Thursday, 25 July 2013

US Charges Hackers Over 160 Million Bank Card Numbers

NEW YORK CITY - US authorities indicted five men on Thursday on charges of running a global hacking operation that enabled them to steal the bank card numbers of more than 160 million people.
Prosecutors in Newark, New Jersey described the scheme as the largest hacking and data breach case ever prosecuted in the United States.
According to the indictment, the men -- four Russians and a Ukrainian -- targeted major payment processors, retailers and financial institutions around the world over the course of seven years, resulting in hundreds of millions of dollars in losses.
The defendants were charged with attacks on, among others, NASDAQ, Visa Jordan, the Belgian bank Dexia, and Diners Singapore. Just three of the corporate victims have reported combined losses in excess of $300 million.
"This type of crime is the cutting edge," New Jersey US Attorney Paul Fishman said.
"Those who have the expertise and the inclination to break into our computer networks threaten our economic well-being, our privacy and our national security."
The defendants were named as Russians Vladimir Drinkman, Alexandr Kalinin, Roman Kotov and Dmitriy Smilianets, and Ukrainian Mikhail Rytikov.
Only Smilianets is currently in US custody. He was arrested in the Netherlands last year along with Drinkman and extradited. Drinkman is awaiting an extradition hearing in the Netherlands. The other three suspects are still at large.
US investigators have been on the trail of the hackers for at least four years with Kalinin and Drinkman having been identified as Hacker 1 and Hacker 2 in a 2009 indictment of Albert Gonzalez, who was subsequently convicted and sentenced to 20 years in prison for accessing the confidential data of Heartland Payment Systems and other corporations in what was, until then, the biggest case of its kind.
The pair were described as specialists in penetrating network security and gaining access to the systems of major corporations. Moscow-based Kotov was said to be the expert in mining the networks his accomplices had opened up.
This involved installing malicious code, or malware, on compromised systems, enabling the harvesting of user names and passwords, means of identification and bank card numbers.
The US investigators regard the estimate of 160 million numbers obtained by the group as a conservative one.
The group was prepared to wait for months at a time for their efforts to break a particular company's security.
Instant message chats between the defendants indicate they had malware implanted on some companies' servers for over a year, according to investigators.
Rytikov, based in Odessa in the Ukraine, allegedly run the web-hosting services the hackers used to disguise their activities and Similianets, also a Muscovite, was said to be the person who sold on the information and shared the proceeds with the group.
A stolen American credit card number and the details needed to use it were said to be worth 10 dollars, a Canadian one $15 and a European one $50 to the identity theft wholesalers who bought the data.
They would then sell them on to individuals who could encode the data onto blank plastic cards and use them to buy goods or make cash withdrawals. Kalinin was named Thursday in a separate indictment in New York which accuses him of hacking into computer servers used by the New York technology market NASDAQ.
He is also charged by the New York authorities with a scheme to steal bank account information from US financial institutions in partnership with another Russian hacker, Nikolay Nasenkov.

