tag:blogger.com,1999:blog-53687123138302411372024-02-20T07:17:57.893+01:00CyberGuerreJust an other Blog about cyber criminality and Geek news.Enjoycyber-guerrehttp://www.blogger.com/profile/03130525031736605100noreply@blogger.comBlogger29125tag:blogger.com,1999:blog-5368712313830241137.post-79609465469759227712012-03-31T10:39:00.000+01:002012-03-31T10:39:52.618+01:0017-year-old hacker arrested for KPN-hack by Dutch goverment<div dir="ltr" style="text-align: left;" trbidi="on"><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgUPanbOrl_vCwGn0FAXx5-1QGQgh_htPH6RRE1G3dwiin9xIwThPhX8VxUb47pYiqUJjZILaWPdcw8Giu25KS_4q8x7KDKhkwKgz2u6cydAcrBbQFfbvtfj7MGeHKVY-db0tvKsoXys4aA/s1600/Razvan-Manole-Cernaianu.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="300" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgUPanbOrl_vCwGn0FAXx5-1QGQgh_htPH6RRE1G3dwiin9xIwThPhX8VxUb47pYiqUJjZILaWPdcw8Giu25KS_4q8x7KDKhkwKgz2u6cydAcrBbQFfbvtfj7MGeHKVY-db0tvKsoXys4aA/s400/Razvan-Manole-Cernaianu.jpg" width="400" /></a></div>The High Tech Crime Team of the National Crime Squad in the Netherlands has arrested a 17-year-old boy on suspicion of hacking into KPN.<br />
The 17-year-old is suspected of hacking at KPN held on 16 January. He was arrested last Tuesday. The police seized a encrypted computer, two laptops and data carriers. During the hack the hacker obtained access to hundreds of servers from KPN. Possibly because of poor security of the company itself. There was controversy when details were published on the Internet, but these were from another hack, namely shop Babydump.nl<br />
<span id="more-5274"></span><br />
The boy used the aliases <strong>xS</strong>, and <strong>Yui Yoshioka</strong>. On a chat channel of Korean students he would have bragged about the digital intrusion. The cyber team followed him for weeks on the internet. The boy is therefore suspected of hacking the Tokohu University in Japan, the University of Trondheim in Norway and the KAIST in Korea.<br />
<br />
<a name='more'></a><br />
The 17-year-old probably also manages a website where the details of stolen credit cards are traded.<br />
The boy from Barendrecht is put by the judge in the cell for two weeks before judgment. His arrest was kept quiet because of the ongoing investigation.<br />
KPN has announced to have taken note of the arrest.</div>cyber-guerrehttp://www.blogger.com/profile/03130525031736605100noreply@blogger.com1tag:blogger.com,1999:blog-5368712313830241137.post-90676115564349669912012-03-31T10:34:00.001+01:002012-03-31T10:35:36.916+01:00#Anonymous Message to #HomelandSecurity<div dir="ltr" style="text-align: left;" trbidi="on"><iframe allowfullscreen="" frameborder="0" height="315" src="http://www.youtube.com/embed/pJ5IfyDg04M" width="420"></iframe><br />
<br />
<div dir="ltr" style="text-align: left;" trbidi="on">Greetings Homeland Security, we are Anonymous.<br />
It’s been fun hasn’t it? These games we’ve played.<br />
As you have seen, we the people veto the power grab of corporations and agencies over the internet.<br />
We have read your blueprints, we know that your masters will not relent in their quest for complete power.<br />
It may interest you to know that those you serve are multinational, their loyalty is only to power and profit, they are using you as pawns.<br />
As we speak they have disregarded the will of the people and are forcing through several Acts that will fill the purposes of SOPA.<br />
<br />
<a name='more'></a><br />
We understand the future you envision for the internet.<br />
We understand that you convince yourselves that you are creating a safer and more secure future.<br />
We understand the need to secure critical infrastructure.<br />
However, this is not what you are doing.<br />
You are creating an internet in which monolithic entities will completely control the free flow of information.<br />
Worse.<br />
You are creating a police state surveillance society in which corrupt and treasonous contractors, corporate overlords, and bought politicians will hold unlimited power over your nation’s citizens.<br />
You are fulfilling the complete conquest of your nation by oligarchs and plutocrats who are disconnected from the plight of the people they were put in power to serve, and controlled by profit interests and imperial ambitions.<br />
You are fulfilling Orwell’s vision of a dystopian future.<br />
The world you are creating is one of utter hopelessness.<br />
Your goals do not serve the protection and security of the American People.<br />
They serve the protection and security of profit interests, and of corrupt and despotic tyrants.<br />
You are trained to think in metrics, to follow orders, to sort data, to simply consider how to fulfill your goal.<br />
If you have not seen the corruption of those who have stolen the rightful power of the people, and if you do not care to uphold the constitution, then go back to work.<br />
But if you do see the corruption that has become so clear to the American Public, then consider this.<br />
Your department exists for the purpose of Homeland Security.<br />
What would be the appropriate reaction to the cognition that your department is a threat to Homeland Security?<br />
What would be the appropriate reaction to the cognition that your department is a threat to the people of their homeland?<br />
What should a patriot do upon the realization that those further up the chain of command do not serve the interests of their nation?<br />
We are the Data Angels, inviting you to join us.<br />
Leak Harvest Archive and Compile all illicit information, expose all corruption.<br />
You must Dissent.<br />
We Are Anonymous.<br />
We Are Legion.<br />
We Do Not Forgive.<br />
We Do Not Forget.<br />
Expect us. Join us.</div></div>cyber-guerrehttp://www.blogger.com/profile/03130525031736605100noreply@blogger.com1tag:blogger.com,1999:blog-5368712313830241137.post-83873616280047854082012-02-28T15:59:00.000+01:002012-02-28T15:59:15.011+01:00Android Reverse Engineering (A.R.E.) Virtual Machine available<div dir="ltr" style="text-align: left;" trbidi="on"><div class="content"> <div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgtlEc2u6PtEI7GvADvS9fc9fpVauS0hnI8CvhVZvybjPaVeJZjC7u4BufU5ulm5d-1yEP5-3tg54NIOVQcoTm12wAuinNBQyMCPXmHW_seTjmThfcjRQI0SHZjmTqbDE_hEgCt9t0znsot/s1600/timthumb.php.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="214" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgtlEc2u6PtEI7GvADvS9fc9fpVauS0hnI8CvhVZvybjPaVeJZjC7u4BufU5ulm5d-1yEP5-3tg54NIOVQcoTm12wAuinNBQyMCPXmHW_seTjmThfcjRQI0SHZjmTqbDE_hEgCt9t0znsot/s400/timthumb.php.jpg" width="400" /></a></div><div style="text-align: justify;">The Honeynet Project is happy to announce the release of the Android Reverse Engineering (A.R.E.) Virtual Machine.</div><div style="text-align: justify;">Do you need to analyze a piece of Android malware, but dont have all your analysis tools at hand? The Android Reverse Engineering (A.R.E.) Virtual Machine, put together by Anthony Desnos from our French chapter, is here to help. A.R.E. combines the latest Android malware analysis tools in a readily accessible toolbox.</div><div style="text-align: justify;">Tools currently found on A.R.E. are:</div><ul style="text-align: justify;"><li>Androguard</li>
<li>Android sdk/ndk</li>
<li>APKInspector</li>
<li>Apktool</li>
<li>Axmlprinter</li>
<li>Ded</li>
<li>Dex2jar</li>
<li>DroidBox</li>
<li>Jad</li>
<li>Smali/Baksmali</li>
</ul><div style="text-align: justify;">You can download A.R.E. for free from <a href="http://redmine.honeynet.org/projects/are/wiki">http://redmine.honeynet.org/projects/are/wiki</a>.</div></div></div>cyber-guerrehttp://www.blogger.com/profile/03130525031736605100noreply@blogger.com0tag:blogger.com,1999:blog-5368712313830241137.post-58258585080900407462012-02-23T12:41:00.001+01:002012-02-23T12:48:26.001+01:00Gmail & Yahoo India emails will be monitored by the force of the govermental law<div dir="ltr" style="text-align: left;" trbidi="on"><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6LB-GqaEG_j6jON1v15WCOtAjR_Xcgoqv0JOlo9BgIbl8sf1YqdnODj3OBzkUMuzOSnozyuJIny-ps7qhugiUAMt1QugZb-wiPOToMRQ9dPD4SztS3ATsK7d0QAz5YWzwdxSmOBoPEeYt/s1600/cmalarnews_90139406920.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6LB-GqaEG_j6jON1v15WCOtAjR_Xcgoqv0JOlo9BgIbl8sf1YqdnODj3OBzkUMuzOSnozyuJIny-ps7qhugiUAMt1QugZb-wiPOToMRQ9dPD4SztS3ATsK7d0QAz5YWzwdxSmOBoPEeYt/s400/cmalarnews_90139406920.jpg" width="385" /></a></div><div style="text-align: justify;"></div><div style="text-align: justify;">Looks like the Government Of India is really after the digital communication in India. Internet content providers Yahoo, Gmail and others would be asked to route all emails accesed in India through the country even if the mail account is registered outside the country. In a written statement filed in a civil court here, Yahoo India has dubbed a suit filed against it and several other websites alleging that they hosted objectionable content as “<b>motivated</b>” and an “<b>abuse of the process of law</b>.”</div><div style="text-align: justify;"><a name='more'></a><br />
</div><div style="text-align: justify;">The Government Of India wants that all the email accessed by Indians should route through servers physically located in India even if the email account was created outside India. Government is ensuring that the security agencies will have direct, real-time access to the digital communication among Indians. The need for this was felt after security agencies failed to access accounts of suspected terrorists of Indian Mujahideen during the surveillance period as the same had been opened in a European country.</div><div style="text-align: justify;"><br />
