Chinese Hackers Eavesdropping European Diplomats Before G20 Summit

Researchers At FireEye Found -Chinese Hackers Snitching  Europeans Before G20 Summit 

Story of cyber espionage by Chinese hackers used to remain one of most highest pick of breakneck. Yet again another breathtaking issue of  eavesdropping by Chinese hackers get spot light, when  California-based renounced computer security firm FireEye Inc have figured out that a group of Chinese hackers eavesdropped on the computers of five European foreign ministries before last September's G20 Summit, which was dominated by the Syrian crisis. From the detailed analysis we came to know that the hackers have infiltrated the ministries' computer networks by sending emails to staff containing tainted files with titles such as "US_military_options_in_Syria," which sells virus fighting technology to companies. Whenever the targeted recipients opened those documents, they loaded malicious code on to their personal computers. Researchers of FireEye said that they were able to monitor the "inner workings" of the main computer server used by the hackers to conduct their reconnaissance and move across compromised systems for about a week in the late August. But suddenly they lost access to the hackers after they moved to another server shortly before the G20 Summit in St. Petersburg, Russia. 

Though the company has declined in open press to identify the nations whose ministries were hacked, although it said they were all members of the European Union. But FireEye informed the FBI about the whole issue in details. FireEye also confirmed that the hackers where from China, but they did not find evidence which may link those hackers to the Chinese government. Not surprisingly and obviously like earlier the Chinese government has distanced itself from any claim that it might have hacked foreign governments for data. FireEye also successfully monitor several dozen hacking groups operating in China, most of which they suspect of having ties to the government. The firms also suspect the hacking groups of stealing intellectual property for commercial gain. The researchers had been following the hackers behind the Syria-related attack for several years, but this is the first time the group's activities have been publicly documented. The company calls the group "Ke3chang," after the name of one of the files it uses in one of its pieces of malicious software. "The theme of the attacks was U.S. military intervention in Syria," said FireEye researcher Nart Villeneuv. 

On reaction Chinese Foreign Ministry spokesman Hong Lei said- "U.S. internet companies are keen on hyping up the so-called hacker threat from China, but they never obtain irrefutable proof, and what so-called evidence they do get is widely doubted by experts. This is neither professional nor responsible," 

While talking in this story of Chinese eavesdropping, I also want to dig some points from decent parts where we all became very habituated of seeing Europe & U.S. countries blaming China for engaging cyber attacks; and China also do the same for accusing U.S. like vice versa. I am reviving your memories of last few years where If you look at the story of major cyber attacks of this year we will find that the name of China has been involved several times for engaging cyber attacks against several high profile websites and organization of U.S. including New York Times, Twitter, NBC and so on. And if you refresh our memory then then we will find the scenario of big cyber attack and espionage by Chinese hackers have been spotted several times. In 2012 Chinese hackers had  breached Telvent's corporate network & gained control of US Power Grid. Also in the middle of last year, we have seen that Chinese hackers have broken into Indian Navy's Computer System & stolen sensitive data. Few months before this hack, Tokyo based computer security firm Trend Micro confirmed that Chinese hackers were responsible for biggest cyber-espionage in India, Japan & Tibet. Also the director of National Security Agency (NSA) General Keith Alexander confirmed that hackers from China was responsible for the serious attack on one of the leading IT security & cyber security company RSA. Also in 2011 China was responsible behind the attack on US Chamber of Commerce, Satellite System of U.S, Nortel Network & so on.  But few days ago National Computer Network Emergency Response Coordination Center of China (CNCERT/CC), China's primary computer security monitoring network claimed that China fallen victim of one of biggest cyber attacks originated from US, Japan & South Korea. We must have to say that this statement is truly irrelevant. Cyber crime investigator have found that China was directly responsible for the hack into Japan's Biggest Defense Contractor Mitsubishi, Japan Aerospace Exploration Agency (JAXA) & Parliament of Japan. In case of South Korea  more than 13 Million of MapleStory players data has been stolen, there also hackers from China was responsible.  