Five Charged in Largest Hacking Scheme Ever Prosecuted in US

Global Hacking Operation Targeted Major Payment Processors, Retailers and Financial Institutions
The U.S. Attorney's Office today unsealed an indictment charging four Russians and a Ukrainian with a multi-million hacking scheme that netted 160 million credit card numbers from several major American and international corporations.
The charges stem from hacking attacks dating back to 2005 against several global brands, including the NASDAQ exchange, 7-Eleven, JC Penney, Hannaford, Heartland, JetBlue, Dow Jones, Euronet, Visa Jordan, Global Payment, Diners Singapore and Ingenicard.
Hackers Charged in Fraud OperationAccording to the indictment (PDF) unsealed today in Newark federal court, the five men each served particular roles in the scheme:
- Vladimir Drinkman, 32, of Syktyykar and Moscow, Russia, and Alexandr Kalinin, 26, of St. Petersburg, Russia, each allegedly specialized in penetrating networks and gaining access to the corporate victims' systems.
- Roman Kotov, 32, of Moscow, allegedly specialized in mining the networks  compromised by Drinkman and Kalinin to steal valuable data.
- Mikhail Rytikov, 26, of Odessa, Ukraine, allegedly offered anonymous web-hosting services for the others to hide their illegal activities.
- Dmitriy Smilianets, 29, of Moscow, allegedly sold the information stolen by the other conspirators and distributed the proceeds of the scheme to the participants.
Drinkman and Kalinin were previously charged as “Hacker 1” and “Hacker 2” in the famous case against Albert Gonzalez, who is now serving 20 years in jail in connection with a series of high-profile data breaches, including a massive breach at TJX.
Two of the five men -- Drinkman and Smilianets -- were arrested while traveling in the Netherlands last year and have been extradited to the U.S. to face charges. The other three remain at large.
According to court documents, the group allegedly took user names and passwords, means of identification, credit and debit card numbers and other corresponding personal identification information of cardholders.
The men allegedly used SQL injection attacks as the initial entry point into the computer systems of global corporations. Once networks were breached, the defendants allegedly placed malware on the systems.  According to the indictment, the malware used created a “back door,” leaving the system vulnerable and helping the defendants maintain access to the network.
In some cases, the defendants lost access to the system due to companies’ security efforts, but they were able to regain access through persistent attacks," according to court documents.
The group also used sniffers to to identify, collect and steal data from the victims’ computer networks and hijacked computers located around the world to store the stolen data and ultimately sell it to others.
To sell the stolen data, the U.S. Attorney's Office alleges that Smilianets packaged "dumps" and offered these to resellers around the world.  Smilianets was allegedly in charge of sales, vending the data only to trusted identity theft wholesalers. According to court documents, he charged approximately $10 for each stolen American credit card number and associated data, approximately $50 for each European credit card number and associated data and approximately $15 for each Canadian credit card number and associated data – offering discounted pricing to bulk and repeat customers," according to the indictment.
"Ultimately, the end users encoded each dump onto the magnetic strip of a blank plastic card and cashed out the value of the dump by either withdrawing money from ATMs or making purchases with the cards," it added.
The men face five years in prison for conspiracy to gain unauthorized access to computers; 30 years in prison for conspiracy to commit wire fraud; five years in prison for unauthorized access to computers; and 30 years in prison for wire fraud.

Overconfident? Introverted? Study reveals personality traits of “perfect” phishing victims

A new study aims to identify the sort of people who are most likely to fall for phishing scams – and has found that women, introverts and the overconfident are more likely to confuse “real” email with phishing scams.
Introverts are more likely to delete legitimate email thinking it is a scam, women are more likely to open phishing emails – and almost everybody is overconfident about their ability to spot fraudulent emails.
Kyung Wha Hong of North Carolina State University is studying the relationship between personality traits and susceptibility to phishing, in an effort to profile those most likely to fall victim. The project – part-funded by the NSA – aims to build new anti-phishing tools.
In “Keeping Up With the Joneses: Assessing Phishing Susceptibility in an E-mail Task,” Kyung Wha Hong’s participants completed a personality survey, and then asked them to read legitimate and spam emails, deleting them if they were suspicious.
Overall, people performed badly. Although 89% of the participants said they were confident in their ability to identify malicious e-mails, 92% of them misclassified phishing e-mails.
52% of participants misclassified more than half the phishing e-mails, and 54% deleted at least one authentic e-mail.
Women were less likely to identify phishing emails than men, the study found. People who self-reported as “less trusting, introverts, or less open to new experiences” were more likely to delete legitimate e-mails.
The paper will be presented at the upcoming 2013 International Human Factors and Ergonomics Society Annual Meeting.
ESET Senior Research Fellow David Harley warns that phishing emails are evolving rapidly to become more convincing in a detailed blog post here. Crucially, such emails are often getting through to inboxes of well-defended mail services – meaning that they may find a fresh audience. Harley says, “Right now malware and phishing forms apparently from reputable companies seem to be particularly successful at getting through mail services with exceptionally good filtering.”

