President Obama & Congress Will Issue Long Awaited Executive Cyber Security Order

President Obama & Congress Will Issue Long Awaited Executive Cyber Security Order 

Last week we reported that Pentagon has declared that they are moving toward a major expansion of its cyber security force to counter increasing attacks on the nation’s computer networks, as well as to expand offensive computer operations on foreign adversaries. Just one week after this declaration another crucial movement came from the U.S. government.  A secret legal review on the use of America’s growing arsenal of cyber weapons has concluded that President Obama has the broad power to order a pre-emptive strike if the United States detects credible evidence of a major digital attack looming from abroad. According to sources President Barack Obama will issue a long-awaited cyber security executive order this week. Two former White House officials told the publication that the order is expected to be released after Tuesday night's State of the Union address. 

Given his status as commander-in-chief, Obama seems to be the clear choice, but since cyber warfare is such a new and unknown thing, the government hasn't actually figured out the rules of engagement yet. In the past couple of decades, the power to use America's cyber weapons has been shared between the Pentagon and the various intelligence agencies. With the exception of a series of strikes on the computer systems that run Iran's nuclear enrichment facilities an attack that Obama ordered himself the U.S. hasn't launched any major cyber attacks in recent memory, however. This probably won't be the case in the future. So the government is working on new rules of engagement, as it realizes that the capabilities of cyber weapons are evolving at a startling rate. The rules will be not unlike the set that governs how drone attacks are ordered and who orders them. Cyber warfare certainly stands to affect the average American more, though.  On Capitol Hill this week, Rep. Dutch Ruppersberger (D-Md.) and Rep. Mike Rodgers (R-Mich.) are set to reintroduce the Cyber Intelligence Sharing and Protection Act (CISPA) during a speech at the Center for Strategic and International Studies.

According to an exclusive report the bill would allow the government to share classified cyber threats with the private sector so that those companies can then protect their systems from cyber attacks. The bill was killed last year due to privacy concerns. Civil-liberty groups argued that the bill allows companies to exchange too much personal information back and forth without regulation. 

-Source (Bloomberg, NY Times & Atlantic Wire)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">President Obama & Congress Will Issue Long Awaited Executive Cyber Security Order"https://www.voiceofgreyhat.com/2013/02/Obama-Congress-Will-Issue-Executive-Cyber-Security-Order.html</a>

US House of Intelligence Committee Warn American Companies Doing Business with Huawei & ZTE

US House of Intelligence Committee Warn American Companies Doing Business with Huawei & ZTE

Though US is very much advance and updated on cyber security but after facing so many large cyber attacks from China, now American government taking few steps to avoid any kind of cyber espionage. Recently the US House Intelligence Committee says that the American companies should avoid doing business with two of China's leading technology firms, ZTE and Huawei. Many of us will not agree with this decisions  but while keeping in mind latest cyber attacks and damages, the authorities have no other way left. 

The Chairman and Ranking Member of the House Intelligence Committee, Mike Rogers (R-MI) and C.A. Dutch Ruppersberger released a report recommending to U.S. companies considering doing business with Chinese telecommunications companies Huawei and ZTE to find another vendor.  The report encourages U.S. companies to take into account the long-term security risks associated with either company providing equipment or services to our telecommunications infrastructure.  Additionally, the report recommends that U.S. government systems, particularly sensitive systems, exclude Huawei or ZTE equipment or component parts. The report highlights the interconnectivity of U.S. critical infrastructure systems and warns of the heightened threat of cyber espionage and predatory disruption or destruction of U.S. networks if telecommunications networks are built by companies with known ties to the Chinese state, a country known to aggressively steal valuable trade secrets and other sensitive data from American companies.  Additionally, the report notes that modern critical infrastructure is incredibly connected, everything from electric power grids to banking and finance systems to natural gas, oil, and water systems to rail and shipping channels. All of these entities depend on computerized control systems. The risk is high that a failure or disruption in one system could have a devastating ripple effect throughout many aspects of modern American living.

The report, released in a Capitol Hill news conference, states that Huawei and ZTE provided incomplete, contradictory, and evasive responses to the Committee’s core concerns.  The report comes after a year-long investigation into the national security dangers posed by Huawei and ZTE, the two largest Chinese telecommunications companies doing business in the United States.

The Report Includes Five Recommendations:-

1. US government systems and US government contractors, particularly those working on sensitive systems, should exclude any Huawei or ZTE equipment or component parts.  Additionally, the Committee on Foreign Investments in the United States (CFIUS) must block acquisitions, takeovers, or mergers involving Huawei and ZTE given the threat to U.S. national security interests.

2. U.S. network providers and systems developers are strongly encouraged to seek other vendors for their projects.

3. Unfair trade practices of the Chinese telecommunications sector should be investigated by committees of jurisdiction in U.S. Congress and enforcement agencies in the Executive Branch.  Particular attention should be paid to China’s continued financial support of key companies.