Before I conclude, I request you to closely look at the above mentioned stories, you will find China majorly responsible for eavesdropping & security breach. On the same side China also been effected by the same way. So in conclusion, we cant put a full stop in this chain of cyber attacks, hacking & eavesdropping, as it comes from both end. So this exciting episode will be continued like it does. If you want to stay updated then don't forget to stay tuned with VOGH. 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Chinese Hackers Eavesdropping European Diplomats Before G20 Summit "https://www.voiceofgreyhat.com/2013/12/china-eavesdropping-europeans-before-G20-summit.html</a>

Twitter & Yahoo Tightening Their Security to Prevent Eavesdropping of NSA

Twitter & Yahoo Tightening Their Security to Prevent Eavesdropping of NSA & Other Govt Agencies 

Last month a untold and sensational story came to light, when the whistle blowers Edward Snowden unveiled one of the top secret program of NSA called called “Muscular” Former NSA contractor Snowden himself disclosed that the National Security Agency has secretly broken into the main communications links that connect Yahoo and Google data centers around the world in order to collect and snoop the private data of millions of internet users. NSA’s acquisitions directorate sends millions of records every day from internal Yahoo and Google networks to data warehouses at the agency’s headquarters at Fort Meade, Md. In the preceding 30 days, the report said, field collectors had processed and sent back 181,280,466 new records including “metadata,” which would indicate who sent or received e-mails and when, as well as content such as text, audio and video. Both Yahoo & Google said that they had never gave access to nay Govt agency to their data centers. Yahoo spokeswoman said, “We have strict controls in place to protect the security of our data centers, and we have not given access to our data centers to the NSA or to any other government agency.” Google’s chief legal officer, David Drummond said “We are outraged at the lengths to which the government seems to have gone to intercept data from our private fiber networks, and it underscores the need for urgent reform,” 

But the matter of fact is that NSA has indeed sniffed the personal & private communication of million internet users of tech giants like Yahoo and Google. To get rid of this kind of privacy breach, now the tech giants who hold the personal record and credential of mass, are tightening and enhancing their existing security system. According to Marissa Mayer, CEO of Yahoo "We’ve worked hard over the years to earn our users’ trust and we fight hard to preserve it." Yahoo also says it will encrypt all information moving between its data centers by the end of the first quarter, and it will work on getting international partners to enable HTTPS encryption in Yahoo-branded Mail services.Yahoo says it will give users an option to encrypt all data flow to and from Yahoo. "Yahoo has never given access to our data centers to the NSA or to any other government agency ever. There is nothing more important to us than protecting our users’ privacy. To that end, we recently announced that we will make Yahoo Mail even more secure by introducing https (SSL - Secure Sockets Layer) encryption with a 2048-bit key across our network by January 8, 2014." added Marissa Mayer.

Not only Yahoo, but the social networking giant Twitter, who have registered users of almost 550 million with an active user of 250 million across the globe has also taken immediate steps after this breathtaking story of spying by NSA get the spot light. Twitter is implementing new security measures that should make it much more difficult for anyone to eavesdrop on communications between its servers and users. The entire security mechanism has been taken to tighten the data privacy of its users. According to a blog post of twitter the company has implemented "perfect forward secrecy" on its Web and mobile platforms, which made eavesdropping almost impossible. "As part of our continuing effort to keep our users’ information as secure as possible, we’re happy to announce that we recently enabled forward secrecy for traffic on twitter.com, api.twitter.com, and mobile.twitter.com. On top of the usual confidentiality and integrity properties of HTTPS, forward secrecy adds a new property. If an adversary is currently recording all Twitter users’ encrypted traffic, and they later crack or steal Twitter’s private keys, they should not be able to use those keys to decrypt the recorded traffic." -said the blog post.

While talking about Muscular program of NSA, we would also like to remind you that couple weeks ago we came to know about 'Royal Concierge' another secret program of GCHQ & NSA to spy foreign diplomats through hotel bookings uncovered by Edward Snowden.

-Source (CIO & PC World) 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Twitter & Yahoo Tightening Their Security to Prevent Eavesdropping of NSA"https://www.voiceofgreyhat.com/2013/11/twitter-yahoo-tightening-security-2stop-eavesdropping.html</a>

Android handsets 'leak' personal data

More than 99% of Android phones are potentially leaking data that, if stolen, could be used to get the information they store online.