Android spyware “on rise” as snooper apps multiply

Spyware is a growing threat on Android phones, according to research by Kindsight Labs, a division of Alcatel-Lucent.
A third of the top 15 Android threats detected by Kindsight Labs were spyware, the company said in its Q2 report. Kindsight provides security solutions to ISPs and mobile networks, and analyzes network traffic to detect malware trends.
“Malware and cybersecurity threats continue to be a growing problem for mobile devices, particularly for Android smartphones and tablets which are increasingly targeted,” said Kevin McNamee, security architect and director of Alcatel-Lucent’s Kindsight Security Labs.
“Mobile spyware in the ‘Bring Your Own Device’ (BYOD) context poses a threat to enterprises because it can be installed surreptitiously on an employee’s phone and used for industrial or corporate espionage.”
Overall infection rates remain low, though, with 0.52% of mobile devices infected, according to Kindsight Security Labs Malware Quarterly Report.
“Another indication of Android malware growth is the increase in the number of samples in our malware database,” the report said. “In Q2 alone there has been a six fold increase in the number of Android malware samples. Trojanized apps from Google Play and third party app stores are the major infection vector.”
ESET’s detections of Android malware have also increased this year. ESET Security Evangelist Stephen Cobb says in a blog post, “The number of variants for four different families of Android malware jumped dramatically. This is a strong indicator of increased activity by those who distribute malware. These ESET numbers are global and appear in the ESET report: Trends for 2013: Astounding growth of mobile malware (PDF).”

Hacking Radio frequency identification (RFID) from 3Ft away

Security consultant Fran Brown has created a hacking tool that can capture data from RFID badges from up to three feet away a worrying development considering that up to 80 percent of US companies that use RFID access control systems still employ the vulnerable technology hacked by Brown.
What is RFID?
Radio frequency identification, or RFID for short, is used in a wide variety of everyday applications from the tracking of animals and humans to motorway toll collection and contactless payment systems. While some people may not know much about RFID, the chances are they have more than likely used it at one stage or another without even knowing it. If your dog has a microchip implant or you use an ID card to gain access to work then, whether you knew it or not, you have used RFID technology.
RFID uses radio waves to transfer data in order to automatically identify objects, or people or animals associated with those objects. An RFID system consists of at least one tag and one reader and there are several variations of both but one of the most common types of tags, and the type that is discussed in this blog and Brown’s research, is the 125KHz tag. Readers are two-way radio transmitter-receivers that send a signal to the tag and read the response.
The tag contains a radio frequency transmitter and receiver that receives the signal from the reader and responds by sending back whatever information is stored on it, such as a unique code for accessing a secure building for example. Tags are very small and can be placed inside ID cards, passports, DVD or CD cases, or even just under the skin.
Long-range hacking tool
125KHz tags are some of the most common and need to be placed in close proximity, 10cm or less, to the reader in order to receive and send a signal. In order to skim and then clone one of these cards, a malicious actor would need to either have access to the card or be extremely close to it which makes it a difficult thing to do. However, Brown has managed to modify an RFID reader so that it can read RFID tag data from a relatively long distance up to three feet.
What this basically means is that anyone with one of these readers could place it in a pocket and take a walk around a company car park for instance, collecting data from workers’ ID badges as they walk by. The badges could then be cloned and the attacker would have the same access as the owner of the cloned badge.
The customization of the RFID reader was done by creating a small printed circuit board that can be inserted into most commercial readers. The stolen tag information is stored on a micro SD card. The code Brown wrote, as well as all the details of the hack tool and customization will be made available after this year’s Black Hat security conference in Las Vegas, where Brown will present his research.
While this idea has been around for some time, Brown says that his method “is the difference between a practical and impractical attack.” Past research has consisted of theories and ideas with little if any actual working tools. He also states that, in tests, his tool has a hundred percent success rate.
125KHz tags are considered out of date these days and have no security guarding the information they contain. The data sent is not encrypted so once it is received by an attacker, all they have to do is clone a new tag. While there are newer options available that encrypt the data stored on the tag and also secure the communication between the tag and reader or use challenge response authentication methods, organizations are slow to migrate to the new technology. This may be due to cost and/or organizations not being aware of the security risks associated with 125KHz tags.
Brown says that his long-range RFID reader is “targeted toward the Fortune 500 security professional” but that “[a]s with any penetration testing tool, this […] can be turned malicious.”
Given this development, organizations using RFID access control solutions may want to look again at their existing systems and think about upgrading or introducing additional access control measures such as biometrics

