Showing posts sorted by relevance for query law enforcement. Sort by date Show all posts
Showing posts sorted by relevance for query law enforcement. Sort by date Show all posts

Facebook Law-Enforcement Tool

Posted by Avik Sarkar On 9/19/2011 05:42:00 pm


U.S. law-enforcement agencies are increasingly obtaining warrants to search Facebook, often gaining detailed access to users' accounts without their knowledge. A Reuters review of the Westlaw legal database shows that since 2008, federal judges have authorized at least two dozen warrants to search individuals' Facebook accounts. Many of the warrants requested a laundry list of personal data such as messages, status updates, links to videos and photographs, calendars of future and past events, "Wall postings" and "rejected Friend requests."
Federal agencies seeking the warrants include the FBI, DEA and ICE, and the investigations range from arson to rape to terrorism. The Facebook search warrants typically demand a user''s "Neoprint" and "Photoprint" -- terms that Facebook has used to describe a detailed package of profile and photo information that is not even available to users themselves. These terms appear in manuals for law enforcement agencies on how to request data from Facebook. The manuals, posted on various public-advocacy websites, appear to have been prepared by Facebook, although a spokesman for the company declined to confirm their authenticity.
The review of Westlaw data indicates that federal agencies were granted at least 11 warrants to search Facebook since the beginning of 2011, nearly double the number for all of 2010. The precise number of warrants served on Facebook is hard to determine, in part because some records are sealed, and warrant applications often involve unusual case names. (One example: "USA v. Facebook USER ID Associated with email address jimmie_white_trash@yahoo.com," a sealed case involving a drug sale.) In a telephone interview, Facebook's Chief Security Officer, Joe Sullivan, declined to say how many warrants had been served on the company. He said Facebook is sensitive to user privacy and that it regularly pushes back against law-enforcement "fishing expeditions."

NOT CHALLENGED:-

None of the warrants discovered in the review have been challenged on the grounds that it violated a person's Fourth Amendment protection against unlawful search and seizure, according to a review of the cases. Some constitutional-law experts said the Facebook searches may not have been challenged because the defendants - not to mention their "friends" or others whose pages might have been viewed as part of an investigation -- never knew about them.
By law, neither Facebook nor the government is obliged to inform a user when an account is subject to a search by law enforcement, though prosecutors are required to disclose material evidence to a defendant. Twitter and several other social-media sites have formally adopted a policy to notify users when law enforcement asks to search their profile. Last January, Twitter also successfully challenged a gag order imposed by a federal judge in Virginia that forbade the company from informing users that the government had demanded their data.
Twitter said in an email message that its policy was "to help users protect their rights." The Facebook spokesperson would not say whether the company had a similar policy to notify users or if it was considering adopting one.

THE CASE OF THE SATANISTS:-
In several recent cases, however, Facebook apparently did not inform account-holders or their lawyers about government snooping. Last year, several weeks after police apprehended four young Satanists who burned down a church in Pomeroy, Ohio, an FBI agent executed a search warrant on Facebook seeking data about two of the suspects. All four ultimately pleaded guilty and received sentences of eight to ten years in state prison (along with a message of forgiveness from a church official who called the sentence "God's time out," and presented them with a Bible). It is unclear if data obtained from the warrant was used in the investigation. Lawyers for the two defendants were unaware of the searches until they were contacted by Reuters.
In another case, the DEA searched the account of Nathan Kuemmerle, a Hollywood psychiatrist who pleaded guilty in Los Angeles federal court after a joint operation last year by the DEA and local police revealed he had run a "pill mill" for celebrity customers.
Westlaw records show that that the DEA executed a warrant to search Kuemmerle's Facebook account weeks after his arrest.
At Kuemmerle's bail hearing, a Redondo Beach police detective pointed to comments Kuemmerle made on Facebook and in the site's popular game "Mafia Wars" to argue that he should be denied bail.
According to Kuemmerle's lawyer, John Littrell, the detective testified on cross-examination that the information was from "an undercover source." Littrell told Reuters that neither he nor his client was ever informed about the warrant, and that he only learned of its existence from Reuters.
The detective said in an e-mail message that he did not recall being asked about how he obtained the Facebook information. The DEA did not reply to requests for comment.

POTENTIAL FOR NEW LEGAL CHALLENGES:-
The Facebook searches potentially open up new legal challenges in an area that at one time seemed relatively settled: How much protection an individual has against government searches of personal information held by third parties. In a 1976 case, United States v. Miller, a divided U.S. Supreme Court ruled that a bank did not have to inform its customer when it turned over his financial records to the Bureau of Alcohol, Tobacco and Firearms.
In doing so, the Supreme Court held that the customer could not invoke Fourth Amendment rights against illegal search and seizure because the records were bank property in which he had no legitimate "expectation of privacy."
Under this reasoning, a person would have no more expectation of privacy in Facebook content than in bank records. A key difference, however, is the scale of information that resides on social networking sites. "It is something new," said Thomas Clancy, a constitutional-law professor at the University of Mississippi. "It''s the amount of information and data being provided as a matter of course by third parties."
Eben Moglen, a cyberlaw professor at Columbia Law School, says the Facebook searches show that courts are ill-equipped to safeguard privacy rights in an age of digital media. In his view, "the solutions aren't legal, they''re technical."
Clancy, the Mississippi professor, said that courts are divided over whether the unprecedented volume of digital records in the possession of third parties should give rise to special rules governing the search of electronic data.
He added that the Supreme Court had an opportunity to clarify the issue in a case called Ontario v. Quon, but that it decided to "punt."
The Quon case concerned a California policeman who claimed his employer violated his Fourth Amendment rights when it read sexually explicit messages that he had sent from a work pager.
The Court found that that the employer's search was not unreasonable, but declined to rule on the degree to which people have a privacy interest in electronic data controlled by others.
Explaining the court's caution, Justice Anthony Kennedy wrote, "The judiciary risks error by elaborating too fully on the Fourth Amendment implications of emerging technology before its role in society has become clear."