4. Chinese companies should quickly become more open and transparent. Huawei, in particular, must become more transparent and responsive to U.S. legal obligations.

5. Committees of jurisdiction in Congress should consider potential legislation to better address the risk posed by telecommunications companies with nation-state ties or otherwise not clearly trusted to build critical infrastructure, including increasing information-sharing among private sector entities and expanding a role for the CFIUS process to include purchasing agreements.

To Download the Full 60 Page Report Click Here

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">US House of Intelligence Committee Warn American Companies Doing Business with Huawei & ZTE"https://www.voiceofgreyhat.com/2012/10/USHouse-of-Intelligence-Committee-Warn-American-Companies-Doing-Business-with-Huawei-ZTE.html</a>

iPhone 4S Hacked By Dutch Researchers During Pwn2Own Contest

iPhone 4S Hacked By Dutch Researchers During Pwn2Own Contest & Won $30,000 Prize

 

So called fully patched and secured iPhone 4S have fall into victim in-front of hackers. Two Dutch clever minds during a Pwn2Own contest were able to hack a fully patched iPhone 4S to gain a slew of information from the device. The hackers, Joost Pol and Daan Keuper, were able to find vulnerability in WebKit that allowed them to hi-jack photos, videos, address book contacts, and browsing history right from the phone. The two earned a $30,000 cash-prize for performing what they call “a clean hack.” 

That was the intellectual challenge that drove a pair of Dutch researchers to start looking for an exploitable software vulnerability that would allow them to hijack the address book, photos, videos and browsing history from a fully patched iPhone 4S. 

"It took about three weeks, starting from scratch, and we were only working on our private time," says Joost Pol (photo left), CEO of Certified Secure, a nine-person research outfit based in The Hague. Pol and his colleague Daan Keuper used code auditing techniques to ferret out the WebKit bug and then spent most of the three weeks chaining multiple clever techniques to get a "clean, working exploit." "We really wanted to see how much time it would take a motivated attacker to do a clean attack against your iPhone. For me, that was the motivation. The easy part was finding the WebKit zero-day," Pol said in an interview.  Once the vulnerability in WebKit was found, the hackers said they put many things together in about three weeks to write an exploit to hack the iPhone 4S. The two found that the exploit developed also worked for iOS 6 (released today) and all previous versions of iOS devices.

Although the successful attack exposed the entire address book, photo/video database and browsing history, Pol and Keuper said they did not have access to the SMS or e-mail database. "Those are not accessible and they're also encrypted," Keuper explained.

While Pol and Keuper could use the hack for harm, the two said the exploit has already been destroyed. Pol told : ”We shredded it from our machine. The story ends here, we’re not going to use this again. It’s time to look for a new challenge.” They further added that iOS is definitely the most secure mobile platform around thanks to Apple’s strict guidelines. 

-Source (ZDNet)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">iPhone 4S Hacked By Dutch Researchers During Pwn2Own Contest"https://www.voiceofgreyhat.com/2012/09/Pwn2Own-Contest-iPhone4S-Hacked-By-Dutch-Researchers.html</a>

Philips Sub-domain Hacked, Database Stolen & User Information Leaked

Philips Sub-domain Hacked, Database Stolen & User Information Leaked  

Dutch technology giant Philips have fallen victim to hackers. Philips Electronics said it shut down one of its servers on Monday because of a possible cyber attack. A couple of hackers known as Bch195 and HaxOr managed to get access on Philips server and defaced one of Philips' sub-domain.

The above screen-shots, is clearly showing that those hackers have uploaded a php shell on Philips server, which lead them to deface the sub-domain, as shown below.  

As per sources the hackers not only breached the server, but also leaked few SQL databases containing data such as user IDs, names, email addresses, country names, and occupations. From another part of the database the hackers allegedly managed to obtain 200,000 email addresses which they plan on selling. One of the databases, fortunately containing fewer than 400 records, has passwords stored in plain text.

Philips spokesman Steve Klink couldn't confirm whether any personal customer information or sensitive company data were put at risk. "It isn't prudent to make any statements until we've gotten to the bottom of this and completed the investigation," said Klink. The Dutch consumer electronics, lighting and healthcare group issued a short statement on its website on Tuesday stating that some of its small websites used for marketing might have been hacked on Monday. Philips said within an hour of becoming aware of the event, the compromised server was shut down. Immediately after this hack, Philips started investigating the nature and extent of the information that might have been accessed. 

Not only Philips,  In the last few months we have been a slew of attacks against the following sites: Yahoo, LinkedIn,eHarmony, Android Forums, Formspring, Gamigo, Nvidia and  Blizzard.  