The data being leaked is typically used to get at web-based services such as Google Calendar.
The discovery was made by German security researchers looking at how Android phones handle identification information.
Google has yet to comment on the loophole uncovered by the researchers.
ID attack University of Ulm researchers Bastian Konings, Jens Nickels, and Florian Schaub made their discovery while watching how Android phones handle login credentials for web-based services.
Many applications installed on Android phones interact with Google services by asking for an authentication token - essentially a digital ID card for that app. Once issued the token removes the need to keep logging in to a service for a given length of time.
Sometimes, found the researchers, these tokens are sent in plain text over wireless networks. This makes the tokens easy to spot so criminals eavesdropping on the wi-fi traffic would be able to find and steal them, suggest the researchers.
Armed with the token, criminals would be able to pose as a particular user and get at their personal information.
Even worse, found the researchers, tokens are not bound to particular phones or time of use so they can be used to impersonate a handset almost anywhere.
"[T]he adversary can gain full access to the calendar, contacts information, or private web albums of the respective Google user," the researchers wrote in a blog post explaining their findings.
Abuse of the loophole might mean some people lose data but other changes may be harder to spot.
"...an adversary could change the stored e-mail address of the victim's boss or business partners hoping to receive sensitive or confidential material pertaining to their business," the team speculated.
There is no suggestion that attackers are exploiting the Android loophole at the moment.
Almost all versions of the Android operating system were passing round unencrypted authentication tokens, found the researchers. It was fixed in version 2.3.4 but, suggest Google figures, only 0.3% of Android phones are running this software.
Some Google services, such as image sharing site Picasa, are still using unencrypted authentication tokens that can be stolen, found the team.
The researchers urged Android phone owners to update their device to avoid falling victim to attacks via the loophole. Google is also known to be working with operators and handset makers to get updates to people faster than at present.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Android handsets 'leak' personal data"https://www.voiceofgreyhat.com/2011/05/android-handsets-leak-personal-data.html</a>

Director of National Security Agency Will Join DEFCON 20 Hacking Conference

Director of National Security Agency Will Join DEFCON 20 Hacking Conference

Great news for hackers and security professionals who will attend the most awaited & the world's largest annual hacking party "DEFCON 20" in Las Vegas next week will have a rare chance to rub shoulders with the head of the U.S. National Security Agency. The Defcon 20 official page is saying that the director of the spy agency, Mr. General Keith Alexander will speak at the Defcon conference, marking the highest-level visit to date by a U.S. government official to the colorful gathering. 

The founder of Defcon and renouned hacker Mr. Jeff Moss said who is known as the Dark Tangent said "We're going to show him the conference. He wants to wander around". Still, Moss said he expect there could be some controversy over Alexander's presence among the diverse hacker crowd that attends the conference. The NSA plays both offense and defense in the cyber wars. It conducts electronic eavesdropping on adversaries, in addition to protecting U.S. computer networks.

"I expect some people will say 'You are a sellout for having someone from the NSA speak" Mossed added.

He said he's spent a decade trying to get the head of the NSA to speak at Defcon, but he never imaged it would actually happen: "To me this is really validating of the whole culture."

Defcon offers a side conference for children, Defcon Kids, which Alexander will likely visit. It also trains hackers to pick locks and has an annual contest to measure who is best at persuading corporate workers to release sensitive data over the phone. Moss said he invited federal agents to the first Defcon conference, but that they politely declined. They showed up anyway, incognito. They kept coming, in bigger numbers, sometimes in uniform. "We created an environment where the feds felt they could come and it wasn't hostile," Moss said. "We could ask them questions and they wanted to ask the hackers about new techniques."

-Source (Huffington Post)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Director of National Security Agency Will Join DEFCON 20 Hacking Conference"https://www.voiceofgreyhat.com/2012/07/DEFCON20willgetNSADirectorKeithAlexander.html</a>

'Royal Concierge' Secret Program of GCHQ to Spy Foreign Diplomats Through Hotel Bookings Unveiled By Edward Snowden

'Royal Concierge' Secret Program of GCHQ to Spy Foreign Diplomats By Hotel Bookings Unveiled By Edward Snowden

Edward Snowden the American whistle blowers who is currently living in Russia under temporary asylum, after Snowden is considered a fugitive by American authorities who have charged him with espionage and theft of government property  yet again uncovered what it called sensational information. This time he unfold a top secret program of Britain's GCHQ intelligence agency & US National Security Agency (NSA). In which they infiltrated the reservation systems of around 350 luxury hotels popular among diplomats and government officials with the help of a sophisticated program code-named "Royal Concierge" Royal Concierge designed to keeps tabs on foreign diplomats by monitoring their hotel bookings. This can include monitoring a hotel room and its guest by wiretapping the telephone and fax machine, gaining access to computers hooked up to the hotel network, or eavesdropping on the diplomat in the hotel bar. This surveillance program, uses a logo with a penguin -- meant to stand for the black and white uniforms worn by staff at top hotels -- wearing a crown, a purple cape and holding a wand. The top secret program automatically checked whether the e-mail address of a visitor on the hotel booking system matched with the address of his government and with this information the GCHQ could take the necessary steps to bug the concerned hotel room, to tap its telephones or to eavesdrop into the electronic data transfer, the news weekly said. Snowden said GCHQ has been using the search and analyse program for more than three years to track diplomats and government officials among hotel guests. 