Irish Office of the Data Protection Commissioner (ODPC)won't probe U.S. firms over Prism

A watchdog in Ireland, home to the European headquarters of Apple and Facebook, says it will not investigate them for transferring personal data to a U.S. spy agency because they have signed up to EU privacy principles.
The Irish Office of the Data Protection Commissioner (ODPC), had been challenged by an Austrian student activist group to investigate allegations that the U.S. National Security Agency harvests emails and other private data from the companies in a mass electronic surveillance program known as Prism.
But in an email published by the student group, europe-v-facebook, the ODPC said the companies were covered by 'Safe Harbour', a system that allows U.S. firms to certify themselves as compliant with EU data protection law by signing up to a set of principles supposed to safeguard how personal data are used.
The European Union adopted Safe Harbour in 2000, seven years before the NSA began the Prism program that was revealed by fugitive intelligence contractor Edward Snowden last month.
"We do not consider that there are grounds for an investigation under the Irish Data Protection Acts given that 'Safe Harbour' requirements have been met," the ODPC wrote to europe-v-facebook.
An ODPC spokeswoman told Reuters: "If something is agreed by the European Commission for the purpose of providing safeguards, that ticks a box under our jurisdiction."
Max Schrems, the founder of europe-v-facebook, said: "We have the impression that the ODPC is trying to simply ignore the complaints and the whole Prism scandal."
The 25-year-old law student is also awaiting responses to complaints he has filed against Yahoo in Germany and Microsoft and Skype in Luxembourg.
LEADERS PETITIONED
Snowden's leaks about NSA eavesdropping methods have caused widespread outrage among both friends and foes of the United States. Freedom-of-expression group Index on Censorship launched a petition together with five other campaign groups on Thursday calling on European heads of government to discuss the issue at their next summit in October.
Ireland, which has courted U.S. business for decades and offers attractive tax rates, is home to the European headquarters of some of the biggest U.S. technology companies including Microsoft and Google, which are also alleged to have cooperated with the Prism program.
The companies, which are restricted by law as to what they can disclose about their involvement, say they have not given direct access to their servers to any government agency, and have only provided user information in accordance with the law.
The Snowden affair has raised questions about the efficacy of Safe Harbour. The data protection commissioner for the German state of Bremen called on Wednesday for the European Commission to suspend it indefinitely in light of the "excessive surveillance by foreign secret services".
Viviane Reding, the European Commissioner for Justice, Fundamental Rights and Citizenship said this month: "The Safe Harbour agreement may not be so safe after all." A spokeswoman for her office said the Commission was working on an assessment of the agreement, which it would present by the end of the year.