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Philips Sub-domain Hacked, Database Stolen & User Information Leaked"https://www.voiceofgreyhat.com/2012/08/Philips-Sub-domain-Hacked-Database-Stolen.html</a>

Dutch Hacker Sentenced To 7 Years in Prison For Stealing Credit Card Numbers

Dutch Hacker Sentenced To 7 Years in Prison For Stealing Credit Card Numbers 

Another cyber criminal from Maryland get busted and has been sentenced for seven years in prison. He was part of a credit card hacking ring that targeted businesses in Seattle and across the country.  The U.S. Attorney's Office in Seattle says Christopher A. Schroebel partnered with 21-year-old Dutch computer hacker David Benjamin Schrooten to steal credit card numbers from businesses across the country and sell them in bulk through websites. In their charges, prosecutors say Schroebel had in his possession 84,000 credit card numbers he had stolen or bought from other hackers. The two hackers operated "point of sale" operations, in which spy software is installed in computers used by businesses for transactions. The software records credit card numbers used. Schroebel pleaded guilty in May to charges of bank fraud, obtaining information from a protected computer, access device fraud, among others. Schrooten, who was arrested in Romania, is set to stand trial next month. 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Dutch Hacker Sentenced To 7 Years in Prison For Stealing Credit Card Numbers "https://www.voiceofgreyhat.com/2012/08/Hacker-Sentenced-To-7Years-in-Prison-For-Stealing-CreditCard.html</a>

Bredolab Botnet Author -Georgiy Avanesov Received 4 Years Imprisonment

Bredolab Botnet Author -Georgiy Avanesov Received 4 Years Imprisonment

Georgiy Avanesov, a 27-year-old Russian man, the creator of the Bredolab botnet received a four-year imprisonment by Armenian court. In October 2010, Dutch investigators were able to take control of the Bredolab botnet's 143 command & control servers and take them offline. The Dutch law enforcement authorities worked with security specialist Fox IT to track down Avanesov, which eventually led to his arrest at an airport in the Armenian capital of Yerevan. At the time it was running, the Bredolab trojan was estimated to have infected more than 30 million Windows PCs around the world and was capable of infecting three million new PCs a month through infected emails. 

Avanesov was found guilty of computer sabotage, started operating the botnet in 2009 and used it for distributed denial-of-service (DDoS) attacks and for sending over 3.6 billion spam email messages per day. The BBC estimates that Avanesov earned approximately €100,000 (£80,000) per month with Bredolab, also known as Oficla.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Bredolab Botnet Author -Georgiy Avanesov Received 4 Years Imprisonment"https://www.voiceofgreyhat.com/2012/05/bredolab-botnet-author-georgiy-avanesov.html</a>

17 Year Old KPN Hacker Has Been Freed Temporarily But Can't Access Internet

17 Year Old KPN Hacker Has Been Freed Temporarily, But He Can't Access Internet 

The Dutch teen, who was the prime suspect of hacking into customer account data on hundreds of servers belonging to telecommunications operator KPN is set to be freed temporarily on Thursday. Dutch Public Prosecution Service said that the 17 year old KPN hacker has been allowed to wait at home for his criminal proceedings to begin. 

The teenager's attorney asked that the teenager be freed temporarily, a request granted by the Rotterdam court and the Dutch Public Prosecution Service, spokesman Wim de Bruin of the Prosecution Service said. "He can wait in freedom for his criminal case to start," De Bruin said. The hearings will take place this summer, he added.
The teenager was freed on the condition that he would not use the Internet at all, De Bruin said. If he had not have agreed to this, he would have had to remain in custody until the proceedings started, he added.
The youth was arrested on March 27 by the Dutch High Tech Crime Team in the Dutch town of Barendrecht. He is suspected of breaching the security of hundreds of KPN servers last January, damaging KPN's infrastructure and compromising user data. The biggest telecom operator in the Netherlands was forced to overhaul its systems to delete malicious software found on its servers. In the wake of the hack, KPN was also forced to temporarily suspend access to, and later reset the passwords of more than 2 million email accounts. 

-Source (PCWorld)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">17 Year Old KPN Hacker Has Been Freed Temporarily But Can't Access Internet"https://www.voiceofgreyhat.com/2012/05/17-year-old-kpn-hacker-has-been-freed.html</a>

Security Breach in Ning (Largest Platform for Creating Social Websites) 100 Million Users Affected

Security Breach in Ning (Largest Platform for Creating Social Websites) 100 Million Users Affected 