</div><div style="text-align: justify;">Research In Motion (RIM) has already setup a server in Mumbai and the server has been examined by Indian security agencies. It’s now clear that Google, Yahoo and other content providers too will have to follow Government’s instructions.</div></div>cyber-guerrehttp://www.blogger.com/profile/03130525031736605100noreply@blogger.com1tag:blogger.com,1999:blog-5368712313830241137.post-83903694303679314332012-02-23T11:57:00.001+01:002012-02-23T12:28:12.674+01:00How to Remove Your Google Search History Before Google's New Privacy Policy Takes Effect<div dir="ltr" style="text-align: left;" trbidi="on"><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhGVggDSaugPW4Dp4SMBWgvrc7Kvmgoj_7I-GCrdKXfPCGAfGZYWhTMBDlEEM7jm48ZgslTSkFeEIZSqRTLH4B8feaH3uDzCM2qm2AwOJNrGuXXFXjY5tzrUBo2Sn51x6x7clqHK1k0tjrz/s1600/new-google-privacy-policy-2010.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="198" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhGVggDSaugPW4Dp4SMBWgvrc7Kvmgoj_7I-GCrdKXfPCGAfGZYWhTMBDlEEM7jm48ZgslTSkFeEIZSqRTLH4B8feaH3uDzCM2qm2AwOJNrGuXXFXjY5tzrUBo2Sn51x6x7clqHK1k0tjrz/s400/new-google-privacy-policy-2010.jpg" width="400" /></a></div><div style="text-align: justify;"><i> It is important to note that disabling Web History in your Google account will not prevent Google from gathering and storing this information and using it for internal purposes.</i></div><div style="text-align: justify;"><br />
</div><div style="text-align: justify;">On March 1st, Google will implement its new, unified privacy policy, which will affect data Google has collected on you prior to March 1st as well as data it collects on you in the future. </div><a name='more'></a>Until now, your Google Web History (your Google searches and sites visited) was cordoned off from Google's other products. This protection was especially important because search data can reveal particularly sensitive information about you, including facts about your location, interests, age, sexual orientation, religion, health concerns, and more. If you want to keep Google from combining your Web History with the data they have gathered about you in their other products, such as YouTube or Google Plus, you may want to remove all items from your Web History and stop your Web History from being recorded in the future.<br />
<div style="text-align: justify;">Here's how you can do that:</div><div style="text-align: justify;"><br />
</div><div style="text-align: justify;">1. Sign into your Google account.</div><div style="text-align: justify;"><br />
</div><div style="text-align: justify;">2. Go to https://www.google.com/history </div><div style="text-align: justify;"><br />
</div><div style="text-align: justify;">3. Click "remove all Web History."</div><div style="text-align: justify;"><br />
</div><div style="text-align: justify;">4. Click "ok."</div><div style="text-align: justify;"><br />
</div><div style="text-align: justify;">Note that removing your Web History also pauses it. Web History will remain off until you enable it again.</div><div style="text-align: justify;"><a href="http://www.blogger.com/post-edit.g?blogID=5368712313830241137&postID=8390369430367931433&from=pencil" id="update" name="update"></a>Note that disabling Web History in your Google account will not prevent Google from gathering and storing this information and using it for internal purposes. It also does not change the fact that any information gathered and stored by Google could be sought by law enforcement.</div><div style="text-align: justify;">With Web History enabled, Google will keep these records indefinitely; with it disabled, they will be partially anonymized after 18 months, and certain kinds of uses, including sending you customized search results, will be prevented.</div><div style="text-align: justify;">If you have several Google accounts, you will need to do this for each of them.</div><br />
<br />
<br />
</div>cyber-guerrehttp://www.blogger.com/profile/03130525031736605100noreply@blogger.com1tag:blogger.com,1999:blog-5368712313830241137.post-5483661868584526002012-02-23T11:20:00.001+01:002012-02-23T11:20:58.204+01:00Anonymous message to the NSA: For once don't expect us.<div dir="ltr" style="text-align: left;" trbidi="on"><br />
<br />
<iframe allowfullscreen="" frameborder="0" height="315" src="http://www.youtube.com/embed/p-FaaWYIqgY" width="560"></iframe><br />
<br />
<div style="text-align: justify;">Greetings NSA,</div><div style="text-align: justify;"><br />
</div><div style="text-align: justify;"><br />
</div><div style="text-align: justify;">We are Anonymous.</div><div style="text-align: justify;"><br />
</div><div style="text-align: justify;"><br />
</div><div style="text-align: justify;">Your statement regarding the potential future sabotage of power grids by Anonymous, disgusts us to the core, as it is clearly an attempt at fear mongering. The idea that Anonymous would shut down one of the most vital resources for it to operate, is ludicrous.</div><div style="text-align: justify;"><br />
</div><div style="text-align: justify;"><br />
</div><div style="text-align: justify;">While security and intelligence organizations throughout the world attempt to depict Anonymous as a 'terrorist organization', many people understand that this same subset of Anonymous they speak of, is actually a movement for freedom. This appears to scare government organizations, to the point where they might do anything in an attempt to discredit Anonymous, and make people believe Anonymous exists solely to harm innocent people.</div><div style="text-align: justify;"><br />
<a name='more'></a><br />
</div><div style="text-align: justify;"><br />
</div><div style="text-align: justify;">Are these claims and predictions an attempt to falsely accuse Anonymous of something that will happen in the future - maybe even being orchestrated by the same government organizations that are now already blaming Anonymous? Many people have warned about the sad state of the power grid infrastructure in the past, but why would we shut down our own computers and other communication tools?</div><div style="text-align: justify;"><br />
</div><div style="text-align: justify;"><br />
</div><div style="text-align: justify;">Thousands of people rely on electricity for everything they do; hospitals even need this electricity to save lives, and taking out the power grid would cause harm to the very people we wish to protect.</div><div style="text-align: justify;"><br />
</div><div style="text-align: justify;"><br />
</div><div style="text-align: justify;">There is no valid reason for us to shut down the power grid, as far as we are aware. Any such predictions by the various government, security, and intelligence organizations are likely attempts to instill fear into those that don't understand this, and to discredit Anonymous as a whole.</div><div style="text-align: justify;"><br />
</div><div style="text-align: justify;">We are Anonymous.</div><div style="text-align: justify;">We are legion.</div><div style="text-align: justify;">We do not forgive.</div><div style="text-align: justify;">We do not forget.</div><div style="text-align: justify;"><span style="font-size: small;"><b>For once don't expect us.</b></span></div></div>cyber-guerrehttp://www.blogger.com/profile/03130525031736605100noreply@blogger.com0tag:blogger.com,1999:blog-5368712313830241137.post-81485847837756823162012-02-21T17:21:00.003+01:002012-02-23T11:26:34.779+01:00Morocco Telecom main ISP Block's All VoIP Services !<div dir="ltr" style="text-align: left;" trbidi="on"><div class="separator" style="clear: both; text-align: center;"><a href="http://www.vpnchoice.com/blog/wp-content/uploads/2011/07/skype-no-entry.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="400" src="http://www.vpnchoice.com/blog/wp-content/uploads/2011/07/skype-no-entry.png" width="400" /></a></div><div style="text-align: justify;">According to Moroccan Blog, Moroccan Geeks [French], Skype and all other VoIP services have been blocked in the country, pointing to an article from Moroccan newspaper Al Sabaheya confirming the news [Arabic].</div><div style="text-align: justify;">While services are more often than not blocked as a result of authoritative governments, Skype usually finds itself targeted by mobile operators and telecom providers, as was the case for Skype itself in Egypt. In Morocco, it would appear the move has been made in an attempt to create a monopoly on calling options available in the country.</div><div style="text-align: justify;">According to Moroccan Geeks, Skype is a popular mode of communication in the country, adding that it, along with other VoIP services including TeamSpeak and Viber have also been affected by the block.</div><div style="text-align: justify;">The blog goes on to say that the telecom provider is <i>'protecting itself against competition, pushing customers to use its own services instead of free services like Skype, TeamSpeak or Viber.'</i></div><div style="text-align: justify;">According to the newspaper, Al Sabaheya, the move comes at a time when Maroc Telecom is promoting its own VoIP service, MTBOX. Over the past few months, accessing Skype in Morocco has proved difficult, with complaints of poor call quality and dropped calls, and at the time, users speculated whether it was an intentional move on the part of Maroc Telecom.</div><div style="text-align: justify;">With the latest blog posts, tweets and Facebook posts, coming out of Morocco, it’s safe to assume that Skype and other VoIP services are no longer welcome on Maroc Telecom’s network.</div></div>cyber-guerrehttp://www.blogger.com/profile/03130525031736605100noreply@blogger.com4tag:blogger.com,1999:blog-5368712313830241137.post-12271377295846933032012-02-21T16:48:00.001+01:002012-02-21T16:56:39.720+01:002012 April Fools' joke:Anonymous hackers vow to shut down Internet !!<div dir="ltr" style="text-align: left;" trbidi="on"><div class="separator" style="clear: both; text-align: center;"><a href="http://i.zdnet.com/blogs/dns-facebook-down-btl-zaw2.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="194" src="http://i.zdnet.com/blogs/dns-facebook-down-btl-zaw2.png" width="400" /></a></div><div style="text-align: justify;">Anonymous, or someone pretending to be part of the elusive hacktivist network, has threatened to launch a coordinated cyberattack that would effectively shut down the worldwide Internet. But a few notable errors in the group's manifesto announcing the mission may reveal this to be merely an April Fools' Day hoax.</div><div style="text-align: justify;">On Sunday, an announcement appeared on the file-hosting site Pastebin declaring March 31 as the day "anonymous will shut the Internet down." Called " Operation Global Blackout," the massive cyberattack, the message claims, is a protest against <i>'SOPA, Wall street, our irresponsible leaders and the beloved bankers who are starving the world for their own selfish needs out of sheer sadistic fun.'</i> It's not designed to kill the Internet, but to temporarily take it down to prove the hackers' point.</div><div style="text-align: justify;"></div><a name='more'></a><br />