MARYLAND AND ESTONIAN CIVILIANS TAKE UP ARMS AGAINST HACKERS

Maryland has started a volunteer netwarfare squad that the Estonian ambassador likens to her country's groundbreaking civilian cyber reserve, which was assembled after neighboring Russia allegedly shut down the former Soviet state's Internet access in 2007.
The "denial of service attack" paralyzed key industry and government networks for two weeks, and U.S. officials have warned that a similar Internet blackout could happen here soon.
Maryland's 175th Network Warfare Squadron is part of the state's Air National Guard. The squad "provides operational technical, analytical and language support to Air Force and national efforts to identify and mitigate cyber intrusion activities on Department of Defense networks," Maj. Wayde Minami, Maryland Air National Guard public affairs officer, said in an email.
Earlier this year, a bipartisan group of senators introduced legislation that would position a National Guard "Cyber and Computer Network Incident Response Team" in every state.  Members of the National Guard Association of the United States backed the measure. They noted that the "bill creates the teams by shifting positions and operations and maintenance funds to the Guard. No new budgetary authority would be created. Defense officials, according to the Guard association, oppose the conditions, arguing the teams would sap resources from department cyber efforts.
At a Georgetown University global cybersecurity summit in April, Estonian Ambassador Marina Kaljurand said a close parallel to her nation’s cyber reserve is the new Maryland program. Estonia's familiarity with the National Guard of the east coast state stems back to a partnership that began after the fall of the Soviet Union.  Since 1993, Maryland has helped Estonia transition to an independent nation and the pair now help one another promote stability and democratic principles.
In 2011, Estonian President Toomas Hendrik Ilves told Nextgov that the country's then-new “white-hatted hacker organization” gathers information technology professionals from banks, insurance companies and other private businesses who want to do something "defense-related" during the evenings or on weekends. “Since we live in this modern era, it's not only riding around in the woods with guns,” Ilves explained. “So why don't we set this thing up where you can volunteer and we will support you materially to work on defense? It's only about three months old but it’s widely popular among geeks.”
But there is some concern about cybersecurity firms or extremist groups becoming cyber mercenaries. At the Georgetown conference, Eric Rosenbach, the Pentagon's deputy assistant secretary of defense for cyber policy, said Defense does not want a cyber "militia."
Minami responded, "I assume the concern is about local groups forming ad hoc bands of 'cyber warriors' that have no legal authority to exist. This is definitely not the case with the 175th Network Warfare Squadron, which is a federally recognized military unit, just like any other in the Air National Guard.”
Homeland Security Department officials have been supportive of the concept of a National Guard-like band of cyber specialists to ensure capable professionals are on tap in times of national crises.
The House also has attempted galvanizing a formal cyber national guard. A 2002 law permits Homeland Security to create a volunteer “NET Guard” for cyber response. An attempt at cybersecurity reforms last year would have required that DHS officials consider using grants to get the effort going and maintain it through a “national volunteer experts registry system.

GCHQ and MI5 push all FTSE 350 firms to have cyber security audit


Digital security padlock red image
Top government spy agencies GCHQ and MI5 are backing audits of the cyber security strategies at the UK’s top firms in order to assess their preparedness against the threat of cyber attacks.

The agencies have added their support to a letter, sent by the department of Business, Skills and Innovation (BIS), to the UK’s top FTSE 350 firms offering to carry out Cyber Governance Health Checks. However, it is unclear who would carry out the health checks, and what specifically the audit would entail.

The letter, a copy of which has been seen by V3, outlines the threats facing firms from cyber attacks and the need to ensure adequate measures are in place to protect data and systems.

“The cyber threat is diverse and continues to grow, from those looking to seize commercial advantage and intellectual property to those looking to destroy critical data and undermine the integrity of systems,” it reads.

“Cyber attacks against companies are already causing significant damage to personal and organisational reputations and revenues.”

As such, the audits are designed as a chance for firms to have their cyber security practices audited and anonymously scrutinised against their peers. This information will then be used to help firms understand where they could improve their strategies.

“The Cyber Governance Health Check will provide a free and confidential set of conclusions and a comparison of your business against its peers, helping inform subsequent vulnerability discussions between the company and its external auditor," it adds.

"This will better enable you and your board to understand and manage risks that have the potential to cause major damage to your business.”

The programme is expected to begin in September and the government is hoping the initiative will lead to increased dialogue between industry and government on how best to tackle the scourge of cyber threats.

The move comes a day after UK retailer Lakeland revealed it was hit by a sophisticated cyber attack on two of its databases that forced the firm to reset all customer passwords as a precaution.

PRISM: US politicans narrowly pass bill giving more funding to NSA spy programme


Capitol Hill
The US senate has narrowly passed a bill approving the ongoing funding for the National Security Agency’s (NSA) PRISM spy programme, after representatives attempted to block the controversial programme.

The vote was passed 217 to 205, as reported by the Associated Press, during a wider debate on overall defence funding for the US, and was a chance for those who have spoken up over the PRISM programme to try and stifle efforts to allow it to continue.