The above breathtaking information first came on a German magazine 'Der Spiegel' on Sunday. And this exciting leaks been provided by former US intelligence contractor Edward Snowden. After this lurid information came to light, press asked questions to GCHQ, in response an official of GCHQ said "We are not going to comment on this report". But the entire conversation with Der Spiegel reporter with GCHQ officials came to the conclusion of GCHQ "neither confirms nor denies the allegation". On th other hand Britain's top spy chiefs reacted angrily to leaks by Snowden, a fugitive former analyst for the US National Security Agency, in an appearance this month before a parliamentary committee. Denying Britons were under mass surveillance, the heads of the foreign spy agency MI6, the domestic intelligence service MI5 and GCHQ warned that al-Qaeda and other enemies were "lapping up" intelligence revelations by Snowden and using them to change the way they operate.

-Source (AFP, News 24)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">'Royal Concierge' Secret Program of GCHQ to Spy Foreign Diplomats Through Hotel Bookings Unveiled By Edward Snowden"https://www.voiceofgreyhat.com/2013/11/snowden-unveiled-royal-concierge-GCHQ.html</a>

The Washington Post Server Breached! Chinese Hackers Apprehend For This Cyber Attack

The Washington Post Server Hacked! Suspected That Chinese Hackers Are Behind This Cyber Attack 

Last week the story of Chinese eavesdropping on European ministries and diplomats at G20 summit draws the attention of the entire cyber world and made headlines. Yet again another breathtaking issue came in-front where also China found responsible for security breach that effected The Washington Post - the most widely circulated newspaper published in Washington, D.C. Sources reveled that hackers broke into The Washington Post’s servers and gained access to employee user names and passwords. Mandiant, a cyber security contractor that monitors The Washington Post’s networks, said the intrusion was of relatively short duration. The extent of the loss of company data was not immediately clear, still the matter of relief is that the company passwords are stored in encrypted form, hackers in some cases have shown the ability to decode such information. although to avoid any further mishap Washington Post have planned to ask all employees to change their user names and passwords on the assumption that many or all of them may have been compromised. Officials at Washington Post said that they saw no evidence that subscriber information, such as credit cards or home addresses, was accessed by the hackers. Nor was there any sign that the hackers had gained access to The Post’s publishing system, e-mails or sensitive personal information of employees, such as their Social Security numbers. Post officials found that this hack is more-recent than the 2011 one. They also said, began with an intrusion into a server used by The Post’s foreign staff but eventually spread to other company servers before being discovered. “This is an ongoing investigation, but we believe it was a few days at most,” said Post spokeswoman Kris Coratti. 

China not only targeted Washington Post,  If you look at the story of major cyber attacks of this year we will find that the name of China has been involved several times for engaging cyber attacks against several high profile news organization of U.S. including New York Times, NBC and so on. So far Chinese Government have not responded to this issue, also none of Chinese hacker community take the responsibility of this breach. For upcoming updates on this story stay tuned with VOGH. 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">The Washington Post Server Breached! Chinese Hackers Apprehend For This Cyber Attack "https://www.voiceofgreyhat.com/2013/12/washington-post-hacked-by-chinese-hackers.html</a>

NSA (National Security Agency) is Searching For Good Hackers

 

The National Security Agency has a challenge for hackers who think they’re hot stuff: Prove it by working on the “hardest problems on Earth.”
Computer hacker skills are in great demand in the U.S. government to fight the cyberwars that pose a growing national security threat — and they are in short supply.

For that reason an alphabet soup of federal agencies — DOD, DHS, NASA, NSA — are descending on Las Vegas this week for Defcon, an annual hacker convention where the $150 entrance fee is cash only — no registration, no credit cards, no names taken. Attendance is expected to top 10,000.
The NSA is among the keen suitors. The spy agency plays offence and defence in the cyberwars. It conducts electronic eavesdropping on adversaries, and it protects U.S. computer networks that hold super-secret material — a prime target for America’s enemies.

“Today it’s cyberwarriors that we’re looking for, not rocket scientists,” said Richard “Dickie” George, technical director of the NSA’s Information Assurance Directorate, the agency’s cyber-defense side.