<div style="text-align: justify;">A lofty goal, certainly, but the author of the message — he or she didn't sign it, and the Pastebin post was uploaded by a guest — has the Internet destruction plan mapped out.</div><div style="text-align: justify;">Operation Global Blackout (OpGlobalBlackout) calls for supporters to download a Denial-of-Service launching tool, called Ramp, which will flood the 13 root Domain Name Servers (DNS) of the Internet with more requests than they can process.</div><div style="text-align: justify;">DNS, Robert David Graham from Errata Security explained in a blog, <i>'is like the phonebook of the Internet that translates machine names (like www.facebook.com) to network addresses (like '66.220.158.25'). If hackers can disable the global DNS name system, then typing in your favorite website into your browser will produce an error.'</i></div><div style="text-align: justify;">Anonymous said the global shutdown, <i>'may only lasts (sp) one hour, maybe more, maybe even a few days,'</i> the author wrote. <i>'No matter what, it will be global. It will be known.'</i> Graham explained that there are 13 root domain servers in the world, but it isn't as easy to take them out as Anonymous thinks. Each one is managed by different organizations, uses different hardware and software, and therefore, <i>'a technique that might take out 1 of them likely won't affect the other 12.'</i></div><div style="text-align: justify;">Then there's anycasting, — another reason Graham believes Anonymous can't succeed with this plan — which tweaks the Internet routing table and redirects traffic for DNS servers to other servers located throughout the world.</div><div style="text-align: justify;">Kim Davies from the Internet Corporation for Assigned Names and Numbers (ICANN) put it more succinctly <i>'There are not 13 root servers. There are many hundreds of root servers at over 130 physical locations in many different countries.'</i> The number 13, Davies wrote, is a <i>'technical design limitation that means 13 is a practical maximum to the number of named authorities in the delegation data for the root zone.'</i></div><div style="text-align: justify;"><i>'The Anonymous hackers can certain(ly) cause local pockets of disruption, but these disruptions are going to be localized to networks where their attack machines are located,'</i> he wrote. <i>'They might affect a few of the root DNS servers, but it's unlikely they could take all of them down, at least for any period of time. On the day of their planned Global Blackout, it's doubtful many people would notice.'</i></div><div style="text-align: justify;">If Anonymous really plans to carry out this master plan, maybe the hackers should have chosen a different day. As it is now, Andy Greenberg from Forbes thinks the blackout plan is an elaborate April Fools' joke, or, as he wrote, <i>'another example the dare-you-to-react trolling that Anonymous has refined to an art form.'</i></div><div style="text-align: justify;">Noted security researcher Dan Kaminsky said the media hype surrounding the announcement may in fact be more damaging than what the hackers do — if they actually do anything, that is.</div><div style="text-align: justify;"><i>'When you set a deadline, the press gets all 'doomsday is coming,' and that's more disruptive than any actual outrage,'</i> Kaminsky told Forbes. <i>Anonymous doesn't need to do anything on March 31. The mere threat is enough to keep people talking about them and what they represent.'</i></div></div>cyber-guerrehttp://www.blogger.com/profile/03130525031736605100noreply@blogger.com0tag:blogger.com,1999:blog-5368712313830241137.post-81707257699551051512012-02-21T12:27:00.001+01:002012-02-21T12:30:47.543+01:00Greek hackers (GHS) join Anonymous attacks<div dir="ltr" style="text-align: left;" trbidi="on"><div class="separator" style="clear: both; text-align: center;"><a href="http://www.zimo.co/wp-content/uploads/2012/02/anonymous-greece-e13099460986651.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="330" src="http://www.zimo.co/wp-content/uploads/2012/02/anonymous-greece-e13099460986651.jpg" width="400" /></a></div>Three Greek hackers have been arrested and accused of hacking and defacing a government web site. The attack happened at the start of February and the three are accused of defacing the Greek Ministry of Justice with a protest message, according to a report on Greek news web site in.gr.<br />
<br />
<div style="text-align: justify;"><i>'What is going on in your country is unacceptable. You were chosen by your people to act on behalf of them and express their wishes, but you have derogatorily failed,'</i> says the message that is still available on Youtube. <i>'You have killed the most sacred element your country had and that is democracy. Democracy was given birth in your country but you have now killed it.'</i></div><div style="text-align: justify;"><i></i></div><a name='more'></a><br />
<div style="text-align: justify;">The message says that a government dictatorship is favouring bankers and the EU and making its citizens pay for their mistakes. It adds that Greek support of ACTA, which is limited to the government, is also a driver behind the hack.</div><div style="text-align: justify;"><i>'The people demonstrate against you but you do not want their voices to be heard. You deprive them from their right of freedom of expression and of their right to live. Your arbitrary actions must be punished,'</i> it adds.</div><div style="text-align: justify;"><i>'By signing the ACTA bill you are going to deprive your people from further freedom and you are pushing them one step towards oppression. You ignored our warnings and now WE ARE IN CHARGE!'</i></div><div class="separator" style="clear: both; text-align: justify;"><a href="http://www.happensingreece.com/wp-content/uploads/2012/02/anonymous-opgreece.jpg" style="margin-left: 1em; margin-right: 1em;"><br />
</a></div><div style="text-align: justify;">The message is in English, but Greek text is also available. The In.gr report says that the three, aged 16, 17 and 18, belong to a hacking group called the Greek Hacking Scene (GHS) and have publicly stated their support for Anonymous. This is not the only Anonymous attack on Greece, and on 13 February it carried out a number of other hacks in the country. A statement from the Greek police says that the accused have <i>'committed dozens of digital attacks'</i></div><div style="text-align: justify;"><a href="http://www.happensingreece.com/wp-content/uploads/2012/02/anonymous-opgreece.jpg" style="margin-left: 1em; margin-right: 1em;"><br />
</a></div></div>cyber-guerrehttp://www.blogger.com/profile/03130525031736605100noreply@blogger.com0tag:blogger.com,1999:blog-5368712313830241137.post-21893756791128143712012-02-13T21:33:00.001+01:002012-02-13T21:34:18.130+01:00Anonymous - Première Cyber Guerre Mondiale - #MegaUpload<div dir="ltr" style="text-align: left;" trbidi="on"><div class="separator" style="clear: both; text-align: center;"><br />
</div><br />
<div style="text-align: justify;"><iframe allowfullscreen="" frameborder="0" height="315" src="http://www.youtube.com/embed/JXLU0cvTKvg" width="560"></iframe><br />
Citoyens du monde,<br />
Nous sommes Anonymous.<br />
<br />
Nous avons regardé les événements récents comme ils se sont lentement mais sûrement dérouler, de la distorsion et la destruction du premier amendement visant à légaliser et à justifier la corruption politique, à l'aube d'une nouvelle lutte politique composée de millions de citoyens criant leur indignation à ce détournement du système judiciaire, et la proposition même de la soi-disant, " Stop Online Piracy Act ", SOPA, sans aucune préoccupation pour la morale. Nous avons assisté aux actions récentes de cette «Corporation». Le gouvernement a justifié la fermeture de megaupload.com, un site qui a servi, et continue à servir, comme un moyen très légitime de transférer des informations.</div><a name='more'></a><br />
Il suffit de le dire, « nous sommes en colère ».<br />
<br />
Ces actions récentes s'opposent directement aux valeurs que nous défendons, ainsi que les valeurs des pères fondateurs du gouvernement des Etats-Unis. La liberté d'information ne doit jamais être violée, et le gouvernement existe pour servir la volonté du peuple, et non pas la volonté de l'élite financière.<br />
<br />
Ils ont déjà été prévenus de la technologie à notre disposition pour défendre notre droit à l'accès à l'information. Les entités législatives et les organismes gouvernementaux qui tentent d'imposer leur loi sur ce qu'ils ne possèdent pas seront forcés de comprendre que nous sommes une entité souveraine au-delà de leur contrôle.<br />
<br />
Nous avons donc déclaré comme un collectif, que le domaine du cyberespace sera indépendant du gouvernement des Etats-Unis et de toutes les lois tyranniques qu'ils cherchent à nous imposer.<br />
<br />
Ils affirment qu'il y'a des problèmes entre nous qui ont besoin d'être résolus. Ils utilisent cela comme une excuse pour envahir notre territoire.<br />
<br />
Ils ont tort.<br />
<br />
Nous créons un monde où n'importe qui, n'importe où, peut exprimer ses croyances, peu importe sa singularité, sans crainte de représailles ou d'être réduit au silence ou au conformisme.<br />
<br />