To download the Facebook Law Enforcement Guidance click Here


SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

More than 70 Police Websites Hacked in Response to #Op-Topiary (#Antisec)

Posted by Avik Sarkar On 8/08/2011 01:50:00 pm


AntiSec, the hacker group made of members from Anonymous and LulzSec, said Saturday that it has hacked more than 70 law enforcement agency websites in the U.S. in retaliation of recent arrests of alleged AntiSec members in the U.S. and the U.K.
The group, which has previously lodged attacks against law enforcement in Arizona, also said it was able to access 10 gigabytes of emails, credit card details and other sensitive data from the agencies.


And in a move that will infuriate law enforcement further, AntiSec called this cyber attack "ShootingSheriffsSaturday."
"A week after we defaced and destroyed the websites of over 70 law enforcement agencies, we are releasing a massive amount of confidential information that is sure to embarass, discredit and incriminate police officers across the US," AntiSec said in a statement posted on the website PasteBin, which has become a favorite place for the hackers to post the information they've stolen.

"Over 10GB of information was leaked including hundreds of private email spools, password information, address and social security numbers, credit card numbers, snitch information, training files, and more. We hope that not only will dropping this info demonstrate the inherently corrupt nature of law enforcement using their own words, as well as result in possibly humiliation, firings, and possible charges against several officers, but that it will also disrupt and sabotage their ability to communicate and terrorize communities."

Many of the agencies had no immediate comment on the hackings, while others expressed confusion as to what information was hacked.
In Mississippi, the Tunica County Sheriff's office was aware that their website was down, but did not know much beyond that, said Lt. Persundra Jones

“We don’t what’s really going on,” Jones said. “We have no idea.”

In Tishomingo County, sheriff’s officials alerted the FBI and the company that oversees the website, who promptly shut it down, said dispatcher Edric Parish.
AntiSec said in its statement that it was "doing this in solidarity with Topiary and the Anonymous PayPal LOIC defendants as well as all other political prisoners who are facing the gun of the crooked court system. We stand in support of all those who struggle against the injustices of the state and capitalism using whatever tactics are most effective, even if that means breaking their laws in order to expose their corruption.

"You may bust a few of us, but we greatly outnumber you, and you can never stop us from continuing to destroy your systems and leak your data."

The most recent arrest of suspected hackers affiliated with Anonymous and LulzSec, was that of 18-year-old Jake Davis. England's Metropolitan Police Service, better known as Scotland Yard, has said it believes Davis is the "Topiary," a hacker who has acted as a spokesman for the groups.

Davis was released on bail Monday, but a London court ordered that he be prohibited from using the Internet.

"We have no sympathy for any of the officers or informants who may be endangered by the release of their personal information," AntiSec said in its statement. "For too long they have been using and abusing our personal information, spying on us, arresting us, beating us, and thinking that they can get away with oppressing us in secrecy. Well it's retribution time: we want them to experience just a taste of the kind of misery and suffering they inflict upon us on an everyday basis. Let this serve as a warning to would-be snitches and pigs that your leaders can no longer protect you: give up and turn on your masters now before it's too late."
In a bit of a departure from the Arizona-targeted cyber attacks, the law enforcement agencies AntiSec says it hacked were mainly in the central and southern parts of the U.S., including agencies in Arkansas, Kansas, Louisiana, Missouri and Mississippi.

-News Source (LANT)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Arizona Law Enforcement Compromised by LulzSec

Posted by Avik Sarkar On 6/24/2011 05:27:00 pm



Arizona Law Enforcement Compromised by LulzSec. They released "hundreds of private intelligence bulletins, training manuals, personal email correspondence, names, phone numbers, addresses, and passwords belonging to Arizona law enforcement."


According To Lulzsec:-


"We are releasing hundreds of private intelligence bulletins, training manuals, 
personal email correspondence, names, phone numbers, addresses and passwords 
belonging to Arizona law enforcement. We are targeting AZDPS specifically 
because we are against SB1070 and the racial profiling anti-immigrant police 
state that is Arizona. 

The documents classified as "law enforcement sensitive", "not for public 
distribution", and "for official use only" are primarily related to border 
patrol and counter-terrorism operations and describe the use of informants to 
infiltrate various gangs, cartels, motorcycle clubs, Nazi groups, and protest 
movements.

Every week we plan on releasing more classified documents and embarassing 
personal details of military and law enforcement in an effort not just to reveal 
their racist and corrupt nature but to purposefully sabotage their efforts to 
terrorize communities fighting an unjust "war on drugs". 

Hackers of the world are uniting and taking direct action against our common 
oppressors - the government, corporations, police, and militaries of the world. 
See you again real soon! ;D"
For More Click Here






SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-




























10GB of Law Enforcement Data Exposed (#AntiSec)






 Posted by Avik Sarkar
 On 8/07/2011 06:14:00 pm











Hackers associated with the "AntiSec" collaboration between Anonymous and recently disbanded hacker group LulzSec have released more than 10GB of information from 70 different law enforcement agencies across the United States. The leakers called it one of their largest data dumps yet, released as retaliation for recent U.S. and U.K. arrests of alleged AntiSec members.

Nestled within the data dump, posted as both a BitTorrent release and posted on sites accessible via the Tor anonymity network, are more than 300 different email accounts from 56 law enforcement Web sites. Details from the ransacked Missouri Sherriff's Association Web site also appear in the release, including user names and passwords as well as users' home addresses, phone numbers, and Social Security numbers–a move that's sure to infuriate law enforcement officials even before they note the actual name of the hackers' release, "Shooting Sheriffs Saturday."



Also found within the release are various police training files, a list of users who have submitted information to an online "anonymous" crime tip system, and various server-related information and login credentials.



"We have no sympathy for any of the officers or informants who may be endangered by the release of their personal information. For too long they have been using and abusing our personal information, spying on us, arresting us, beating us, and thinking that they can get away with oppressing us in secrecy," reads the hackers' Pastebin-posted. "Well it's retribution time: we want them to experience just a taste of the kind of misery and suffering they inflict upon us on an everyday basis."