Republican Justin Amash, said that those in the Senate owed it to the US citizens to stop the collection of data as it was being touted as vital without any real justifications.
"Opponents of this amendment will use the same tactic that every government throughout history has used to justify its violation of rights: fear. They'll tell you that the government must violate the rights of the American people to protect us against those who hate our freedom,” he said.
However, just enough backers of the programme voted for it to continue, claiming it was a vital part of the security service’s ability to try and protect the US.

Despite losing the amendment Amash said on Twitter afterwards that he would continue to fight the government’s survelliance of its own citizens.
PRISM has generated political strife across the world, with the UK forced to defend its own spy agency, GCHQ, from claims over its involvement, while the whistleblower who released the information, Edward Snowden, has been holed up in Russia for four weeks seeking asylum.

#opIslam: Israeli hackers initiate Operation Islam

#opIslam is an operation that has been initiated by the hacking group IsraeliElite. The hackers are going to launch the operation on the 26th of June. The Israeli hackers are asking the world to assist #opIslam in the fight against cyber terrorism.

The cyberwar IsraeliElite is waging 

The Israeli hacking group has made an #opIslam youtube channel that can be found here. The channel has been setup on the 8th of June, 2013 and it has 158 views at the moment. The channel also forwards to an Facebook page called ZionOps.

opIslam website 

The operation has its own website online at www.opislam.com - the website shows information about the #opIslam operation and the #opIsrael operation. When you take a look at the whois information you will see that the website is being hosted by a provided in Panama.
Operation Islam

opIslam video transcript

Greetings hactivists and people of the world. We are sending this message to appeal to the tired and downtrodden people who oppose radical islam over the whole Earth. We are calling on everyone, from the Philippines to Michigan, to Toronto, to London, and Sweden to make their opposition to the tyranny of Islam known and heard. Recently radical islamists have started waging full scale jihad through disrupting internet services and sites belonging to people they disagree with, hate, or want to do harm to. We call on people to fight this Islamic cyber jihad. On July the 26th an operation to combat this cyber terrorism will be launched. The operation, named opislam, will begin.
This operation is not against all muslims, just the terrorists who always uses their religion to justify their actions. Our self-defense, and retaliation was not something we decided on quickly. We reluctantly fight a battle we did not start. Though this is not a conflict of our choice, we will fight on our terms, not the enemy's terms. We are making a stand because our conscience tells us we have to. We fight back because we are tired of watching our people being murdered, children rapped and abused, and tired of the incessant attempts of the quote moderate end quote muslims to impose sharia law via ballot boxes and censoring everyone who dares to talk about their action and what is really going on. In Europe whole cities go up in flames and the western media won't say a word about it. They are either complicate propagandists or scared of winding up like the unfortunate young man in London.
As recent events in the United Kingdom have demonstrated, the broad daylight terrorism which once was the sole providence of the middle east has spread to your streets, in your capitals and your very front yards. Radical islam is not hard to spot in the world, it's the abu saif Islamic terrorist group making trouble in the Philippines, Islamic groups in the America's attacking people who speak out against them, and the Islamic youth in Europe who seem to riot monthly now. How much worse does it have to get before sane people say enough?
Our grievances with radical islam and moderate islam are as follows. Moderate islam seems incapable or unwilling to police the extreme members of their society. Radical islam seeks world domination either through willing conversion or at the end of a sword. Radical islamists brazenly commit brutal acts of barbarism like decapitating someone with kitchen knives and then claims to be victims. It is not westerners that gives them a bad name, its the criminals that terrorize and murder innocent people in the name of their religion, islam, that gives their society a bad reputation.
Acting like savage marauders from the dark ages in today's civilization is unacceptable. Attempting to set in place and enforce a draconian legal system from a few thousand years ago is unacceptable. Waging asymmetric warfare, hiding behind women and children, crying about being a victim while brutally murdering people in cold blood is unacceptable.
.......
While western governments seem to have surrendered to the madness, the citizens of the west do not have to surrender along also. Getting mad at people who kill your citizens in barbaric fashion is not a crime. Having issues with people who share the same goals as the murderers is also not a crime. Talking about the people who kill your fellow citizens, terrorize your society, and prey on your children should not be a crime. Arresting a pregnant woman for holding her nation's flag in her nation's capital is just a crying shame, and should be a crime.
.......
Islamic fundamentalists hide themselves and their weapons of terrorism behind their own women and children in the Middle East. Islamic radicals and the people who share their goals hide behind their religion, government enforced censorship, and intellectually dishonest arguments in the west. Their actions across the globe from the Abu Saif in the Philippines, to the honor killings and harassment of decent citizens in North America, to the barbaric killing of people all over Europe and burning their towns to the ground has spoken for them.