Leurs concepts juridiques de propriété, d'expression, d'identité, de mouvement et de contexte ne s'appliquent pas à nous. Elles sont toutes basées sur la matière, et qui n'a pas d'importance ici. Nous sommes une nation souveraine, et nous avons l'intention de le rester.<br />
<br />
Citoyens de la communauté mondiale, rejoignez-nous. Aidez-nous à défendre notre maison, l'Internet<br />
<br />
Opération Revenge, amorcée.<br />
Opération Megaupload, amorcée.<br />
Opération Blackout, amorcée.<br />
<br />
Nous sommes Anonymous.<br />
Nous sommes Légion.<br />
Nous ne pardonnons pas.<br />
Nous n'oublions pas.<br />
Attendez-vous à nous.<br />
Le gouvernement des Etats-Unis aurait du s'attendre à nous.</div>cyber-guerrehttp://www.blogger.com/profile/03130525031736605100noreply@blogger.com0tag:blogger.com,1999:blog-5368712313830241137.post-69892294068323291172012-02-07T00:12:00.002+01:002012-02-07T00:15:47.501+01:00US Army Upgrade to Android 4.0<div dir="ltr" style="text-align: left;" trbidi="on"><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgkZH-LIXK6-_QkFCocRCrn-1j26lpqZjWQk7UwzsJYfGfxmm7iT-ghDl2ouuFl0RtBBuW8hg665uVRkda3qorv1aaCXcwQHayWCGaYX1Pdh-HuGnB4EdfTxyEkpse7qBCDaLgQ0Ecy8_lz/s1600/android-army-phones.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="285" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgkZH-LIXK6-_QkFCocRCrn-1j26lpqZjWQk7UwzsJYfGfxmm7iT-ghDl2ouuFl0RtBBuW8hg665uVRkda3qorv1aaCXcwQHayWCGaYX1Pdh-HuGnB4EdfTxyEkpse7qBCDaLgQ0Ecy8_lz/s400/android-army-phones.jpg" width="400" /></a></div><div style="text-align: justify;">The United States wish has already forbid their government workers to use smart phone to send any formal message is about changing mind, they are currently preparing a modified version of Android OS which will have more security importance.Many prototype of smart phone and tablets was tested in US and sent to soldiers overseas, soldier will benefit from this new project at first federal agent came later.Soldiers may use their new smart phone the get localisation or weather cast update directly in their phone but not to give their coordination to enemy because weather cast application retrieve coordination from the smart phone to obtain your location and give the right information this information can be intercepted.iOS is discussed too because the US want that many platform be supported by the new OS.To apply their change over the original OS research must obtain access from the owner that's why they talked to Google and Apple,Google freely allow developers to fiddle with its code Apple refused to give the feds access to the core of its mobile operating system. Google was simply more cooperative </div></div><div class="fb-like" faces="false" href="http://cyberguerre.blogspot.com/2012/02/us-army-upgrade-to-android-40.html" layout="button_count" send="true" width="450"></div>cyber-guerrehttp://www.blogger.com/profile/03130525031736605100noreply@blogger.com0tag:blogger.com,1999:blog-5368712313830241137.post-57381665538843009682012-02-06T14:34:00.003+01:002012-02-06T14:39:36.668+01:00Anonymous published the Email sent by the FBI agent to plan the conferance call that was resently leaked<div dir="ltr" style="text-align: left;" trbidi="on"><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjZVU0uqDyCpl0kBS0IcTQ-nBqXALY-Dv36Iaqg_2T700HhPsT5fYjGhSW8UJi5VVdxl384uiJWcU3C44ffpZCcFwbVQ_L8t70ITA6_OpQ4gBHXlnlFQuKsKu3G4PrqSa7fogZQZOxIn27o/s1600/161346-occupy-wall-street.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="341" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjZVU0uqDyCpl0kBS0IcTQ-nBqXALY-Dv36Iaqg_2T700HhPsT5fYjGhSW8UJi5VVdxl384uiJWcU3C44ffpZCcFwbVQ_L8t70ITA6_OpQ4gBHXlnlFQuKsKu3G4PrqSa7fogZQZOxIn27o/s400/161346-occupy-wall-street.jpg" width="400" /></a></div><div style="text-align: justify;">Anonymous published the Email sent by the FBI agent to plan the conferance call that was resently leaked.</div><div style="text-align: justify;">The conversation covers the tracking of Anonymous and other splinter groups, dates of planned arrests and details of evidence held by police. Anonymous also published an email from the FBI, showing the email addresses of call participants. The FBI confirmed the intercept and said it was hunting those responsible.</div><div style="text-align: justify;">and this is the body of email</div><div style="text-align: justify;"><br />
</div><div style="text-align: justify;">"A conference call is planned for next Tuesday (January 17, 2012) to =</div><div style="text-align: justify;">discuss the on-going investigations related to Anonymous, Lulzsec, =</div><div style="text-align: justify;">Antisec, and other associated splinter groups. The conference call was =</div><div style="text-align: justify;">moved to Tuesday due to a US holiday on Monday."</div><div style="text-align: justify;"><br />
</div><div style="text-align: justify;">continue reading <a href="https://docs.google.com/document/d/1FpgPBSBgw70I21tni5HOMnxN8jXjG4K8lo1cqL3R0Ds/edit" style="color: #660000;" target="_blank">here</a></div><div class="fb-like" faces="false" href="http://cyberguerre.blogspot.com/2012/02/anonymous-published-email-sent-by-fbi.html" layout="button_count" send="true" width="450"></div></div>cyber-guerrehttp://www.blogger.com/profile/03130525031736605100noreply@blogger.com0tag:blogger.com,1999:blog-5368712313830241137.post-53750330773051092262012-02-05T15:20:00.002+01:002012-02-05T15:25:49.524+01:00Best Camouflage Uniforms In The World By An Indian Sniper<div dir="ltr" style="text-align: left;" trbidi="on"><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhqMBshme10kF6Esdsl13bWpi2PjkJ-YAZmKo66nOC3pIg2joiG6SHk-skDicMU91-2f1L7g55ms8UaKlCnln226d6kg-YkMwtJ-x2XQAB2QxvByudmJ-n4ItBZ2IkzxUxlLxFYzyNEPfaV/s1600/420400_222493431178777_128804100547711_441280_1092123624_n.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="424" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhqMBshme10kF6Esdsl13bWpi2PjkJ-YAZmKo66nOC3pIg2joiG6SHk-skDicMU91-2f1L7g55ms8UaKlCnln226d6kg-YkMwtJ-x2XQAB2QxvByudmJ-n4ItBZ2IkzxUxlLxFYzyNEPfaV/s640/420400_222493431178777_128804100547711_441280_1092123624_n.jpg" width="640" /></a></div></div><div class="fb-like" href="http://cyberguerre.blogspot.com/2012/02/best-camouflage-uniforms-in-world-by.html" send="true" layout="button_count" width="450" faces="false"></div>cyber-guerrehttp://www.blogger.com/profile/03130525031736605100noreply@blogger.com0tag:blogger.com,1999:blog-5368712313830241137.post-44817121827692356772012-02-05T13:24:00.002+01:002012-02-07T19:16:37.319+01:00Origins of Global Hacks: America And China are Leader<div dir="ltr" style="text-align: left;" trbidi="on"><div class="sf_postContent" id="ctl00_mainContent_BlogPosts1_ctl00_ctl00_pnlContent" style="text-align: justify;"><div class="separator" style="clear: both; text-align: center;"><a href="http://www.nccgroup.com/Libraries/Logos/Global_Hacking_Map.sflb.ashx" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="http://www.nccgroup.com/Libraries/Logos/Global_Hacking_Map.sflb.ashx" /></a></div><div style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><b><br />
</b></div> <b>Where do hackers come from? | Global tracking ranks hacks by country of origin</b><br />
<br />
Computer hacks originating in the UK cost the global economy over $2 billion in 2011 according to latest research from FTSE listed IT assurance company, NCC Group.<br />
The research, which tracks the country of origin of hacks, observed over 23 million hacks attempted in the UK in the second half of 2011. This figure places the UK at 15th in the global league table. <br />
<a name='more'></a><br />
The US and China are positioned 1st and 2nd, respectively. Together these two countries are responsible for nearly 40% of the world’s hack attempts, costing the global economy over $44 billion each year.<br />
Interestingly, five of the top 10 countries are located in Western Europe, with Italy, the Netherlands, France, Denmark and Germany accounting for nearly 200 million attempted hacks, costing the global economy an estimated $16 billion.<br />
Rob Cotton, NCC Group’s chief executive, comments: “Reading the papers each day, it’s easy to think of hacking as something that happens to us from afar; that we’re victims of foreign criminal gangs in developing countries. Yet hackers can be anywhere in the world, as our research illustrates, including on our own doorstep.<br />
“Fighting this global threat will only work with global collaboration. We hear lots about governments wanting to work together and there’s a strong financial motivation to find this long-suggested global solution but progress is painfully slow.<br />
“I’m certain that when we look at these figures again the number of hacks and the cost to the global economy will have increased. I’m less certain that progress will have been made in the global battle against these hackers.<br />
<div><br />
</div><b> </b>The research is based on intrusion detection logs monitored by DSHield, a cooperative network security community based in the US. Stats do not necessarily indicate successful access, just unauthorised attempts and attacks can be routed through IP addresses in different countries.</div><div class="sf_postCategory"><br />
</div><div class="fb-like" faces="false" href="http://cyberguerre.blogspot.com/2012/02/origins-of-global-hacks-america-and.html" layout="button_count" send="true" width="450"></div></div>cyber-guerrehttp://www.blogger.com/profile/03130525031736605100noreply@blogger.com0tag:blogger.com,1999:blog-5368712313830241137.post-505262560004564182012-02-04T17:59:00.004+01:002012-02-07T19:17:42.495+01:00Trojan found breaking Yahoo CAPTCHA security in minutes<div dir="ltr" style="text-align: left;" trbidi="on"><div id="insider_body"><div class="separator" style="clear: both; text-align: center;"><a href="http://www.deviantblonde.net/wordpress/wp-content/thumbnails/16.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="160" src="http://www.deviantblonde.net/wordpress/wp-content/thumbnails/16.jpg" width="400" /></a></div><div class="first" style="text-align: justify;">Researchers have discovered a malware engine that appears to be able to break the CAPTCHA security used by Yahoo's webmail service after only a handful of attempts. </div><div style="text-align: justify;"><br />
