the first wave of spam messages has surfaced in Italy with offers to sell tickets to the final. Additionally further spam campaigns have attempted to sell users on travel packages which include airfare and lodging, while others have offered exclusive party access and special viewing events for the match.
Researchers have said that while the spam attacks are advertising fraudulent ticket and viewing party offers, no reports of malware attacks were mentioned. The company is advising users to exercise caution and avoid dealing with any ticket or accommodation offers which are delivered via unsolicited emails.
Such activity is only likely to increase over the run-up to the final later this month. Such attacks commonly surface around sporting events and the web was rife with spam and malware scams during last year's London Olympics.
"Nowadays, cybercriminals are gaining a lot of interest in football, at least inasmuch as how to exploit interest in football to their advantage, and Symantec has recently blogged about cybercriminals continuing to show interest in football," noted Symantec blogger Anand Muralidharan.

#Anonymous #opPetrol will hit petroleum industry on the 20th of May 2013

It is known as black gold. Anonymous has published a new operation that will attack the Petroleum industry on the 20th of May. The operation seems to have an Islamic mindset as the operation founders are not happy with the fact that the currency that is being used to exchange the petroleum is based on the Dollar currency.

Gold and Silver

The operation founders stated in the Pastebin file that:
Because Petrol is sold with the dollar ($) and Saudi Arabia has betrayed Muslims with their cooperation. So why isn't Petrol sold with the currency of the country which exports it?
Because the Zionists own us like this \!/
Historically, the Currency of Muslims was not the paper money that you know today, it was Gold and Silver.
The new world order installed their own rules so that they can control us like robots.
In the future, there will be no money paper and coins. The NWO are planning, by 2020, to make "Electronic Money" (like credit cards).
It's a money that you can't see and you can't touch. So, i believe that human kind will become more and more like a machine, more robotic, and even more addicted to the seeming "convenience" of it.
I also believe that this will make it much easier for them to steal from us. They do not need to make wars to steal petrol, Gold, etc....
So we are in a "new world" called "Petro-Dollar" !!!!! :s :s s
We defend our dignity and the dignity of all races, even if they are not Muslims. We are not racists. You can call us Jihadists or "terrorists," whatever you want, BUT, the REAL terrorists know who they are, and so do we. \!/ They are the killers of innocents, the stealers of land, dignity, rights, and resources; they are the creators of the bombs, drones, and surveillance technologies that have stolen all that is sacred from us.
We are the new generation of Muslims and we are not stupid. We do not fear anyone or anything. We represent Islam. We fight together, We stand together, We die together.

Countries that are being attacked

The operation seems to target the following countries:
  • USA

Governments that will be attacked


Companies that might be affected

  • Shell
  • Aramco
  • British Petrolium
  • Total
  • Texaco.

AnonGhost o​f #opIsrael and #opUSA will help 

Resources have provided the information that the AnonGhost team that has initiated earlier attacks in #opIsrael and #opUSA will participate in the petrol operation.

Alleged Dominican head of New York ATM thefts was shot dead

An alleged leader of the New York arm of a global cyber crime ring, which stole $45 million from two Middle Eastern banks, was shot dead during an attempted robbery in the Dominican Republic last month, Dominican police said on Friday.
Alberto Lajud-Pena, 23, was killed on April 27 in a house in the city of San Francisco de Macoris about 100 miles northeast of the capital, Santo Domingo, according to police.
Investigators found $100,000 in cash in the house, as well as an M-16 assault rifle, two 9 mm pistols, a revolver, ammunition clips and a telescopic sight. The money and weapons belonged to Lajud-Pena, police said.
Lajud-Pena was one of eight men that U.S. prosecutors said on Thursday were part of the New York cell of an international criminal syndicate that perpetuated one of the biggest bank heists in the world.
The crime ring hacked into the networks of two credit card processing companies in December 2012 and February 2013, respectively, to steal prepaid debit card data which they used to fraudulently withdraw money from cash machines in 27 countries over a matter of hours.
The U.S. Justice Department said the New York group was led by Lajud-Pena and pulled $2.4 million from almost 3,000 ATMs in the city during the space of 10 hours in February. Lajud-Pena's alleged co-defendants are all Hispanic men who were arrested in Yonkers, a New York City suburb that is home to a large Dominican population, U.S. prosecutors said on Thursday.
Lajud-Pena was shot and killed by a gang of three men, of whom the leader was Carlos Manuel Jiménez, alias "La Vaca Loca" (Mad Cow), according to police in the Dominican Republic. Jiménez and the two men were in custody, police said.
It was not immediately clear if the gang or the $100,000 found at the house were linked to the cyber theft. U.S. prosecutors have said that $2 million in cash is still missing from the heists.
The global ringleaders of the cyber theft are believed to be outside the United States though prosecutors declined to give details, citing the continuing investigation. Arrests in the case have also been made in Germany, according to the Düsseldorf prosecutor's office.
The hackers are alleged to have increased the available balance and withdrawal limits on prepaid MasterCard debit cards issued by Bank of Muscat of Oman, and National Bank of Ras Al Khaimah PSC (RAKBANK) of the United Arab Emirates.
They then distributed counterfeit debit cards to "cashers" around the world, enabling them to siphon millions of dollars from cash machines in a matter of hours, the prosecutors said.

Germany arrests two Dutch suspected of global $45 mil cyber theft

German prosecutors said on Friday they had arrested two Dutch people suspected of involvement in a global cyber theft of $45 million from two Middle Eastern banks.(Reuter)
On Thursday U.S. prosecutors said a criminal gang had withdrawn the money from cash machines in 27 countries.
The Duesseldorf prosecutor's office said a 35-year-old male and a 56-year-old woman had been caught on February 19 withdrawing 170,000 euros in Duesseldorf using Bank of Muscat credit cards. In total, $2.4 million dollars had been withdrawn in seven German cities.
"We have arrested two Dutch people in Germany who apparently took part in this crime," a spokesman for the office said.
He added the two had come to Duesseldorf with the purpose of withdrawing the money in Germany. The two suspects are accused of computer fraud and faking credit cards.
Germany's BdB banking association said it was not aware of any banks in Germany suffering losses as a result of the scheme.
The hackers increased the available balance and withdrawal limits on prepaid MasterCard debit cards issued by Bank of Muscat of Oman, and National Bank of Ras Al Khaimah PSC (RAKBANK) of the United Arab Emirates, according to the complaint by U.S. prosecutors.
They then distributed counterfeit debit cards to "cashers" around the world, enabling them to siphon millions of dollars from cash machines in a matter of hours