Social networking company Ning is reportedly suffering from security problem that could affect 100 million users. Three students from the junior college Media College Amsterdam (MA) together discovered five security holes in Ning. They found those security vulnerabity immediately   after the social network platform launched at their school. In a report Dutch security firm - Angelo Geels and Alex Brouwer have exploited cookies to gain login control over Ning user accounts. They used a proof of concept that showed they could access 90,000 accounts and 100 million users, but had no intention of exploiting it for malicious purposes.
The first problem was that the boys were not so serious but annoying. People who can put a blog which is to deface the site through the HTML section on the website the html element 'div' with content sites. Thus, for example, an overlay on the website come with in the case of the website of the Media College a cat Nyan. Then became the administrator of the website is still unknown hackers through the community called for pie for dinner. The boys did, admitted that they had hacked the code, but then decided to go further to look for any other problems on Ning, so said the hackers in an extensive interview with Webwereld.
Soon they discovered that Ning sites very susceptible to cross site scripting (XSS). The MBO students of 17 and 18 were four non-persistent or reflective cross-site scripting vulnerabilities in the site. Which run over several pages on the website. For example, via a link to a specific comment, so with code, or a cancel link containing a standard URL to the previous page. For detail information about the story click here.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Security Breach in Ning (Largest Platform for Creating Social Websites) 100 Million Users Affected"https://www.voiceofgreyhat.com/2012/04/security-breach-in-ning-largest.html</a>

Dutch Govt. Setup National Cyber Security Centre (NCSC) To Protect Cyber-Crime

Now the Dutch Govt. is also paying attention to secure the Cyber Fence. To protect cyber crime and enhance cyber security The Dutch government has set up a new National Cyber Security Centre (NCSC) to deal with with the growing problem of online crime. The NCSC, which is a public-private partnership, commenced operations on 1 January 2012. Its ambition is to grow, in a phased manner, into the cooperation platform for cyber security in the Netherlands. In 2011 more than 123K web pages of Netherland was infected by Lilupophilupop attack and also recently a Hacker Group named The Hackers Army has hacked thousand of  Dutch sites while running their operation named #OPfreePalestine. Dutch cyber fence also been target from different part of the world. So this newly formed NCSC was indeed needed by Dutch Authorities.  

In the Netherlands several government departments are involved in the fight against cyber crime - and that's precisely the problem. The NCSC should improve coordination between them. The centre will bundle together a lot of knowledge and expertise. The NCSC is composed of over sixty people and will deal especially with the major issues. Wouter Stol is cyber safety expert at the NHL University of Applied Sciences in Leeuwarden.
He sees the NCSC as a good start:- "It's a clear move to streamline the approach to cybercrime. But it's not just about coordination. There's far too little knowledge in the public sector. How do you handle the problems with cyber crime? How do you organize it? Much remains to be done."

The fight against cybercrime is still in its infancy, according Mr Stol. First you have to map properly how cybercrime - nationally and internationally - actually works. Cyber criminals are a difficult group because they often don't operate from a fixed location. An efficient response is only possible through international cooperation that is fast and smooth. To keep up with the technical know-how of the cyber criminals, the government has suggested turning to "ethical" hackers. This is the group that detect various leaks and weak spots. They hack the sites of companies and governments to identify the problems, not for criminal reasons. Wouter Stol thinks that these hackers will soon be needed. "Developments in the digital world are rapid. Training a few internet producers isn't enough. Before you know it you'll be left behind. It's a good strategy to gain the latest knowledge in a flexible manner. So you also need the hackers."

-Source (Radio Netherlands)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Dutch Govt. Setup National Cyber Security Centre (NCSC) To Protect Cyber-Crime"https://www.voiceofgreyhat.com/2012/01/dutch-govt-setup-national-cyber.html</a>

40+ Dutch & 11 Educational Sites Hacked By Hitcher

Dangerous Pakistani hacker from Pak Cyber Force named Hitcher strikes again. If you dig the decent past you will find that Hitcher has hacked lost of high profile sites including Wipro Limited, Quadrant Televentures Ltd. (Aka HFCL Infotel) Media Centre, Fin Bank of Nigeria Hacked By Hitcher (Database), Cambridge Communications Limited, Progate Group Corporation, Geological Society Of India and many more. This time he hacked and defaced more than 50 websites, among them there are 40+ Dutch sites, 11 Educational sites. The list of hacked sites can be found on a pastebin release.  

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">40+ Dutch & 11 Educational Sites Hacked By Hitcher"https://www.voiceofgreyhat.com/2011/12/40-dutch-11-educational-sites-hacked-by.html</a>

Dutch Security Firm "Gemnet" Compromised

Another Dutch Security firm "Gemnet" get compromised. The hack appears to have started when someone discovered a publicly accessible instance of phpMyAdmin without a password. phpMyAdmin is a web interface for managing SQL databases that should not be facing the open internet, password required or not.

By manipulating the databases the attacker was allegedly able to gain control over the system and all of the documents contained on it. The parent company, KPN, insists the documents contained on the server were all publicly available.

webwereld reports that the hacker claims to have accessed non-public documents that outlined the secure communication networks and procedures for communication between KPN and governments and customers.

Gemnet CSP, KPN's certificate authority division, has also suspended access to their website. While KPN believes that Gemnet CSP has not been compromised, it would appear they are taking precautions while they investigate the incident. The attacker reportedly was able to obtain the password (braTica4) used for administrative tasks on the server as well. 