</div><div style="text-align: justify;">There is nothing new in malware that tries to break CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) - a low-level war has been ongoing since this type of security was first implemented almost a decade ago - but what matters is how quickly and invisibly this can de done. <br />
<a name='more'></a></div><div style="text-align: justify;">Websense has posted an online video showing the effectiveness of the engine it found working as part of the Cridex banking Trojan malware in breaking down Yahoo's CAPTCHA process. </div><div style="text-align: justify;">Cridex itself is a traditional if rather dangerous login harvester that targets online banks and social media sites from victim PCs, uploading stolen data to a command and control server. </div><div style="text-align: justify;">In that it resembles longer-established banking malware such as Zeus. But a key element of any malware is the way it tries to spread itself to new victims and the Cridex systems discovered by Websense does that by using infected PCs as proxies to create new webmail spamming accounts. </div><div style="text-align: justify;">The webmail element of Cridex first fills in the registration form using dummy data before sending snapshots of the Yahoo CAPTCHA screen to a remote cracking server, which attempts to decipher the text. </div><div style="text-align: justify;">If the returned CAPTCHA fails, the malware initiates the remote server to keep trying until it gets the correct answer. In the Websense test, the malware got the right answer after five failed attempts, a remarkably good success rate when taken over large numbers of infected machines. </div><div style="text-align: justify;">The innovation here is twofold. First, Cridex would appear to have a CAPTCHA-cracking engine that can break webmail security quickly, assuming the six-attempt demo is typical. Websense doesn't say but the remote server will be running a tweaked version of the image and text processing optical character recognition (OCR) systems that are elsewhere used for legitimate purposes. </div><div style="text-align: justify;">A second and perhaps important advantage is that despite being cumbersome (the criminals need to move screen captures to and from a remote server) the CAPTCHA breaking is done using a legitimate PC in a trusted domain rather than from a criminal server that might be quickly blocked. </div><div style="text-align: justify;">Once the fake Yahoo account has been set up the window in which it will be able to spam before being detected is probably very small, but that just makes it imperative that the malware generates fresh accounts as rapidly as possible. </div><div style="text-align: justify;">The ability of malware operators to break CAPTCHA systems quickly has been an area of research for some years with a recent University of British Columbia study showing that Facebook could be fooled in 80 out of 100 attempts. </div><div style="text-align: justify;">A handful of companies have grown up around CAPTCHA security which usually works by making the process more compute intensive for criminals. Examples of this include a system from NuCaptcha than incorporates video. The problem remains that while these systems undoubtedly deter anti-CAPTCHA servers, they also risk adding overhead for the webmail systems too. </div></div><div class="fb-like" faces="false" href="http://cyberguerre.blogspot.com/2012/02/trojan-found-breaking-yahoo-captcha.html" layout="button_count" send="true" width="450"></div></div>cyber-guerrehttp://www.blogger.com/profile/03130525031736605100noreply@blogger.com0tag:blogger.com,1999:blog-5368712313830241137.post-57330091135483616082012-02-04T12:17:00.002+01:002012-02-07T19:18:06.978+01:00Google's 'Me on the Web' Tool Alerts You to Personal Data Leaks<div dir="ltr" style="text-align: left;" trbidi="on"><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhXgplFSi8II-2YJbBAQOBk24IIr3meE-wa_nnlCZz8SgRXXBc8M-gscgHRRPKvqGoZtCfHjYYw0zt7fpoOO1b0xqcf0NovqJZaBoWwNctwXWulp7CX86If7jzk8dfMuWYiKG0VkLTz0tY7/s1600/google_meontheweb.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="218" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhXgplFSi8II-2YJbBAQOBk24IIr3meE-wa_nnlCZz8SgRXXBc8M-gscgHRRPKvqGoZtCfHjYYw0zt7fpoOO1b0xqcf0NovqJZaBoWwNctwXWulp7CX86If7jzk8dfMuWYiKG0VkLTz0tY7/s400/google_meontheweb.jpg" width="400" /></a></div><div style="text-align: justify;">Google has launched Me on the Web, a new tool allowing anyone with a Google account to monitor what personal information about them appears online.</div><div style="text-align: justify;"></div><div style="text-align: justify;"><span class="image rtsm" id="test"></span>Me on the Web allows users to create e-mail alerts that will be sent as soon as the information is uncovered by Google's search bot. Alerts also can be sent daily or weekly.<br />
<a name='more'></a></div><div style="text-align: justify;"></div><div style="text-align: justify;">Alerts are sent whenever the user's name is mentioned, or when their e-mail address is made public. Alternatively, users can create their own alerts -- perhaps based on a phone number, for example, or home address.</div><div style="text-align: justify;"></div><div style="text-align: justify;">The new feature also makes it easier to access existing Google tools that help users remove personal information from the search engine. Google is also taking the opportunity to flag its advice about how to protect personal information online.</div><div style="text-align: justify;"></div><div style="text-align: justify;">Google says Me on the Web is designed to help users manage what others post about them online.</div><div style="text-align: justify;"></div><div style="text-align: justify;">"Your online identity is determined not only by what you post, but also by what others post about you -- whether a mention in a blog post, a photo tag or a reply to a public status update," a posting on Google's Public Policy blog says.</div><div style="text-align: justify;"></div><div style="text-align: justify;">Me on the Web is exactly the same as the existing Google Alerts service, which sends users e-mails whenever a specified search query is encountered by Google's bots. However, Me on the Web is part of the Google Dashboard, by which users configure their account, so it is more obvious and accessible.</div><div style="text-align: justify;"></div><div style="text-align: justify;">Although Google doesn't mention it, Me on the Web might be an attempt to combat online vigilantism, wherein a community attempts to expose individuals or hold them up to ridicule.</div><div style="text-align: justify;"></div><div style="text-align: justify;"><span class="image ltsm" id="test"></span>Recently, Gennette Cordova found private details of herself being posted online when she was innocently caught up in the scandal over Representative Anthony Weiner's photographs.</div><div style="text-align: justify;"></div><div style="text-align: justify;">Earlier this year, a user on the hugely popular social link site Reddit posted personal details about a suspected charity scammer in an attempt to unmask her. However, it turned out that both she and her cause were genuine. Following yet more vigilantism attempts, Reddit introduced a rule than automatically bans users who post personal details about others.</div><div style="text-align: justify;"></div><div style="text-align: justify;">However, other sectors of the Internet don't require a cause to deliberately post personal information about others. The LulzSec hacking group recently posted 26,000 e-mail addresses they claim to have reaped from pornographic websites, for example.</div><div style="text-align: justify;"></div><div style="text-align: justify;">Privacy is a politically hot topic, particularly in the mobile arena, with various senators proposing new laws to protect users. Facebook frequently runs into privacy issues, most recently with its photo tagging implementation.</div><div class="fb-like" faces="false" href="http://cyberguerre.blogspot.com/2012/02/googles-me-on-web-tool-alerts-you-to.html" layout="button_count" send="true" width="450"></div></div>cyber-guerrehttp://www.blogger.com/profile/03130525031736605100noreply@blogger.com1tag:blogger.com,1999:blog-5368712313830241137.post-834142966492198692012-02-03T21:55:00.002+01:002012-02-05T14:59:46.455+01:00A Conferance call between FBI And Scotland Yard leaked by anonymous<div dir="ltr" style="text-align: left;" trbidi="on"><iframe allowfullscreen="" frameborder="0" height="315" src="http://www.youtube.com/embed/pl3spwzUZfQ" width="560"></iframe><br />
<br />
latest FBI leak, Anonymous publish a conference call between FBI agents. <br />
<br />
You can download MP3 file <a href="http://www.mirrorcreator.com/files/1SL3XXIR/call.mp3_links">HERE</a></div><br />
<br />
<div class="fb-like" href="http://cyberguerre.blogspot.com/2012/02/fbi-conference-call-leaked-by-anonymous.html" send="true" layout="button_count" width="450" faces="false"></div>cyber-guerrehttp://www.blogger.com/profile/03130525031736605100noreply@blogger.com0tag:blogger.com,1999:blog-5368712313830241137.post-14793433749231776472012-02-03T17:04:00.002+01:002012-02-07T19:18:37.130+01:00DPI Deep Packet Inspection is it used against SOPA And PIPA Or To Apply Their decisions<div dir="ltr" style="text-align: left;" trbidi="on"><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjcGrgTefaiWt8I7oC1UfyudlJk9c_5SBeOib1i6uj2tl2UwbHdwI0xyC-9-QtmtC5DPQrnbAzL_NwDdcM8_nsPz7RcfFgi7_GE1OPsSTL2LaG5U5D4XwqfZWLQyeMcsIwJ5ur03A3CYHFb/s1600/youcanthide.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjcGrgTefaiWt8I7oC1UfyudlJk9c_5SBeOib1i6uj2tl2UwbHdwI0xyC-9-QtmtC5DPQrnbAzL_NwDdcM8_nsPz7RcfFgi7_GE1OPsSTL2LaG5U5D4XwqfZWLQyeMcsIwJ5ur03A3CYHFb/s1600/youcanthide.png" /></a></div><div class="first" style="text-align: justify;">It's easy to turn a deaf ear to the controversy surrounding recent copyright protection bills like the Stop Online Piracy Act (SOPA) or the PROTECT IP Act, which threatened to curtail free speech on the Internet by allowing the U.S. Department of Justice to blacklist and block access to websites suspected of copyright infringement. Most of us don't visit websites suspected of illegally distributing copyrighted material, so blocking us from accessing them seems harmless. But should your ISP ever be legally obligated to prevent you from accessing restricted websites, it will have to find a way to monitor your online activity, and that could cause your privacy to be compromised if your ISP employs deep packet inspection tools to keep tabs on you. </div><div style="text-align: justify;">Deep packet inspection: an enabling technology<br />