AnonGhost 

The hacking group AnonGhost is one of the hacking groups that represent Islam - this is one of the groups that has responded to the #opIslam operation. AnonGhost is known of their previous operations on #opUSA, #opPetrol and #opIsrael.

Iranian NGO Invites Snowden to Iran to Reveal NSA espionage operations

An Iranian NGO named 'Justice-Seekers without Borders' in a letter to fugitive former National Security Agency employee Edward Snowden invited him to visit Iran and reveal the details of Washington's espionage operations against the country.
"Since one of the United States' illegal actions disclosed by you is spying on the Iranian citizens, we invite you to visit Iran and elaborate on the US administration's measures in this regard in detail," the letter said on Wednesday.
The letter expressed pleasure in the US failure in detaining Snowden, and stressed that the Iranian people will remain beside those who fight for truth and pay the price for their resistance.
After Snowden's revelations, Tehran deplored the US for conducting espionage operations against Iran.
"...Iran has always been one of the targets of the US espionage operations and the US officials have repeatedly pointed to this issue," Iranian Foreign Ministry Spokesman Seyed Abbas Araqchi said earlier this month.
Araqchi described the US espionage operations as interference in Iran's internal affairs, and said, "This move is not acceptable at all."
The British Guardian daily acquired top-secret documents about the US National Security Agency (NSA) datamining tool, called Boundless Informant, that details and even maps by country the voluminous amount of information it collects from computer and telephone networks.
A snapshot of the Boundless Informant data, contained in a top secret NSA "global heat map" seen by the Guardian, shows that in March 2013 the agency collected 97bln pieces of intelligence from computer networks worldwide.
The heat map reveals how much data is being collected from around the world. Note the '2007' date in the image relates to the document from which the interactive map derives its top secret classification, not to the map itself.
Iran was the country where the largest amount of intelligence was gathered, with more than 14bln reports in that period, followed by 13.5bln from Pakistan. Jordan, one of America's closest Arab allies, came third with 12.7bln, Egypt fourth with 7.6bln and India fifth with 6.3bln.
The heatmap gives each nation a color code based on how extensively it is subjected to NSA surveillance. The color scheme ranges from green (least subjected to surveillance) through yellow and orange to red (most surveillance).
The disclosure of the internal Boundless Informant system comes amid a struggle between the NSA and its overseers in the Senate over whether it can track the intelligence it collects on American communications

Stanford Univercity Hacked scope of the intrusion Unknown

Stanford univercity report that investigating apparent IT breach and urges users to update passwords.
In an email to the Stanford community on Wednesday evening, Randy Livingston, vice president for business affairs and chief financial officer said the following:
Stanford is investigating an apparent breach of its information technology infrastructure similar to incidents reported in recent months by a range of companies and large organizations in the United States. We do not yet know the scope of the intrusion, but we are working closely with information security consultants and law enforcement to determine its source and impact. We are not aware at this time of any protected health information, personal financial information or Social Security numbers being compromised, and Stanford does not conduct classified research.
As a precautionary measure, we are asking all users of Stanford's computer system – that is, all those with a SUNet, or Stanford University Network, ID – to change their passwords. This may be done on the "Accounts" page of the Stanford website.  (You can find the "Accounts" page by going directly to the main stanford.edu website.) Additional information is posted on that page verifying the nature of the issue and the University's request that passwords be updated. As we learn more about the incident, this process may need to be repeated.
Stanford treats information security with the utmost seriousness and is continually upgrading its defenses against cyberattacks. Like many institutions, it repels millions of attempted attacks on its information systems each day. In recent months, a range of large organizations have reported attacks involving their information systems. Preliminary indications are that the breach at Stanford bears many similarities to these incidents. We are unable to provide additional detail at this time, given the ongoing nature of the investigation and the importance of limiting any damage from the incursion. We will provide updates to users of our systems as more information becomes