Brief About Gemnet:-

Gemnet provide security consulting and authentication technologies to nearly all parts of the Dutch government including the Ministry of Security and Justice, Bank of Dutch Municipalities and the police.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Dutch Security Firm "Gemnet" Compromised"https://www.voiceofgreyhat.com/2011/12/dutch-security-firm-gemnet-compromised.html</a>

19 Million+ UK Households Being Used As Cyber Weapon (Botnets)

You are also a cyber criminal. Don't get panic, we are sorry to say this for that is truth. An exclusive report is saying that more than a million households of UK is either used or misused as cyber weapons meainly Botnets.

Dutch researchers investigating ways to curtail the hijacking of domestic computers for criminal use, found that more than one million UK households’ PCs are linked to criminal networks known as ‘botnets’, which are groups of Internet-connected computers that have been compromised by a third party and put to malicious use. With around 6% of the UK’s 19m Internet households thought to be part of a botnet, this helps criminals spread spam around the Web more effectively, whilst it can also be used to attack websites and even garner bank details from the unsuspecting public.

The data was gathered from a number of different sources, though most emanated from what is known as ‘spam traps’, which are fake email addresses set up for the sole purpose of receiving junk mail. It’s thought that more than 90% of spam is sent through botnets, and it’s the Internet addresses on these botnets which are a good indicator of where the so-called ‘drone’ machines are located. The researchers then used the IP addresses of the machines that were sending the spam, and traced each one to an Internet Service Provider (ISP). And feeding into this was data about the Conficker botnet, which is thought to be one of the biggest examples of such a network, and incident reports from a computer security company called DShield. The UK figure is placed at number 19 in the top 20 nations with the biggest botnet problem, but it’s roughly in-line with the global average which sits at around 5-10% of domestic computers that are thought to be linked to botnets. Greece and Israel were way out on top, though, with around a fifth of all broadband subscribers thought to be unwittingly recruited into botnets. 

It goes without saying that the biggest ISPs have the biggest botnet problem. It has been figured out that the level of spam on BT’s network peaked at the end of July 2010, at which point more than 30m junk email messages were being sent each week.  

Here is a Statistic:- 

The good news, however, is that these figures have fallen sharply since then with a number of anti-cyber crime groups helping to bring down some of the biggest botnets. One takedown earlier this year saw spam fall massively overnight, when just an entire network, called Rustock, stopped sending junk.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">19 Million+ UK Households Being Used As Cyber Weapon (Botnets)"https://www.voiceofgreyhat.com/2011/12/19-million-uk-households-being-used-as.html</a>

KPN Server Compromised, SSL Authority Stops Issuing Certificates

Netherlands-based KPN Corporate Market said it was taking the action while it investigated the compromise, which may have taken place as long as four years ago. The breach came to light after tools for waging distributed denial-of-service attacks were found on its network.
The certificate authority (CA) belonging to KPN Corporate Market, a subsidiary of Dutch telecommunications provider KPN, has announcedDutch language link that it has stopped issuing Secure Socket Layer (SSL) certificates because hackers bypassed the CA's security mechanisms and compromised one of its servers. When performing a thorough review that was prompted by other recent Certificate Authority break-ins, the CA discovered programs which are used for DDOS attacks on other computers. The evidence discovered so far indicates that the break-in at KPN happened four years ago and has remained undetected since then.
KPN said that previously issued certificates are unlikely to have been compromised, but that the possibility can't be ruled out completely. Nevertheless, these certificates will remain valid for the time being. As a precautionary measure, the telecommunications provider has replaced its web servers. KPN will also not issue any further SSL certificates until the break-in has been fully investigated.
In a similar incident, last Thursday Microsoft and Mozilla revoked their trust in all certificates issued by the Malaysian Digicert CA. 22 certificates issued by this CA were found to use weak 512-bit keys and lack certain certificate extensions as well as revocation information.

-News Source (The Register, The H)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">KPN Server Compromised, SSL Authority Stops Issuing Certificates"https://www.voiceofgreyhat.com/2011/11/kpn-server-compromised-ssl-authority.html</a>

The Dutch Govt's 2012 Budget Hacked By Bram Talman Before Release

The Dutch government’s 2012 budget will be presented to parliament by finance minister Jan Kees de Jager tomorrow – but the text is already in the public domain, thanks to a student hacker. Bram Talman hacked into the IT company that puts the information online, found last year’s document by using its uniform resource locator (URL) – the character-string that allows information to be retrieved – replaced “2010” with “2011” and up came with the latest version.
The history student tweeted the document from his Twitter address, making himself an instant celebrity. “Every year there is a huge struggle between the different media companies to get the budget details first, so I started searching and came up with it pretty easily. Since then I’ve been inundated with interview requests and still have 200 missed calls.”
Its publication forced the prime minister, Mark Rutte, to concede that the document was genuine and all the details correct, including a breakdown of €3 billion in tax increases for industry.