The hack was allegedly carried out following an initial breach of a server owned by the company Brooks-Jeffrey Marketing, which hosts various sheriff's association sites. Its server was initially taken offline following confirmation of the first attack, but its subsequent relaunch allegedly kept intact the same backdoor methods the hackers users to access the original server. At that point, the hackers went ahead and started defacing the more than 70 different law enforcement agency domains associated with Brooks-Jeffrey Marketing.

"We lol'd as we watched the news reports come in, quoting various Sheriffs who denied that they were ever hacked, that any personal information was stolen, that they did not store snitch info on their servers. Many lulz have been had as we taunted the sheriffs by responding to their denials by tweeting teasers exposing their SSNs, passwords, addresses, and private emails," reads the hackers' manifesto.



The hackers also used stolen credit card information to make donations to the American Civil Liberties Union, the Electronic Frontier Foundation, and the Bradley Manning Support Network, among other organizations.



-News Source (PC Mag)






SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-




























Security Experts Are Saying: Project 25 Mobile Radios Are Vulnerable






 Posted by Avik Sarkar
 On 8/27/2011 02:51:00 am














Many users don’t know how to use encryption, and radios can be jammed with a child’s toy. A paper presented at this year’s APCO conference showed the vulnerability of some new and expensive encrypted digital mobile radios, particularly those used by federal law enforcement agencies. The researchers from the University of Pennsylvania found that it was very easy to monitor sensitive law enforcement operations, that users either didn’t turn on their encryption or thought their transmissions were encrypted when they weren’t, and that a $30 child’s toy could corrupt the radios’ signals enough to make them useless. They also found a way to make the radios transmit at will, so that direction-finding equipment could be used to determine their location.

The radios with the identified problems operate on a relatively new protocol called Project 25 (P25). P25 is an initiative of the Association of Public Safety Communications Officers (APCO) and both users and manufacturers of radio equipment. P25 radios use digital transmissions on channels spaced 12.5KHz apart in the UHF and VHF bands. One of the objectives of P25 is to expand the number of channels available for use in the crowded radio spectrum. Presently, federal law enforcement agencies are the biggest users of P25 equipment, but other public safety organizations are adopting the standard as they replace their “legacy” radios. Eventually, all users in the VHF and UHF bands will be required to go to P25 equipment, as their licenses to operate on the broader channels and with analog equipment won’t be renewed by the FCC.

Traffic over P25 equipment is transmitted in digital form, as bits of ones and zeros, rather than as an analog waveform as with older radios. The body of voice or data traffic is preceded and followed by several data frames of different lengths that identify the source, the type of information (voice or data) that follows, and when the traffic is encrypted, encryption keys that prevent the transmission from being heard by a radio which doesn’t have the matching codes. The authors of the paper found that the markings on the radios that turned the encryption on or off were so cryptic themselves that many of them thought they were transmitting encrypted, when they were actually sending “in the clear.” The knobs and indicators for encryption were poorly located, making it easy to turn encryption on and off while adjusting the volume or changing radio channels.



There are blocks of frequencies allocated for the exclusive use of federal law enforcement agencies. These are allocated by the National Telecommunications and Information Administration, and are not published, as are FCC-allocated channels. The allocation is made by both region and user agency, so that a channel used by the FBI in New York might be the one used by the U.S. Forest Service in Boise. Even though the assignments are confidential, the researchers were able to scan the federal bands in two large U.S. cities and monitor ongoing operations at length. The encryption problem became obvious, as users openly discussed names and descriptions of informants, appearance and vehicles of undercover agents and surveillance operators, and plans for raids and arrests. The researchers used a $1000 bench-type receiver, but indicated that the same task could be accomplished with gear from Radio Shack.

Techies are familiar with the acronym “RTFM,” or “Read the [Bleeping] Manual.” The manual for a P25 radio from one well-known manufacturer is 150 pages long. On top of that, most P25 radios are user-configurable, so that combinations of button presses and switch settings set the radio to work in specific ways the owner agency thinks is appropriate. The net effect is that — in addition to the 150-page manual — each agency has to publish their own user manual if they want their users to understand all the functions of the radio and how to use them. Of course, getting the users to read those manuals is another matter.



Digital communications has several advantages over analog, one being that if a portion of a transmission is not received or corrupted in sending, an error-correction protocol identifies it and sends a request for a re-send. The University of Pennsylvania researchers found they could manipulate this mechanism and send a string of renegade error messages to a radio, triggering a string of retransmit requests. There would be no retransmit, as the messages pointed to a nonexistent message stream, but the nearly continuous transmission could be used with a direction finder to pinpoint the location of the radio. Someone who was running countersurveillance on law enforcement users would be able to tell by this method when officers were active, and where they were.



A variation on the data packet manipulation worked to disable the radios entirely. The researchers purchased a toy text messaging device called an IM-Me http://uk.girltech.com/electronics-imMe.aspx , which sends and receives text messages between a computer and the toy, which looks like a text pager. By loading some custom firmware onto the device, it could be set to transmit corrupted data packets to P25 radios and confound their reception. The device had to transmit these packets for milliseconds at a time, making it very difficult to locate and identify.

The authors of this paper are all “good guys” who have no agenda for compromising public safety communications, but if they can produce the hardware and software necessary to manipulate P25 radios, you can bet someone with less honorable motives can, as well. These new P25 radios are expensive; one available from Midland costs $3295. Hopefully, that custom-configuration capacity can be used to modify the radio firmware and close some of these security gaps. In the meantime, if your agency is using or contemplating a purchase of P25 radios, you should revisit your security procedures and contact your vendor to determine how vulnerable your communications may be. 



-News Source (Tim Dees & Police One)






SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-




























Cyber criminals, beware!!!






 Posted by Avik Sarkar
 On 5/08/2011 03:22:00 am












Digital forensic examiners will now be able to extract evidence from the computer of cyber criminals and preserve it to be provided to law enforcement authorities.