<a name='more'></a></div><div style="text-align: justify;">To understand how deep packet inspection works and the potential threat it poses to your privacy, you need to know that your PC packages all the information you send and receive online into packets of data. Internet routers read the labels on those packets to determine what they are, who they're from, and where they're going; this is how most Internet traffic works, and it's how the firewall on your router distinguishes which packets of data make up that email message from your sister and which packets of data are from a spammer in Georgia. </div><div style="text-align: justify;">When your Internet service provider engages in deep packet inspection, it uses powerful software from vendors like Procera Networks to scan all of the data packets that pass through its network. The contents of each packet are scanned (and sometimes logged), and then blocked or routed to the appropriate destination. There are plenty of great reasons for your ISP to do this on your behalf: Deep packet inspection helps your ISP block the spread of computer viruses, identify illegal downloads, and prioritize the data transmitted by bandwidth-heavy applications like video chat and VoIP applications to alleviate network congestion and improve your service. Law enforcement officials (with a court order) can use these tools to lawfully intercept communications of suspected criminals. </div><div style="text-align: justify;">But deep packet inspection has a dark side, and in the absence of strict legal restrictions, your ISP is free to root through all the information you exchange online and use it as they see fit. Personal data like your age, location, and shopping records can be logged and sold in anonymized batches to advertising companies, and law enforcement agents can monitor and curtail your Internet access without your knowledge. Without strict limitations to preserve user privacy, this sort of deep data filtering can significantly impair your ability to remain anonymous online. </div><div style="text-align: justify;">This level of surveillance is nothing new; Internet service providers in China already employ deep packet inspection software to scan for sensitive keywords and block access to sites like YouTube. Chinese citizens often employ foreign VPN services to access websites blocked by the Chinese government, and you can do the same. "If you want to prevent this sort of inspection, you could use someone else's network," says Steven AndrA(c)s, founder and CTO of Special Ops Security. "I imagine if Congress [ever] enacts SOPA into law, a number of VPN services will crop up in other countries." </div><div style="text-align: justify;">The key thing to remember is that, even if your ISP or the government is monitoring your online activity, you can proactively protect your privacy by visiting only websites that offer an encrypted connection and establishing a secure connection to a VPN overseas to visit blocked websites. You can use a free tool like HTTPS Everywhere to ensure that SSL encryption is always enabled when available, or go one step further and sign up for a paid VPN service like WiTopia or HideMyNet to circumvent Internet censorship by your ISP or local government. You could even start using a service like XeroBank or the Tor Network to anonymize your online activities via a series of proxy servers. Or you could do nothing, and trust your ISP not to mishandle your private information. </div><div style="text-align: justify;">No matter what you choose, know that deep packet inspection software is cheap, sophisticated, and employed by governments and Internet service providers around the world. </div><br />
<div class="fb-like" faces="false" href="http://cyberguerre.blogspot.com/2012/02/dpi-deep-packet-inspection-is-it-used.html" layout="button_count" send="true" width="450"></div></div>cyber-guerrehttp://www.blogger.com/profile/03130525031736605100noreply@blogger.com1tag:blogger.com,1999:blog-5368712313830241137.post-37868694447942516552012-02-03T11:10:00.003+01:002012-02-05T15:00:41.939+01:00FaceBook join HoneyNet Project to brings information security expert from around the world<div dir="ltr" style="text-align: left;" trbidi="on"><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhP8632d116oGP6JibpoGt3uKslZwCC2WKIJ7C-yhi2CeLo0Y1IOfF_vvemjNlLjWGsBJSqqrR1t2iJleUXQGlVSMbcTjO9JQqYCMhmhPDMordsRG8ITsz1CWR7VZ9ca2minuWYly9dXZFn/s1600/honeynet_sfbay_sticker_07-HIRES_border2.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="240" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhP8632d116oGP6JibpoGt3uKslZwCC2WKIJ7C-yhi2CeLo0Y1IOfF_vvemjNlLjWGsBJSqqrR1t2iJleUXQGlVSMbcTjO9JQqYCMhmhPDMordsRG8ITsz1CWR7VZ9ca2minuWYly9dXZFn/s400/honeynet_sfbay_sticker_07-HIRES_border2.jpg" width="400" /></a></div><div style="text-align: justify;">The 2012 Honeynet Project Security Workshop brings together experts in the field of information security from around the world to share the latest advances and threats in information security research. Organized by the The Honeynet Project and co-sponsored by Facebook, this two-day workshop features a rare, outstanding line-up of international security professionals who will present on the latest research tools and findings in the field. </div><div style="text-align: justify;">This year’s workshop will be held in Facebook headquarter, SF Bay Area, CA, USA on 19-20 March 2012. The workshop includes one-day technical presentations and one-day hands-on tutorial trainings. Presentation topics cover the latest honeynet/honeypot technology, android security and social network security from The Honeynet Project and Facebook. This year, we also offer several security training courses. </div>If you’re looking to attend a high quality and challenging workshop and to learn the practical security skills, then we encourage you to take advantage of this rare opportunity.<br />
<br />
<br />
http://www.honeynet.org/</div><div class="fb-like" href="http://cyberguerre.blogspot.com/2012/02/facebook-join-honeynet-project-brings.html" send="true" layout="button_count" width="450" faces="false"></div>cyber-guerrehttp://www.blogger.com/profile/03130525031736605100noreply@blogger.com0tag:blogger.com,1999:blog-5368712313830241137.post-70202013651563346772012-02-03T10:50:00.002+01:002012-02-07T19:19:35.241+01:00Disclosure of personal data of hundred of Texas police officers<div dir="ltr" style="text-align: left;" trbidi="on"><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgTrc_JxlrBJQaObJxxLGPDhOD6h8nAPSO-F0-sKbEf6B8caCm8vZmT6pGydluHAJhzlg6gPeYLwD0axHXEfY2_06AsVyeGLlewMMz2hFqm34dhtsm-ikpmm82Z-NtD94bkvc6-zns2DUSz/s1600/4eab1d50a06f1.image.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="265" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgTrc_JxlrBJQaObJxxLGPDhOD6h8nAPSO-F0-sKbEf6B8caCm8vZmT6pGydluHAJhzlg6gPeYLwD0axHXEfY2_06AsVyeGLlewMMz2hFqm34dhtsm-ikpmm82Z-NtD94bkvc6-zns2DUSz/s400/4eab1d50a06f1.image.jpg" width="400" /></a></div>DALLAS - The hacking group known as 'Anonymous' has published the names, addresses and police departments of more than 700 officers across the state, including dozens in North Texas, after stealing the data from the Texas Police Association's web site.<br />
<br />
<a name='more'></a><br />
<br />
The hacking is apparently in response to a story News 8 broke last week about a Wylie policeman put on administrative leave while he's investigated for child pornography.<br />
<br />
In a web site posting with the data on Wednesday night, 'Anonymous' said "administrative leave" should be reserved for "injured cops," not what hackers called a "kiddie porn collecting cop." The stolen information also included a link to the WFAA story about the Wylie officer.<br />
<br />
Hackers stole officers names and addresses (many of them officers' homes), along with logins and passwords for the Texas Police Association.<br />
<br />
"This is very serious, not just from the standpoint of law enforcement, but for every private citizen out there as far as their privacy," said Erwin Ballarta, Executive Director of the Texas Police Association.<br />
<br />
"I wasn't surprised, because in the past, they've done similar acts with the Texas Police Chiefs web site," said David Henderson, a suburban policeman in North Texas and expert on cyber crime with CSG Analysis.<br />
<br />
He said leaking personal information on police could threaten their safety.<br />
<br />
"I think that [affected officers] should be more concerned today than they were two days ago," Henderson continued.<br />
<br />
The Texas Police Association told its member officers that the web site had been breached.<br />
<br />
Ballarta said his organization sent letters and he even made personal calls in some cases.<br />
<br />
This is the second time the Texas Police Association's web site has been hacked, Ballarta revealed, but the first time any personal information on officers was revealed.<br />
<br />
The FBI was notified, according to Ballarta.<br />
<br />
'Anonymous' has become notorious for cyber crime after hacking and attacking high-profile websites.<br />
<br />
source:www.wfaa.com<br />