Mr Rutte was clearly angry. “The leak is extremely irritating and unfortunate,” he said. The IT company, Facetbase, said the cause of the embarrassment had been human error, which it very much regretted. Normally, said its head of crisis management, Peter van der Maat, a fake version of the new document would be put online until the real one was ready – but that had not happened.

-News Source (Irish-Times)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">The Dutch Govt's 2012 Budget Hacked By Bram Talman Before Release"https://www.voiceofgreyhat.com/2011/09/dutch-govts-2012-budget-hacked-by-bram.html</a>

DigiNotar Certificate Venerability Patched on Firefox 6.0.2

Firefox 6.0.2 has just come out, adding more protection to that provided by Firefox 6.0.1, which was necessitated by the mess caused by disgraced Dutch web security company DigiNotar.

Firefox 6.0.1 fixed Mozilla Foundation Security Advisory 2011-34, which simply pulled everything to do with DigiNotar from its list of trusted certificates. Loosely speaking, any certificate signed by DigitNotar, or any certificate signed by someone with a certificate signed by DigiNotar, and soad infinitum, was blown out of the water.

Any website with a certificate bought through DigiNotar therefore become untrusted at once. As Mozilla quite bluntly explained in the 6.0.1 update, "sites using certificates issued by DigiNotar will need to seek another certificate vendor." And that's how it should be. A Certificate Authority isn't supposed to make mistakes of this sort - not at all, let alone to this extent.

However, Firefox 6.0.1 exempted from its blockade any certificates signed by the Dutch State itself using its STAAT DER NEDERLANDEN ROOT CA signing certificate. Although tainted by association with DigiNotar, the Dutch public service was apparently convinced that none of the certificates it had issued were affected by any signing irregularities at DigiNotar.

It turned out that the Dutch authorities had not one, but two, Certificate Authorities of its own, and its second root certificate - imaginatively named STAAT DER NEDELANDEN ROOT CA - G2 was not exempted in Firefox 6.0.1. This was reported as a bug, and Mozilla set about adding an additional exemption for certificates signed by this CA. This would have reduced the impact of the Firefox certificate blockade on the web services provided by the Dutch authorities.

In the interim, however, the Dutch government abandoned trust in any of its own certificates, so the Firefox bugfix changed from "exempt the government CA we left out last time" to "remove the exemption for the government CA we exempted last time."

Let's see whether this fiasco causes the Dutch authorities to reconsider modern public service buzzwords such as "cloud" and "outsourcing"!

This sort of step - vigorously disowning everything tainted by DigiNotar - is aggressive but, in my opinion, necessary. Getting into a certification relationship with company X is like buying shares in company X. If the price goes down, all shareholders lose out simultaneously. If the company goes down, you go down with it.  

Brief About DigiNotar :- 

DigiNotar is the former Certificate Authority - or so-called "authority" - which managed to issue more than 500 bogus digital certificates in the name of major web properties such as Facebook, Twitter, Microsoft and Google; in the name of intelligence agencies such as the Mossad and the CIA; and even, it seems, in the name of other certifying authorities.

To Download Firefox 6.0.2 Click Here

-News Source (Naked Security & Mozilla) 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">DigiNotar Certificate Venerability Patched on Firefox 6.0.2"https://www.voiceofgreyhat.com/2011/09/diginotar-certificate-venerability.html</a>

Microsoft Said: Stolen SSL Certificates May Be Dangerous While Updating Your Windows

Microsoft said Sunday that a digital certificate stolen from a Dutch company could not be used to force-feed customers malware through its Windows Update service. The company's assertion came after a massive theft of more than 500 SSL (secure socket layer) certificates, including several that could be used to impersonate Microsoft's update services, was revealed by Dutch authorities and several other affected developers.

"Attackers are not able to leverage a fraudulent Windows Update certificate to install malware via the Windows Update servers," said Jonathan Ness, an engineer with the Microsoft Security Response Center (MSRC), in a Sunday blog post. "The Windows Update client will only install binary payloads signed by the actual Microsoft root certificate, which is issued and secured by Microsoft."

Seven of the 531 certificates now known to have been fraudulently obtained by hackers in July were for the domains update.microsoft.com and windowsupdate.com, while another six were for *.microsoft.com. According to Microsoft, the certificates issued for windowsupdate.com couldn't be used by attackers because the company no longer uses that domain. (Windows Update is now at windowsupdate.microsoft.com..) However, those for update.microsoft.com -- the domain for Microsoft Update -- and the wildcard *.microsoft.com could be.