Ajman Medical District, in coordination with Drug Control and Registration Department, invited experts from the US Seattle-based Cyber Security Institute to provide training in digital forensics aimed at combating Cybercrime cases in the country.
Steve Hailey, President/CEO of the Cyber Security Institute (CSI) and Digital Forensic Examiner and Educator said the five-day training course which concluded on Thursday, trained members of several law enforcement agencies as well as employees of the Ajman Medical District on every aspect a competent forensic examiner needs to know in order to properly acquire, interpret and report findings related to digital evidence to be provided to court, police and attorneys.
The trainees were, at the end of the course certified as forensic digital examiners to provide evidence analysis on various cases of cyber crimes and also be witnesses in courts. They were introduced to concepts and techniques every computer forensics practitioner must master. CSI had earlier delivered the same course to IT professionals, the Department of Defense, law enforcement in the United States and the UAE, as well as the Ministry of Justice in the UAE.
The course attendees will receive five college credits from Edmonds Community College in Washington State, USA, for successfully completing the course. Edmonds Community College is recognised for providing cutting-edge training programmes for information security, digital forensics, and data recovery.
Hamad Al Shamsi, Director of Ajman medical district said that digital forensics capability is now essential within any organisation to combat fraudulent, illegal, and prohibited computer activity. This modern threat environment includes high risk for privacy invasion, financial crimes and identity theft. This environment dictates a need for legal, regulatory, and best practice requirements to preserve evidence and assure evidence is admissible in a court of law.
“Professionals from defence and intelligence agencies, law enforcement and corporations take our training because our hands-on case based instruction emphasises analytical problem solving skills and the practical knowledge required to process a case involving digital evidence from start to finish,” said Mike Andrew, CSI President of Training and Education.
“The Internet and its communications capability is the nervous system of any nation’s critical infrastructures, and is therefore extremely critical in maintaining economic productivity,” said Akram Ali, CSI Vice President of Global Business Relations. “Because of the economic importance that is associated with the Internet and its communications capabilities, criminals and sometimes a company’s own employees are looking for ways to exploit it for their own financial gain or to commit fraud. The use of technology to facilitate the commission 






SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-




























Wikileaks said US offered to bankroll New Zealand piracy crackdown






 Posted by Avik Sarkar
 On 5/03/2011 11:25:00 pm















Making your country's views known is a principal function of foreign  embassies, but the US goes much further. According to cables released by  WikiLeaks, the US embassy in New Zealand urged Uncle Sam to fork over  about half a million New Zealand dollars back in 2005 to bankroll a  private intellectual property enforcement unit run by major  rightsholders in the region.

Operated on an informal basis by the  Recording Industry Association of New Zealand (RIANZ)  and the Australasian Mechanical Copyright Owners Society (AMCOS), the  US identified the "unit" as the only potential bulwark against music  piracy in the region.

  "It is developing an intelligence framework to identify local  producers of pirated works, distributors, criminal networks and  recipients and to work with relevant government, law enforcement,  customs and other authorities and stakeholders," the embassy's cable  noted. "The unit aims to prevent piracy by sharing intelligence with  other organizations and agencies, lobbying political parties and the  judiciary on the harm to industry and supporting public awareness  campaigns."

The outfit would also launch "enforcement operations" targeting  makers and distributors of illegal material, and it would "train law  enforcement and other agencies in the implementation of intellectual  property legislation through identifying offenses and disrupting piracy  activities."

The cable drew up a recommended budget of NZ$533,000 (US $386,158)  for the operation, with over $200,000 going to salaries and the rest  funding start-up and operating costs.


A proposed US budget for the New Zealand/South Pacific IP enforcement program.
Did any of this money get spent? If it had, it would have come from the US's Intellectual Property Rights Training Program,  mentioned as the proper source in the cable. We did an IPR database  search for RIANZ and AMCOS, but couldn't find either group listed,  although a slew of other training programs  popped up. 


Repeated offers 
But this isn't the only way that the US tried to wield influence on  the region; it's also willing to help countries write their laws. A May 2009 cable  indicates that the US pretty much offered carte blanche help to New  Zealand as it was rethinking its "three strikes" illegal file sharing  law. "Embassy in the meantime has repeated its offer of assistance to  [Government of New Zealand] officials to offer consultations with  [United States Government] copyright experts through a [Digital Video  Conference]," the missive explained. 

As we reported at the time, New Zealand's government eventually yanked  the punitive Section 92A of the bill, denounced by content providers  and ISPs as vague and impossible to implement. But the US seemed  confident at the time that New Zealand would eventually come through  with a new edition of the law.

Embassy officials also made clear their irritation with those who opposed industry-friendly copyright changes.


   In the meantime, the IPR community has engaged the services of  Price Waterhouse consultants to do a cost-benefit analysis on the  potential losses to the NZ economy if the new S92A fails to be enacted.  The IPR industry wants to be prepared to counter any false claims by  opponents of the new provision who successfully managed to monopolize  the local media's attention in the last round. 


In the end, the US Trade Representative decided not to put New Zealand on its Special 301 Priority list—the watchdog list for countries of whose IP standards the US does not approve.

 "While there is additional work to be done to strengthen the law and  enhance enforcement," a March 2009 cable concluded, "Post recommends  the better course of action is to continue engagement with the GNZ and  monitor the progress of IP legislation rather than place New Zealand on  this year's watch list."








SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-




























More Than 7000 Law Enforcement Officials’ Private Information Leaked By Anonymous (#Antisec)






 Posted by Avik Sarkar
 On 8/01/2011 02:12:00 pm














More than 77 law enforcement computers were hacked from outside of  the United States on Saturday. A hacking group targeted by the FBI is  posting the confidential information online. The group intends to do a  “rolling release” of information in the days and weeks to come.
 
The hacking comes on the heels of the arrest of 14 people suspected to be members of the hacking group "Anonymous." 
 
Hackers “AntiSec” and “Anonymous” announced  via Twitter tonight that  they absconded with up to 10 Giga Bytes of confidential information,  including protected witnesses.  They have posted more than 7,000 law  enforcement officials’ private information online including: their  social security numbers; email accounts and passwords; phone numbers and  home addresses on pastebin
 
The victims of the hacking were unaware of the breach on Saturday  night, according to a law enforcement official in Mo., where some of the  victims work. Their information was not secure and their emails were  open to anybody who knew where to find the information posted by  "Anonymous."
 