largest hacking and data breach scheme ever in U.S. by Russian&Ukrains hackers

Prosecution of 4 Russian and 1 Ukrain national started today in Newark, N.J they have been charged with running a sophisticated hacking organization that over seven years penetrated computer networks of more than a dozen major American and international corporations.report (AP)
The hackers have sold more than 160 million credit and debit card numbers and sold them to resellers around the world.
NASDAQ, 7-Eleven Inc., Heartland Payment Systems Inc., French retailer Carrefour S.A. and the Belgium bank Dexia Bank Belgium are amoung victims.
The defendants are Russians Vladimir Drinkman, Aleksander Kalinin, Roman Kotov and Dmitriy Smilianets, and Ukrainian Mikhail Rytikov.

IBM unveils QRadar Vulnerability Manager security tool


ibm-black-posdesign-rgb
IBM has launched new real-time security management tools, including its QRadar Vulnerability Manager (QVM), which it said combs through potential security flaws and presents them to security officers in a more manageable format.
QVM lists results from multiple security scanners alongside the latest X-Force Threat Intelligence reports and listings from the National Vulnerability Database to allow users to quickly get a grasp on which potential problems present the highest risk.
The software also includes an embedded, PCI-certified scanner, which can be scheduled to run periodically or triggered based on network events.
Brendan Hannigan, general manager at IBM Security Systems said the firm's new product launch was a timely one. "Traditional vulnerability management solutions are fundamentally broken," he explained. "Vulnerability scanning today lacks network-wide visibility, contextual awareness and real-time scanning. These gaps mean even well-known and preventable vulnerabilities can be lost in an overload of data, leaving organisations exposed to high risks."
Murray Benadie, managing director of IBM partner Zenith Systems said he believed the new software was significant. "It can cut a huge list of vulnerabilities in half, if not more," he said. "Users will quickly see vulnerabilities on their networks, without trying to mash products together – that is how information falls through the cracks."
In addition, the firm announced that it would be enhancing its intrusion prevention platforms with the introduction of IBM Security Network Protection XGS 5100, which includes better detection of SSL-based attacks. The update also allows security officers to issue a "virtual patch"; technology which provides protection from ongoing unpatched security flaws.
On Friday, IBM revealed its Q2 2013 financial results, with profits seeing a drop but its mainframe and software departments experiencing growth.

Mimecast expands Outlook service with large file support

Mimecast unified email management logo
Email management firm Mimecast has expanded its hosting offerings with the addition of support for large files on Outlook servers.
The service will allow users to transfer files across the Outlook platform while maintaining a secure connection which can be monitored by IT administrators.
Using a web-based service, the Mimecast platform will provide a cloud-based platform which will keep data secure while removing restrictions on file size. Users are able to transfer attachments which are stored in a hosted cloud which can be accessed by administrators.
The company said that the service will help to not only secure data transfers, but also maintain data for auditing and reduce server costs by holding data on an offsite server. Mimecast hopes that the service will help to deter users from relying on unsecured and unaudited consumer file transfer platforms.
Before today, organizations either simply block large file sending over their email systems or implement business solutions that are expensive, complicated and unpopular with users,” said Mimecast product manager Grant Fletcher.
It’s not surprising that users turn to easier-to-use consumer services. Consumer cloud file sharing services have become a shadow IT menace as using them leads to business critical or confidential information leaving the safety of the controlled corporate network.”
The release builds upon a Mimecast service which looks to provide enterprises with a secured platform for local enterprise email services. The service provides companies with a secured archive for attachments while maintaining files for reference and audit by IT staff.