As Ness said, updates delivered via Microsoft's services are signed with a separate certificate that's closely held by the company. Without that code-signing certificate, attempts to deliver malware disguised as an update to a Windows PC would fail. Other vendors, including Apple, also sign software updates with a separate certificate. The certificates for the various Microsoft domains were issued by DigiNotar, a Dutch company that last week admitted its network had been hacked in mid-July. The company initially believed it had revoked all the fraudulent certificates, but later realized it had overlooked one that could be used to impersonate any Google service, including Gmail. DigiNotar went public only after users reported their findings to Google.
Criminals or governments could use the stolen certificates to conduct "man-in-the-middle" attacks, tricking users into thinking they were at a legitimate site when in fact their communications were being secretly intercepted. Microsoft has added its voice to the chorus from rival browser makers, notably Google and Mozilla, about the seriousness of the situation. Like its competitors, Microsoft will also permanently block all DigiNotar certificates.

"We are in the process of moving all DigiNotar owned or managed [certificate authorities] to the Untrusted Root Store, which will deny access to any website using DigiNotar certificates," said Dave Forstrom, a director in the Microsoft Trustworthy Computing group, in an emailed statement Sunday.

Forstrom did not set a date by when Microsoft would block all DigiNotar certificates, including those used by the Dutch government, which has been a major customer of the company. Google updated Chrome on Saturday to block all DigiNotar certificates, while Mozilla plans to do the same on Tuesday for Firefox.

However, Microsoft's partial ban of DigiNotar certificates -- which it instituted last week -- and the complete sanction now in the works only protects users running Windows Vista, Windows 7, Windows Server 2008 and Windows Server 2008 R2. Customers still on Windows XP or Windows Server 2003 must wait for an update specific to those operating systems; Ness said only that that update would "be available soon."
Until that Windows XP update is available, users can protect themselves by manually deleting the DigiNotar root from the list of approved certificate-issuing authorities. 

For more information and to look at the Microsoft press release click Here 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Microsoft Said: Stolen SSL Certificates May Be Dangerous While Updating Your Windows"https://www.voiceofgreyhat.com/2011/09/microsoft-said-stolen-ssl-certificates.html</a>

Dutch Government is Investigating The Iranian Cyber Attack

The Dutch government is investigating whether Iran may have been involved in hacking Dutch state websites after digital certificates were stolen. Vincent van Steen, Dutch interior ministry spokesman, declined to say whether Iranian authorities in the Netherlands or Iran had been contacted, and said more details would be published in a letter to the Dutch parliament early next week.
But Mr van Steen confirmed the veracity of a report by the Dutch news agency ANP saying the cabinet was looking into whether the Iranian government played a part in breaking into Dutch government websites.
Such websites may no longer be safe after the digital theft of internet security certificates from Dutch IT company DigiNotar, the interior ministry said in a statement. Officials at the Iranian embassy in The Hague were not immediately available for comment nor was there an immediate reply to emails asking for comment. Google said in its security blog on Aug. 29 that it had received reports of attacks on Google users, that "the people affected were primarily located in Iran", and that the attacker used a fraudulent certificate issued by DigiNotar.

-News Source (Telegraph, Register)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Dutch Government is Investigating The Iranian Cyber Attack"https://www.voiceofgreyhat.com/2011/09/dutch-government-is-investigating.html</a>

GIF Vulnerability Patch For Photoshop Mac Users

The folks at Adobe have been keeping themselves busy this week patching several security holes in their software, including one affecting Photoshop Mac users.
According to a recent technical note on Adobe's site, those using the company’s professional photo editing software on a Mac are advised to patch immediately using Photoshop Standard Multiplugin CS5/CS5.1.
Adobe has recently learned that opening a GIF image of unknown origin may have a negative outcome. Here’s the situation in the Flash maker’s own words:
“The standard multiplugin update addresses a security vulnerability in the GIF file format, where opening a malicious GIF file would cause the application to crash.”

“This update is recommended for anyone who opens GIF files in Photoshop,” Adobe says.

Surely those editing multiple pictures at the same time would hate to see Photoshop crash before them simply because they opened a GIF image.

It works on systems running Mac OS X 10.5.7 (Leopard) and Mac OS X 10.6 (Snow Leopard) and it applies to one of the following language versions of Photoshop CS5 or Photoshop CS5.1: English, French, Spanish, Portuguese, German, Italian, Dutch, Swedish, Danish, Finnish, Norwegian, Chinese Simplified, Chinese Traditional, Korean, Japanese, Czech, Polish, Russian, Turkish, Hungarian, Ukrainian, or Romanian.

After downloading the ".zip" file containing the Photoshop CS5/CS5.1 Standard Multiplugin Update, Mac users must decompress the contained file and drag it to a specific location where Photoshop is installed.