“That’s the race that we’re in today. And we need the best and brightest to be ready to take on this cyberwarrior status,” he told Reuters in an interview.
The NSA is hiring about 1,500 people in the fiscal year, which ends Sept. 30, and another 1,500 next year, most of them cybersecurity experts. With a workforce of about 30,000, the Fort Meade-based NSA dwarfs other intelligence agencies, including the CIA.
It also engages in cyber-spying and other offensive operations, something it rarely, if ever, discusses publicly.
But at Defcon, the NSA and other “Feds” will be competing with corporations looking for hacking talent.
The NSA needs cybersecurity experts to harden networks, defend them with updates, do “penetration testing” to find security holes and watch for signs of cyberattacks.
The NSA is expanding its fold of hackers, but George said there is a shortage of those skills. “We are straining to hire the people that we need.”

It might seem to be an odd-couple fit — strait-laced government types with their rules and missions trying to recruit hackers who by definition want to defy authorities.
George said the NSA is an environment where the hacker mind-set fits with “a critical mass of people that are just like them.”
But what about culture rifts?
“When I walk down the hall there are people that I see every day and I never know what color their hair’s going to be,” George said. “And it’s a bonus if they’re wearing shoes. We’ve been in some sense a collection of geeks for a long, long time.”
The agency has long been known for its brilliant, but sometimes eccentric, mathematicians and linguists.
Jeff Moss, a hacker known as Dark Tangent, knows something about bridging the two worlds. He founded Defcon and the companion Black Hat conference for security professionals and is now a member of the Department of Homeland Security’s Advisory Council, which advises the government on cybersecurity.
“They need people with the hacker skill set, hacker mind-set. It’s not like you go to a hacker university and get blessed with a badge that says you’re a hacker. It’s a self-appointed label — you think like one or you don’t,” Moss told Reuters.

-News Source (Washington Post)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">NSA (National Security Agency) is Searching For Good Hackers"https://www.voiceofgreyhat.com/2011/08/nsa-national-security-agency-is.html</a>

Opera 11.60 Codenamed "Tunny" Released & Major Security Holes Fixed

Opera 11.60 Final Version code named "Tunny" has been released by Opera Software. Opera 11.60 boasts three major new features, including revamped Address Bar, browser engine and mail client. Opera, which runs on Windows, Mac and Linux, has long been regarded as a pioneer when it comes to the web browser -- it was the first to introduce tabbed browsing, for example, and is still the only major browser to also include a mail client.

The Address Bar has been revamped to provide an experience similar to rival browsers such as Google Chrome and Mozilla Firefox in providing helpful suggestions as the user starts typing into the Address field. Version 11.60 also introduces a new shortcut, courtesy of a clickable star, to the Address Bar that makes it quick and easy to add the current web page to your Speed Dial or bookmarks menu.

Opera 11.60′s most visible new features are in the mail client’s extensive redesign, which Opera claims brings it in line with the browser’s "featherweight design aesthetic" The layout is cleaner, and messages are now grouped together by date, with options for grouping them by unread or pinned status, or not at all. Messages can also be pinned via a single click, with the pinning mapped to the IMAP \Flagged feature, ensuring compatibility with other IMAP clients, including Gmail’s Starred message status. The Mail toolbars have been simplified and redesigned icons coupled with easier access to the settings dialog (click the new Wrench button) provide weight to Opera’s claim that this makes the client easier to navigate and more intuitive to use. 

In this release opera updated addresses a vulnerability affecting some two- and three-letter top-level domains (TLD) that could allow cookies to be set for the TLD itself; these cookies could then be read by other sites using that TLD. A problem related to a weakness in the SSL v3.0 and TLS 1.0 specifications which could be used for eavesdropping attacks against some applications, and a cross-domain information leakage problem in the JavaScript "in" operator, have also been fixed.

In addition to the security fixes, Opera 11.60 has a new HTML engine that should, according to its developers, improve loading time for a majority of web sites, including pages using Secure Sockets Layer (SSL) encryption technology. Other changes include a completely revamped built-in mail client (M2) that's said to be easier to setup and use, and improvements to the address (URL) field to allow users to quickly add their favourite sites to the browser's Speed Dial.

To Download Opera 11.60 For Windows, Linux, Mac, BSD & Solaris Click Here

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Opera 11.60 Codenamed "Tunny" Released & Major Security Holes Fixed"https://www.voiceofgreyhat.com/2011/12/opera-1160-codenamed-tunny-released.html</a>