The group is threatening to release additional information  at PasteBin in retaliation for FBI arrests of 14 alleged computer  hackers in the U.S. and Europe, who are suspected to be members of their  group.
 
Supervisory Special Agent Jason Pack of the FBI press office in  Washington declined all comment on the breach. The FBI will be releasing  an official statement later.
 
“Anonymous” is also calling for the release of those arrested and a halt to their prosecutions.
 
The information due to be posted allegedly includes the identity of  “snitches,” according to "Anonymous" and additional information about  prisoners and witnesses will be posted.  They claim to have redacted the  information about prisoners due to sympathy regarding their  incarceration.

Websites that were allegedly defaced by the hacking group were  "mirrored" at sites hosted by "Anonymous" so people could view them  after they were taken off line by their owners. A mirror site is a snap  shot in time of a website. The mirror sites are listed by "Anonymous" on  their Twitter accounts.
 
In their Twitter news account, “AnonymousIRC” the group posted the following notice to the FBI.
 
“Dear @FBIPressOffice, do you know what happens if these people are convicted? This is no threat as we don't know either. But *we* expect us.”









SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-




























Japan Criminalizes are Creating Computer Virus






 Posted by Avik Sarkar
 On 6/19/2011 01:14:00 pm

















In order to combat the rising tide of cyber crime, the Japanese government has enacted a sweeping new law that criminalizes the creation of computer viruses and grants broad powers to law enforcement investigating computer crimes. The new legislation became law this past Friday, and is meant to provide new tools to Japanese police who perviously had no domestic laws with which to prosecute cyber criminals.
According to The Mainichi Daily News, the law carries a three year jail sentence and fines in excess of $6,000 (500,000 Yen) for creating and distributing computer viruses, and lesser fines and jail time for acquiring and storing viruses. Fortunately for computer security researchers, the law provides a “reasonable cause” caveat. The law also makes it illegal to send pornographic email spam.
Not everyone is happy about the new law, however. There are some concerns over language in the law which allows law enforcement to seize or copy data from computers connected via networks to computers used to commit virus-related crimes. Investigators can also seize and retain electronic communication records for up to 60 days. This has caused some controversy in the country, as Japan’s constitution guarantees the privacy of communications. The Japanese government has sought to quell concerns by including a directive that the law be applied appropriately.
The adoption of the law reflects the escalating concern over cybercrime across the international stage. The creation of this domestic law in Japan concludes some of the provisions of the Budapest Convention on Cybercrime, of the which the US is also a signer. The recent policy statements from the White House on cyber crime were derived from the same treaty. Of course, how well these new laws will function remains to be seen.






SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-




























Anonymous Exposed The Private Information of The Special Agent, Officers, Cyber Crime Investigators Of Department Of Justice






 Posted by Avik Sarkar
 On 11/26/2011 04:08:00 pm














The hacktivists claim to have hacked into Baclagan's Gmail account and to have accessed his voicemails and SMS message logs using unspecified techniques as part of their ongoing campaign against law enforcement officials and their "allies" in the computer security industry.
The email dump, released as a torrent last Friday in part of what has become the group's regular FuckFBIFriday release, is also said to contain personal information including Baclagan's home address and phone number. The cache of emails – which according to AntiSec are from the account of Fred Baclagan, a retired special agent supervisor of the Californian Department of Justice – includes 38,000 emails detailing various computer forensic techniques and cybercrime investigation protocols. 
Baclagan told that he was nobody special in the Justice Department ... which is what he would say, of course. He said that he had specialised in identity theft before he retired last year. "I'm really just a nobody," he told the Post, "just a local investigator, not involved in anything dynamic or dramatic



In the Press Release Anon Said:-



################################################################################
#        ANTISEC LEAKS DOJ SPECIAL AGENT SUPERVISOR'S PRIVATE EMAILS,         #
#               IACIS CYBERCRIME INVESTIGATOR COMMUNICATIONS                              #
#         care of the #OCCUPYWALLST CRACKDOWN RETALIATION TASK FORCE         #       
################################################################################



Greetings Pirates, and welcome to another exciting #FuckFBIFriday release.



As part of our ongoing effort to expose and humiliate our white hat enemies, we
targeted a Special Agent Supervisor of the CA Department of Justice in charge of
computer crime investigations. We are leaking over 38,000 private emails which
contain detailed computer forensics techniques, investigation protocols as well
as highly embarrassing personal information. We are confident these gifts will 
bring smiles to the faces of our black hat brothers and sisters (especially 
those who have been targeted by these scurvy dogs) while also making a mockery 
of "security professionals" who whore their "skills" to law enforcement to 
protect tyrannical corporativism and the status quo we aim to destroy.



We hijacked two gmail accounts belonging to Fred Baclagan, who has been a cop
for 20 years, dumping his private email correspondence as well as several dozen 
voicemails and SMS text message logs. While just yesterday Fred was having a 
private BBQ with his CATCHTEAM high computer crime task force friends, we were 
reviewing their detailed internal operation plans and procedure documents. We 
also couldn't overlook the boatloads of embarrassing personal information about 
our cop friend Fred. We lulzed as we listened to angry voicemails from his 
estranged wives and ex-girlfriends while also reading his conversations with 
girls who responded to his "man seeking woman" craigslist ads. We turned on his 
google web history and watched him look up linux command line basics, golfing 
tutorials, and terrible youtube music videos. We also abused his google 
voice account, making sure Fred's friends and family knew how hard he was owned.



Possibly the most interesting content in his emails are the IACIS.com internal
email list archives (2005-2011) which detail the methods and tactics cybercrime 
units use to gather electronic evidence, conduct investigations and make 
arrests. The information in these emails will prove essential to those who want 
to protect themselves from the techniques and procedures cyber crime 
investigators use to build cases. If you have ever been busted for computer 
crimes, you should check to see if your case is being discussed here. There are 
discussions about using EnCase forensic software, attempts to crack TrueCrypt 
encrypted drives, sniffing wireless traffic in mobile surveillance vehicles, how 
to best prepare search warrants and subpoenas, and a whole lot of clueless 
people asking questions on how to use basic software like FTP. In the end, we
rickrolled the entire IACIS list, causing the administrators to panic and shut
their list and websites down.