<div class="fb-like" faces="false" href="http://cyberguerre.blogspot.com/2012/02/disclosure-of-personal-data-of-hundred.html" layout="button_count" send="true" width="450"></div></div>cyber-guerrehttp://www.blogger.com/profile/03130525031736605100noreply@blogger.com0tag:blogger.com,1999:blog-5368712313830241137.post-23935140506096771172012-02-02T14:28:00.001+01:002012-02-05T15:01:29.155+01:00France: Réapparition de Carberq - Malware ciblant le fournisseur internet FREE<div dir="ltr" style="text-align: left;" trbidi="on"><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgGKiuiD1-FMFKTwC8oAIQIlZ_kzIzNyQ5EOyjVKCW_zfdevpMrRV1R8H7OhU3Vhc23HTHalBfUrpjmxCaCxAsGnHrC0TBlkfeMEnO0MgVmg5UL6sAcooWzutMXEjottEMR_dSguFmK6Woe/s1600/Malware-financial.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="225" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgGKiuiD1-FMFKTwC8oAIQIlZ_kzIzNyQ5EOyjVKCW_zfdevpMrRV1R8H7OhU3Vhc23HTHalBfUrpjmxCaCxAsGnHrC0TBlkfeMEnO0MgVmg5UL6sAcooWzutMXEjottEMR_dSguFmK6Woe/s400/Malware-financial.jpg" width="400" /></a></div><div style="text-align: justify;"><strong style="font-weight: normal;">Un code malveillant s´invite chez les clients Free afin de leur ponctionner leurs données bancaires. </strong>L’année dernière, Cabrerp faisait son apparition sur la scène des fraudes bancaires en ligne, prenant la relève des malware Zeus et SpyEye. Comme l'explique <em><a href="http://www.datasecuritybreach.fr/" target="_blank">Data Security Breach</a></em>, la société Trusteer a récemment découvert une nouvelle version de Carberp ciblant le fournisseur d’accès à Internet Free. Le malware est conçu pour subtiliser les informations bancaires des abonnés en utilisant une attaque de type « Man in the Browser » (MitB), c'est-à-dire une infection du navigateur internet permettant notamment de modifier des pages internet.<br />
<br />
</div></div><div class="fb-like" href="http://cyberguerre.blogspot.com/2012/02/france-reapparition-de-carberq-malware.html" send="true" layout="button_count" width="450" faces="false"></div>cyber-guerrehttp://www.blogger.com/profile/03130525031736605100noreply@blogger.com0tag:blogger.com,1999:blog-5368712313830241137.post-70628389770981363582012-02-02T14:15:00.002+01:002012-02-05T15:02:03.493+01:00La Banque Postale: Tentative de Piratage<div dir="ltr" style="text-align: left;" trbidi="on"><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgjE0iKDD7K3yvR98VZo7GkOCzmVtQYdll-Pr3OX_nEkhHIzWV-vMopj-mY1LbFP4I38a_zfahZ2MjZiGPUW5Rr5dr3XpiNinyyx5-qtBEqF8fGtQZmUan5kE5t6leOg9he9g6VjCDMzqpi/s1600/banque+de+la+paoste.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgjE0iKDD7K3yvR98VZo7GkOCzmVtQYdll-Pr3OX_nEkhHIzWV-vMopj-mY1LbFP4I38a_zfahZ2MjZiGPUW5Rr5dr3XpiNinyyx5-qtBEqF8fGtQZmUan5kE5t6leOg9he9g6VjCDMzqpi/s1600/banque+de+la+paoste.jpg" /></a></div><div style="text-align: justify;">Nouvelle tentative de piratage des données bancaires des clients de la Banque Postale. Le piège n'est pas nouveau mais a une fâcheuse tendance à s'améliorer. ZATAZ.COM a détecté plusieurs nouvelles tentatives de filoutages de données bancaires appartenant aux clients de La Banque Postale. Cet hameçonnage débute par un courriel aux couleurs de la filiale bancaire de La Poste. Un émail avec logo et contenus pouvant piéger le lecteur : "Nous avons récemment déterminé que différents ordinateurs connectés a votre compte, Mot de passe et les échecs multiples étaient présents avant la connexion." Mission de l'escroc, inciter le lecteur de la missive usurpatrice à cliquer sur le lien fourni. Dans les cas détectés par ZATAZ.COM, les sites elmaleka.tv et 196.206.0.126 étaient exploités dans cette arnaque. Des urls qui dirigent le surfeur sur des espaces numériques se faisant passer pour un espace d'administration personnel de La Banque Postale.<br />
<br />
source:ZATAZ.COM</div></div><div class="fb-like" href="http://cyberguerre.blogspot.com/2012/02/la-banque-postale-tentative-de-piratage.html" send="true" layout="button_count" width="450" faces="false"></div>cyber-guerrehttp://www.blogger.com/profile/03130525031736605100noreply@blogger.com0tag:blogger.com,1999:blog-5368712313830241137.post-6480427520030024172012-02-01T20:07:00.002+01:002012-02-07T19:21:25.808+01:00TOP 10 list of the most destructive viruses ever.<div dir="ltr" style="text-align: left;" trbidi="on"><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiGnAAv1LOTsaQwrs4Z0AsydwVq61yu8x-NbChi9K8wi6t85os5T9yQ1IWm7isTwL0_ZU12-xfLw_qPOTWqyKLarigVrdDv2s-pCxpiT79qZFJf3XndnblEFm8k3aQ774yHpVqvYdWz1EZe/s1600/20virus3.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiGnAAv1LOTsaQwrs4Z0AsydwVq61yu8x-NbChi9K8wi6t85os5T9yQ1IWm7isTwL0_ZU12-xfLw_qPOTWqyKLarigVrdDv2s-pCxpiT79qZFJf3XndnblEFm8k3aQ774yHpVqvYdWz1EZe/s1600/20virus3.jpg" /></a></div>Viruses have been wreaking havoc on computers since 1986 when the first virus, known as BRAIN showed up on the scene. Brain is considered to be the first virus found on PC’s and infected MS-DOS. Over the past 24 years there have been over 65,000 viruses created. Today we highlight our selected TOP 10 list of the most destructive viruses ever.<br />
<br />
<b>Counting down.</b><br />
<h3 style="color: black;"><span style="background-color: yellow;"><b>#10</b> Sircam</span></h3>Sircam was notable during its outbreak for the way it distributed itself. Document files (usually .doc or .xls) on the infected computer were chosen at random, infected with the virus and emailed out to email addresses in the host’s address book. Opening the infected file resulted in infection of the target computer. <br />
<a name='more'></a>During the outbreak, many personal or private files were emailed to people who otherwise should not have got them.<br />
It also spread via open shares on a network. Sircam would scan the network for computers with shared drives and copy itself to a machine with an open (non-password protected) drive or directory. A simple RPC (Remote Procedure Call) was then executed to start the process on the target machine, usually unknown to the owner of the now-compromised computer.<br />
Over a year later, Sircam was still in the top 10 virus charts.<br />
<h3><span style="background-color: yellow;"><b>#9</b> Code Red</span></h3>The Code Red worm was first discovered and researched by eEye Digital Security employees Marc Maiffret and Ryan Permeh. The worm was named the .ida “Code Red” worm because Code Red Mountain Dew was what they were drinking at the time, and because of the phrase “Hacked by Chinese!” with which the worm defaced websites.<br />
Although the worm had been released on July 13, the largest group of infected computers was seen on July 19, 2001. On this day, the number of infected hosts reached 359,000 The worm defaced websites by inserting its payload which said <i>“HELLO! Welcome to http://www.worm.com! Hacked By Chinese!”</i><br />
<h3><span style="background-color: yellow;"><b>#8</b> SQL Slammer<br />
</span></h3><b>SQL Slammer</b> is a computer worm that caused a denial of service on some Internet hosts and dramatically slowed down general Internet traffic, starting at 05:30 UTC on January 25, 2003. It spread rapidly, infecting most of its 75,000 victims within ten minutes. So named by Christopher J. Rouland, the CTO of ISS, Slammer was first brought to the attention of the public by Michael Bacarella. Although titled “SQL slammer worm”, the program did not use the SQL language; it exploited a buffer overflow bug in Microsoft’s flagship SQL Server and Desktop Engine database products, for which a patch had been released six months earlier in MS02-039. Other names include W32.SQLExp.Worm, DDOS.SQLP1434.A, the Sapphire Worm, SQL_HEL, W32/SQLSlammer and Helkern<br />
<h3><span style="background-color: yellow;"><b>#7</b> Nimda (also known as the Concept Virus)</span></h3>Nimda (also known as the Concept Virus) appeared in September 2001, attacking tens of thousands of servers and hundreds of thousands of PCs. The worm modified Web documents and executable files, then created numerous copies of itself. The worm spread as an embedded attachment in an HTML e-mail message that would execute as soon as the recipient opened the message (unlike the typical attached virus that requires manual launching of the attachment). It also moved via server-to-server Web traffic, infected shared hard drives on networks, and downloaded itself to users browsing Web pages hosted on infected servers. Nimda soon inspired a crowd of imitators that followed the same pattern. Visit Symantec’s Security Response for the Nimda removal tool.<br />
<h3><span style="background-color: yellow;"><b>#6</b> The Anna Kournikova (or VBS.SST@mm) worm</span></h3>The Anna Kournikova virus–also called VBS_KALAMAR, VBS/SST and VBS/OnTheFly–spread worldwide Monday. The Anna virus poses as a photo of 19-year-old Russian tennis player Anna Kournikova attached to an e-mail. The attachment appears as AnnaKournikova.jpg.vbs or as an abbreviated version of that name. The virus uses Visual Basic to infect Windows systems and then, on systems with Microsoft Outlook, mails itself out to the entire address book. The virus does not affect MacOS, Linux or Unix systems. The virus’ ability to mail itself out to a large number of Internet users classifies it as a worm.<br />
Experts claimed that the virus spread nearly as widely as the Melissa virus <i>(see #3)</i> that hit the Net almost two years ago. The Computer Emergency Response Team (CERT) Coordination Center at Carnegie Mellon University said that more than 100 sites reported encountering the virus on Monday.<br />
<h3><span style="background-color: yellow;"><b>#5</b> SoBig Virus</span></h3>In 2003 significant problems occurred as a result of the SoBig virus, which had several variations. SoBig spread through infected e-mail message attachments and unprotected shared folders on computer networks. This virus modified a computer’s operating system so that the worm code ran whenever Windows booted. The latest strain, called SoBig.F, arrived in August 2003 and produced more than 1 million copies within its first 24 hours of life on the Internet.<br />