These cybercrime investigators are supposed to be the cream of the crop, but we
reveal the totality of their ignorance of all matters related to computer
security. For months, we have owned several dozen white hat and law enforcement
targets-- getting in and out of whichever high profile government and corporate
system we please and despite all the active FBI investigations and several
billion dollars of funding, they have not been able to stop us or get anywhere
near us. Even worse, they bust a few dozen people who are allegedly part of an
"anonymous computer hacking conspiracy" but who have only used 
kindergarten-level DDOS tools-- this isn't even hacking, but a form of
electronic civil disobedience. 



We often hear these "professionals" preach about "full-disclosure," but we are
sure these people are angrily sending out DMCA takedown notices and serving
subpoenas as we speak. They call us criminals, script kiddies, and terrorists, 
but their entire livelihood depends on us, trying desperately to study our 
techniques and failing miserably at preventing future attacks. See we're cut 
from an entirely different kind of cloth. Corporate security professionals like
Thomas Ryan and Aaron Barr think they're doing something noble by "leaking" the
public email discussion lists of Occupy Wall Street and profiling the "leaders"
of Anonymous. Wannabe player haters drop shitty dox and leak partial chat logs
about other hackers, doing free work for law enforcement. Then you got people 
like Peiter "Mudge" Zatko who back in the day used to be old school l0pht/cDc 
only now to sell out to DARPA going around to hacker conventions encouraging 
others to work for the feds. Let this be a warning to aspiring white hat 
"hacker" sellouts and police collaborators: stay out the game or get owned and 
exposed. You want to keep mass arresting and brutalizing the 99%? We'll have to 
keep owning your boxes and torrenting your mail spools, plastering your personal 
information all over teh internets.



Hackers, join us and rise up against our common oppressors - the white hats, the 
1%'s 'private' police, the corrupt banks and corporations and make 2011 the year 
of leaks and revolutions! 



We are Anti-Security,
We are the 99%
We do not forgive.
We do not forget.
Expect Us!



For More information Click Here












SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-




























LulzSec Spokesman Busted By Scotland Yard






 Posted by Avik Sarkar
 On 7/29/2011 12:02:00 pm














Scotland Yard's cybercrime unit has arrested a teenager it suspects  of working as the spokesman for the Lulz Security hacking collective,  officials said Wednesday. 
The Metropolitan Police's Central e-Crime Unit arrested a  18-year-old at an address in Scotland's remote Shetland Islands, the  force said in a statement. His name wasn't released, but police said he  was believed to be "Topiary," one of LulzSec's most prominent members. 
Police originally gave his age as 19 but later issued a correction. 
LulzSec shot to prominence in May with attacks on the US Public  Broadcasting Service - whose website it defaced by posting a bogus story  claiming that the late rapper Tupac Shakur had been discovered alive in  New Zealand.
The group is a spin-off of Anonymous, an amorphous collection of  Internet enthusiasts, pranksters and activists whose targets have  included the Church of Scientology, the music industry, and financial  companies including Visa and MasterCard. 
Topiary was linked to both groups, serving as the on-again, off-again media liaison for the publicity-hungry hackers. 
In his only known television interview, on the "David Pakman  Show" earlier this year, Topiary phoned in via Skype to feud with  Shirley Phelps-Roper of the Westboro Baptist Church, a Kansas-based  group notorious for picketing the funerals of slain American soldiers. 
Anonymous vandalised the church's website live over the course of the interview. 
In conversations with The Associated Press, Topiary said he  controlled LulzSec's Twitter feed, which garnered some 300,000 followers  over the course of its six-week-long Internet rampage. 
LulzSec has claimed responsibility for breaches at pornography  websites, gaming companies, and law enforcement organisations. It's also  claimed credit for harassing seemingly random targets including an  obscure New Jersey-based magnet manufacturer. 
One its most spectacular hacks was against Sony Pictures  Entertainment. The group posted the usernames, passwords, email  addresses and phone numbers of tens of thousands of people, many of whom  had given Sony their information for sweepstakes draws. Another  stinging series of breaches last month targeted Arizona's police force  in protest against its contentious immigration law. Officers had to  scramble to change their numbers because their phones were being jammed  with calls. 
Shortly thereafter the group abruptly announced it was  disbanding, although Topiary said at the time that the group wasn't  bowing to police pressure. 
"We're not quitting because we're afraid of law enforcement," he  said in a Skype call. "The press are getting bored of us, and we're  getting bored of us." 
Attempts to reach Topiary since then have been unsuccessful, although his group recently re-emerged from retirement, defacing The Sun  newspaper's website with a fake story claiming that media tycoon Rupert  Murdoch had died. In one of its last messages, LulzSec said it was  working with unnamed media outlets on a WikiLeaks-style release of  emails it claimed to have stolen from the tabloid. 
Topiary's once-plentiful Twitter feed was practically wiped clean  Wednesday. The only remaining post, from nearly a week ago, read: "You  cannot arrest an idea." 
The latest arrest is one of an increasing number claimed by law  enforcement in Britain and the United States in connection to their  investigations into Anonymous and its offshoots. Last week, the FBI,  British and Dutch officials carried out 21 arrests, many of them related  to the group's attacks on Internet payment provider PayPal Inc., which  has been targeted over its refusal to process donations to WikiLeaks. 
Last month another 19-year-old, Ryan Cleary, was charged with  attacks on Britain's Serious Organized Crime Agency and various UK-based  music sites. Although at least one of the attacks he was charged with  seemed linked to LulzSec, Topiary claimed at the time that Cleary was at  most only tangentially involved with the group. 
Scotland Yard said Wednesday it was also searching a residential  address in Lincolnshire, in central England, and interviewing an unnamed  17-year-old in connection with the investigation. The second teen has  not been arrested.



-News Source (IBN) 






SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-




























Global Payment company Visa Conducted Security Training For CBI Officials






 Posted by Avik Sarkar
 On 6/07/2012 12:16:00 am











Global Payment company Visa Conducted Security Training For CBI Officials To Fight Against Cyber-Crime


Global Payment company Visa has sensitized officials from the Central  Bureau of Investigation (CBI) about modus operandi of electronic payment  frauds and measures to combat the rising cyber-crime. This whole campaign was a part of spreading awareness on changing nature of cyber crime and card frauds in India. Visa conducted a workshop in New Delhi where CBI officials of economic  offence wing were given information on global trends in fraud risk  management, cybercrime and measures available to detect and combat them.  The company said that given the rapidly changing nature of cybercrime  and card fraud in India, the objective of the awareness programme was to  share the modus operadi of electronic payment frauds and the  intricacies involved in them. 
Visa said it has stepped up its electronic payments security awareness  initiative with a Cards Fraud and Payments Risk Awareness Programme for  Indian law enforcement agencies.

"This programme has been developed in response to growing government and  public concerns around increased fraud exposures around electronic  payment products, cyber security and cyber crime," it said in a  statement. Visa Group Country Manager (India and South Asia) Uttam Nayak said the  company is committed to developing a safe and secure online experience.  "Through such programmes we play our part in keeping the country's  payment system safe and ensure that law enforcement agencies have the  latest skills at their disposal," he said.

VK Gupta, Special Director of CBI said that as a law enforcement agency,  it is critical to understand the evolving cybercrime landscape and the  latest technology used to track and prevent criminal activities.
-Source (Money Life) 















SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-




























FBI & NCFTA Combining Forces to Fight Better Against Cyber Crime






 Posted by Avik Sarkar
 On 9/20/2011 04:30:00 pm

















Long before it was acknowledged to be a significant criminal and national security threat, the FBI established a forward-looking organization to proactively address the issue of cyber crime. Since its creation in 1997, the National Cyber Forensics and Training Alliance (NCFTA), based in Pittsburgh, has become an international model for bringing together law enforcement, private industry, and academia to share information to stop emerging cyber threats and mitigate existing ones.
“The exchange of strategic and threat intelligence is really the bread and butter of the NCFTA,” said Special Agent Eric Strom, who heads the FBI unit—the Cyber Initiative and Resource Fusion Unit (CIRFU)—assigned to the NCFTA. “The success of this effort at every level comes down to the free flow of information among our partners.”
When the nonprofit NCFTA was established, the biggest threat to industry was from spam—those annoying unsolicited e-mails that fill up inboxes. Today, the organization deals with malicious computer viruses, stock manipulation schemes, telecommunication scams, and other financial frauds perpetrated by organized crime groups who cause billions of dollars in losses to companies and consumers.
The NCFTA essentially works as an early-warning system. If investigators for a major banking institution, for example, notice a new kind of malware attacking their network, they immediately pass that information to other NCFTA members. Alliance members—many have staff permanently located at the NCFTA—then develop strategies to mitigate the threat. FBI agents and analysts from CIRFU, also located at NCFTA headquarters, use that information to open or further existing FBI investigations, often in concert with law enforcement partners around the world.
“Cyber crime has changed so much since those early days of spamming,” Strom said. “And the threat continues to evolve globally, which is why the NCFTA’s work is so critical to both business and law enforcement.”
The organization draws its intelligence from hundreds of private-sector members, Carnegie Mellon University’s Computer Emergency Response Team (CERT), and the FBI’s Internet Crime Complaint Center (IC3). That extensive knowledge base has helped CIRFU play a key role in some of the FBI’s most significant cyber cases in the past several years. (See sidebar.)



-News Source (NCFTA & FBI)












SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-




























Microsoft Along With FBI & EC3 Shattered The Notorious ZeroAccess Botnet






 Posted by Avik Sarkar
 On 12/08/2013 01:14:00 am
















Microsoft Along With FBI & EC3 Shattered The Notorious ZeroAccess Botnet Responsible For Infecting More Than 2 Million Computers





Redmond based software giant Microsoft yet again got a huge success against a big racket of cyber criminals while shattering one of the world's largest and most rampant botnets named 'ZeroAccess'. The Sirefef botnet, also known as ZeroAccess, is responsible for infecting more than 2 million computers, specifically targeting search results on Google, Bing and Yahoo search engines, and is estimated to cost online advertisers $2.7 million each month. Tech giant Microsoft working alongside the Federal Bureau of Investigation (FBI), Europol's European Cybercrime Centre (EC3) have successfully disrupted this notorious botnet. This is Microsoft’s first botnet action since the Nov. 14 unveiling of its new Cybercrime Center — a center of excellence for advancing the global fight against cyber crime — and marks the company’s eighth botnet operation in the past three years. 















“This operation marks an important step in coordinated actions that are initiated by private companies and, at the same time, enable law enforcement agencies around Europe to identify and investigate the criminal organizations and networks behind these dangerous botnets that use malicious software to gain illicit profits,” said Troels Oerting, head of the EC3. “EC3 added its expertise, information communications technology infrastructure and analytic capability, as well as provided the platform for high-level cooperation between cyber crime units in five European countries and Microsoft.”





Due to its botnet architecture, ZeroAccess is one of the most robust and durable botnets in operation today and was built to be resilient to disruption efforts, relying on a peer-to-peer infrastructure that allows cyber criminals to remotely control the botnet from tens of thousands of different computers. ZeroAccess is used to commit a slew of crimes, including search hijacking, which “hijacks” people’s search results and redirects people to sites they had not intended or requested to go to in order to steal the money generated by their ad clicks. ZeroAccess also commits click fraud, which occurs when advertisers pay for clicks that are not the result of legitimate, interested human users’ clicks, but are the result of automated Web traffic and other criminal activity. Research by the University of California, San Diego shows that as of October 2013, 1.9 million computers were infected with ZeroAccess, and Microsoft determined there were more than 800,000 ZeroAccess-infected computers active on the Internet on any given day.