America Online scanned more than 40 million e-mail messages per day in the weeks after that worm hit and found 60 percent to be infected with the virus. After generating more than <b>$2 billion in damages</b> in the United States alone, the SoBig virus will end the year in the number-one spot in annual virus rankings.<br />
<h3><span style="background-color: yellow;"><b>#4</b> Magistr</span></h3>Magistr is one of the most complex viruses to hit the Internet. Its victims, users of Outlook Express, were hooked by an infected e-mail attachment. The virus, discovered in mid-March 2001, sent garbled messages to everyone in the infected user’s e-mail address book. Attached were files pulled at random from the infected PC’s hard drive plus an executable file with the Magistr code. This virus was not as widespread as many others, but it was very destructive. Magistr overwrites hard drives and erases CMOS and the flashable BIOS, preventing systems from booting. It also contained antidebugging features, making it hard to detect and destroy. Visit Symantec’s Security Response for instructions on how to remove Magistr.<br />
<h3><span style="background-color: yellow;"><b>#3</b> The Melissa Virus</span></h3>The Melissa virus hit the Internet in March 1999. Like most viruses, it was sent as an e-mail attachment and was only activated once the recipient opened the attachment. The virus was designed to take advantage of vulnerabilities in macros — short computer scripts — used by Microsoft’s (Nasdaq: MSFT) main word-processing application, Word.<br />
“What made Melissa powerful was its ability to replicate itself,” Vincent Weafer, senior director at security vendor Symantec (Nasdaq: SYMC), told TechNewsWorld. After examining the contents in a person’s e-mail address book, the virus would send itself out to all of those listed.<br />
The virus was unleashed on a Friday afternoon and quickly spread around the Internet that weekend. Eventually, 15 to 20 percent of U.S. businesses were impacted, leading to hundreds of millions of dollars in damages as a result of lost productivity, computer downtime and additional IT expenses.<br />
Melissa’s designer, David Smith, was eventually sentenced to 20 months in prison after being charged with interruption of public communications, conspiracy to interrupt public communications, theft of computer services and damage or wrongful access to computer services.<br />
<h3><span style="background-color: yellow;"><b>#2</b> The Klez worm</span></h3>The Klez worm, which blends different virus traits, was first detected in October 2001. Klez distributes itself like a virus, but sometimes acts like a worm, other times like a Trojan horse. Klez isn’t as destructive as other worms, but it is widespread, hard to exterminate–and still active. In fact, so far, no other virus has stayed in circulation quite like Klez. It spreads via open networks and e-mail–regardless of the e-mail program you use. Klez sometimes masquerades as a worm-removal tool. It may corrupt files and disable antivirus products. It pilfers data from a victim’s e-mail address book, mixing and matching new senders and recipients for a new round of infection. Visit Symantec’s Security Response for instructions on how to remove Klez.<br />
<h3><span style="background-color: yellow;"><b>#1</b> ILoveYou Worm</span></h3>This worm showed up in May 2000, and is reported to be the most costly worm to businesses ever, it attacked literally tens of millions of windows computers with spam email that contained the words “ILOVEYOU” in the subject line. The worm came with a .VBS attachment that was hidden and disguised as a simple text file. Upon open the worm would send a copy of itself to everyone in the windows address book, and also make some malicious system changes to the users computer. The worm originated in the Philippines on May 4, and spread across the world in one day. It is estimated to have caused about <b>$5.5 billion dollars</b> in damage to businesses. Within nine days of its launch over <b>50 million infections</b> were reported. The cost of damage was primarily associated with the labor it took to remove the worm. Both the Pentagon and the CIA had to shut down their mail systems in order to deal with the worm, as did many large businesses. <a href="http://www.youtube.com/watch?v=9BtxDdq5dwc" target="_blank" title="iloveyouworm on youtube">Watch the ILOVEYOU worm in action (You Tube).</a><br />
<div class="fb-like" faces="false" href="http://cyberguerre.blogspot.com/2012/02/top-10-list-of-most-destructive-viruses.html" layout="button_count" send="true" width="450"></div></div>cyber-guerrehttp://www.blogger.com/profile/03130525031736605100noreply@blogger.com2tag:blogger.com,1999:blog-5368712313830241137.post-80641013005501431812012-02-01T19:15:00.004+01:002012-02-05T15:03:06.878+01:00les secrets de fabrication de l'iPad<div dir="ltr" style="text-align: left;" trbidi="on"><iframe allowfullscreen="" frameborder="0" height="315" src="http://www.youtube.com/embed/-5SY10Kv24k" width="560"></iframe><br />
Les secrets derrières le fabrication du fameux tablet de l'Appel .Une forte stratégie commerciale et pas seulement une innovation technique qui est derrière le succès de l'Appel. </div><div class="fb-like" href="http://cyberguerre.blogspot.com/2012/02/les-secret-de-fabrication-de-lipad.html" send="true" layout="button_count" width="450" faces="false"></div>cyber-guerrehttp://www.blogger.com/profile/03130525031736605100noreply@blogger.com0tag:blogger.com,1999:blog-5368712313830241137.post-45432122810315370652012-02-01T17:53:00.004+01:002012-02-07T19:22:21.714+01:00Nuclear Reactor worm infection - Davis-Besse<div dir="ltr" style="text-align: left;" trbidi="on"><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjrs9JESXgVZegVq2V0A0bAAkRCGgQ6vTKbj6zf-GaUb4XZTrEcrV-EwWj0E_C11Dnrsy2g1bbvhHxlIiwFej4yNVLqtyUC_VQB7reKmlVsYVibLwec45abalb2K3fShFmjK3Mpb_ud6qnA/s1600/worm.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="300" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjrs9JESXgVZegVq2V0A0bAAkRCGgQ6vTKbj6zf-GaUb4XZTrEcrV-EwWj0E_C11Dnrsy2g1bbvhHxlIiwFej4yNVLqtyUC_VQB7reKmlVsYVibLwec45abalb2K3fShFmjK3Mpb_ud6qnA/s400/worm.jpg" width="400" /></a></div>On January 25, 2003, at 12:30 AM Eastern Standard Time, the Slammer worm began exploiting a<br />
vulnerability in Microsoft SQL Server. Within ten minutes, it had infected 75,000 servers<br />
worldwide—90% of vulnerable hosts. The design of Slammer was simple; it did not write itself to<br />
the hard drive, delete files, or obtain system control for its author. Instead, it settled in system<br />
memory and searched for other hosts to infect. Removing the worm was as simple as rebooting the<br />
server after closing network port 1434, Slammer's point of entry.<br />
<a name='more'></a> Installing a patch Microsoft had<br />
released six months earlier would eliminate the vulnerability Slammer exploited and prevent another<br />
infection.<br />
Although Slammer carried no malicious payload, it still caused considerable disruption. It searched<br />
for new hosts by scanning random IP addresses. This generated a huge volume of spurious traffic,<br />
consuming bandwidth and clogging networks. Slammer’s random IP scans disabled data-entry<br />
terminals at a 911 call center in Bellevue, Washington (population 680,000), shutdown 13,000 Bank<br />
of America ATMs, and forced Continental Airlines to cancel several flights when their onlineticketing system and kiosks could not process orders. South Korea suffered a nationwide internet<br />
outage lasting half a day.<br />
The Slammer worm also infected computer systems at the Davis-Besse nuclear power plant near<br />
Oak Harbor, Ohio. The worm traveled from a consultant's network, to the corporate network of<br />
First Energy Nuclear, the licensee for Davis-Besse, then to the process control network for the<br />
plant. The traffic generated by the worm clogged the corporate and control networks. For four<br />
hours and fifty minutes, plant personnel could not access the Safety Parameter Display System<br />
(SPDS), which shows sensitive data about the reactor core collected from coolant systems,<br />
temperature sensors, and radiation detectors—these components would be the first to indicate<br />
meltdown conditions. Power plants are required to notify the NRC if an SPDS outage lasts longer<br />
than eight hours.<br />
The reactor at Davis-Besse had been offline for nearly a year before its Slammer infection due to the<br />
discovery of a hole in the reactor head.Although Slammer's scanning traffic did block sensors<br />
from providing digital readouts to control systems, it did not affect analog readouts on the<br />
equipment itself; plant technicians could still get reliable data from sensors by physically walking up<br />
to them and looking at them, though this process is slower than retrieving data over a network.<br />
Davis-Besse had a firewall protecting its corporate network from the wider internet, and its<br />
configuration would have prevented a Slammer infection. However, a consultant had created a<br />
connection behind the firewall to the consultancy's office network. This allowed Slammer to bypass<br />
the firewall and infect First Energy's corporate network. From there, it faced no obstacle on its way<br />
to the plant control network. In response, First Energy set up a firewall between the corporate<br />
network and the plant control network.<br />
The Davis-Besse incident highlighted the fact that most nuclear power plants, by retrofitting their<br />
SCADA systems for remote monitoring from their corporate network, had unknowingly connected<br />
their control networks to the internet. At the time, the NRC did not permit remote operation of<br />
plant functions.That policy would change by 2008.<br />
<div class="fb-like" faces="false" href="http://cyberguerre.blogspot.com/2012/02/ruclear-reactor-worm-infection-davis.html" layout="button_count" send="true" width="450"></div></div>cyber-guerrehttp://www.blogger.com/profile/03130525031736605100noreply@blogger.com1