How It Happened:- 





Last week, Microsoft filed a civil suit against the cyber criminals operating the ZeroAccess botnet and received authorization from the U.S. District Court for the Western District of Texas to simultaneously block incoming and outgoing communications between computers located in the U.S. and the 18 identified Internet Protocol (IP) addresses being used to commit the fraudulent schemes. In addition, Microsoft took over control of 49 domains associated with the ZeroAccess botnet. A10 Networks provided Microsoft with advanced technology to support the disruptive action.



As Microsoft executed the order filed in its civil case, Europol coordinated a multijurisdictional criminal action targeting the 18 IP addresses located in Europe. Specifically, Europol worked with Latvia, Luxembourg, Switzerland, the Netherlands and Germany to execute search warrants and seizures on computer servers associated with the fraudulent IP addresses located in Europe. This is the second time in six months that Microsoft and law enforcement have worked together to successfully disrupt a prevalent botnet. It demonstrates the value coordinated operations have against cyber criminal enterprises. For more information about this botnet operation click here







ZeroAccess is counted as a very sophisticated malware, blocking attempts to remove it, therefore recommended for every Microsoft user to click Here for detailed instructions on how to remove this threat. As Microsoft found that the ZeroAccess malware disables security features on infected computers, leaving the computer susceptible to secondary infections, it is critical that victims rid their computers of ZeroAccess by using malware removal or antivirus software as quickly as possible. 



In conversation with press David Finn, executive director and associate general counsel of the Microsoft Digital Crimes Unit said -“Microsoft is committed to working collaboratively — with our customers, partners, academic experts and law enforcement — to combat cybercrime. And we’ll do everything we can to protect computer users from the sinister activities and criminal networks that victimize innocent people and businesses around the world.” 







While talking about ZeroAccess botnet take down, I would like to remind you that in Match, last year Microsoft has successfully shutdown two command and control (C&C) server of world's of the most dangerous banking trojan Zeus.





















SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-




























Lulzsec may be Officially Disbanded, But FBI is In Search of Lulzsec






 Posted by Avik Sarkar
 On 6/30/2011 05:27:00 am




















SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-




























Hackers plan third attack on Sony






 Posted by Avik Sarkar
 On 5/07/2011 01:15:00 am














Hackers are planning a third attack on Sony in retaliation for its handling of the PlayStation Network and Online Entertainment services data breaches, according to US reports.
The attack on Sony's website is planned for this weekend, says a CNet report, citing an unnamed observer of the Internet Relay Chat (IRC) channel used by the hackers.
According  to the source, the hackers claim to have access to some of Sony's  servers and plan to publish information they are able to copy from those  servers.
Although Sony has stopped short of blaming the hacker  group known as Anonymous for the latest breaches, it said in a letter to  a Congressional hearing that it had found a file named "Anonymous"  containing a fragment of the group's slogan, "We are Legion".
   
     
  
Anonymous has a history of  denial-of-service attacks against Sony websites in retaliation for  Sony's legal action against hacker George Hotz, but the group has denied  responsibility. 
Anonymous has never been known to have engaged in credit card theft, the group said in a statement.
According  to the group, whoever broke into Sony's servers to steal the credit  card information and left a document blaming Anonymous clearly wanted  Anonymous to be blamed.
"No one who is actually associated with  our movement would do something that would prompt a massive law  enforcement response. On the other hand, a group of standard online  thieves would have every reason to frame Anonymous in order to put law  enforcement off the track," the statement says. 
   
     
 
In an attempt to tackle criticism for its handling of the breach, Sony has issued a letter to customers in which it blames forensic analysis for delays in notifying customers that their personal data may have been stolen.
The  company has also promised to help protect customers from identity theft  around the world and offer a "Welcome Back" package, including free  subscriptions, once its networks are restored.






SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-




























Hollywood Celebrities Nude Photo Hacker Sentenced to 10 Years in Prison






 Posted by Avik Sarkar
 On 12/21/2012 07:17:00 pm














Hollywood Celebrities Nude Photo Hacker Sentenced to 10 Years in Prison 











Photo hacking case of Hollywood celebrities takes another direction, as Christopher Chaney, who pleaded guilty to hacking into the e-mail accounts of Scarlett Johansson and other celebrities including Mila Kunis, Christina Aguilera and few others, has been sentenced to 10 years in prison by the  federal judge in Los Angeles. Chaney was arrested last year as part of a year-long investigation  of FBI dubbed Operation Hackerazzi. At a hearing on Monday, U.S. District Court judge S. James Otero said that Chaney's conduct demonstrated a "callous disregard to the victims," some 50 in total, including two non-celebrities who the judge noted was stalked by Chaney for more than 10 years. The prison term was accompanied by an order to pay $66,179 in restitution. Chaney pleaded guilty to nine offences, including illegal wire-tapping and unauthorized access to computers. In his guilty plea, Chaney admitted to having repeatedly hacked email accounts over a period of at least eleven months. He hacked into email accounts by taking advantage of the "forgotten password" feature on web interfaces and using publicly available information to answer security questions. 



Chaney admitted that as his hacking scheme became more extensive, he began using a proxy service called “Hide My IP” because he wanted to “cover his tracks” and not be discovered by law enforcement agents. Even after his home computers were seized by law enforcement, Chaney used another computer to hack into another victim’s e-mail account. As a result of his hacking scheme, Chaney obtained private photographs and confidential documents, including business contracts, scripts, letters, driver’s license information, and Social Security information. On several occasions, after hacking into victims’ accounts, Chaney sent e-mails from the hacked accounts, fraudulently posing as the victims and requesting more private photographs. Chaney e-mailed many of the stolen photographs to others, including another hacker and two gossip websites. As a result, some of the stolen photographs were posted on the Internet.



"I don't know what else to say other than I'm sorry," Chaney said. "I could be sentenced to never use a computer again and I wouldn't care." For detailed information about this case click here.






































SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
































Related Posts Plugin for WordPress, Blogger...


















Site search