The full set of instructions, as posted on Adobe’s web site, follows below:
1. Download plugin update
2. Unzip plugin update
3. Open Unzipped plugin folder
4. Drag and drop (or copy and paste) Standard Multiplugin.plugin to Applications\Adobe Photoshop CS5 (or CS5.1)\Plug-ins\Filters
5. Replace the existing file(s) when prompted
6. Relaunch PS

To download the 4MB patch click Here

-News Source (Adobe & Softpedia)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">GIF Vulnerability Patch For Photoshop Mac Users"https://www.voiceofgreyhat.com/2011/08/gif-vulnerability-patch-for-photoshop.html</a>

LulzSec Spokesman Busted By Scotland Yard

Scotland Yard's cybercrime unit has arrested a teenager it suspects of working as the spokesman for the Lulz Security hacking collective, officials said Wednesday.

The Metropolitan Police's Central e-Crime Unit arrested a 18-year-old at an address in Scotland's remote Shetland Islands, the force said in a statement. His name wasn't released, but police said he was believed to be "Topiary," one of LulzSec's most prominent members.

Police originally gave his age as 19 but later issued a correction. 

LulzSec shot to prominence in May with attacks on the US Public Broadcasting Service - whose website it defaced by posting a bogus story claiming that the late rapper Tupac Shakur had been discovered alive in New Zealand.

The group is a spin-off of Anonymous, an amorphous collection of Internet enthusiasts, pranksters and activists whose targets have included the Church of Scientology, the music industry, and financial companies including Visa and MasterCard.

Topiary was linked to both groups, serving as the on-again, off-again media liaison for the publicity-hungry hackers.

In his only known television interview, on the "David Pakman Show" earlier this year, Topiary phoned in via Skype to feud with Shirley Phelps-Roper of the Westboro Baptist Church, a Kansas-based group notorious for picketing the funerals of slain American soldiers.

Anonymous vandalised the church's website live over the course of the interview.

In conversations with The Associated Press, Topiary said he controlled LulzSec's Twitter feed, which garnered some 300,000 followers over the course of its six-week-long Internet rampage.

LulzSec has claimed responsibility for breaches at pornography websites, gaming companies, and law enforcement organisations. It's also claimed credit for harassing seemingly random targets including an obscure New Jersey-based magnet manufacturer.

One its most spectacular hacks was against Sony Pictures Entertainment. The group posted the usernames, passwords, email addresses and phone numbers of tens of thousands of people, many of whom had given Sony their information for sweepstakes draws. Another stinging series of breaches last month targeted Arizona's police force in protest against its contentious immigration law. Officers had to scramble to change their numbers because their phones were being jammed with calls.

Shortly thereafter the group abruptly announced it was disbanding, although Topiary said at the time that the group wasn't bowing to police pressure.

"We're not quitting because we're afraid of law enforcement," he said in a Skype call. "The press are getting bored of us, and we're getting bored of us."

Attempts to reach Topiary since then have been unsuccessful, although his group recently re-emerged from retirement, defacing The Sun newspaper's website with a fake story claiming that media tycoon Rupert Murdoch had died. In one of its last messages, LulzSec said it was working with unnamed media outlets on a WikiLeaks-style release of emails it claimed to have stolen from the tabloid.

Topiary's once-plentiful Twitter feed was practically wiped clean Wednesday. The only remaining post, from nearly a week ago, read: "You cannot arrest an idea."

The latest arrest is one of an increasing number claimed by law enforcement in Britain and the United States in connection to their investigations into Anonymous and its offshoots. Last week, the FBI, British and Dutch officials carried out 21 arrests, many of them related to the group's attacks on Internet payment provider PayPal Inc., which has been targeted over its refusal to process donations to WikiLeaks.

Last month another 19-year-old, Ryan Cleary, was charged with attacks on Britain's Serious Organized Crime Agency and various UK-based music sites. Although at least one of the attacks he was charged with seemed linked to LulzSec, Topiary claimed at the time that Cleary was at most only tangentially involved with the group.

Scotland Yard said Wednesday it was also searching a residential address in Lincolnshire, in central England, and interviewing an unnamed 17-year-old in connection with the investigation. The second teen has not been arrested.

-News Source (IBN)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">LulzSec Spokesman Busted By Scotland Yard"https://www.voiceofgreyhat.com/2011/07/lulzsec-spokesman-busted-by-scotland.html</a>

Anon & Lulzsec Respond Against The FBI

Hacker groups Anonymous and LulzSec have issued a joint statement in response to recent FBI arrests of suspected Anonymous members thought to have carried out a cyberattack against PayPal in 2010.

In their release, the hackers addressed a statement made to NPR by Steven Chabinsky, deputy assistant FBI director. "We want to send a message that chaos on the Internet is unacceptable," Chabinsky told NPR. "[Even if] hackers can be believed to have social causes, it's entirely unacceptable to break into websites and commit unlawful acts."

The hacker collectives responded with a list of what they define as "unacceptable" practices:

* Governments lying to their citizens and inducing fear and terror to keep them in control by dismantling their freedom piece by piece.

* Corporations aiding and conspiring with said governments while taking advantage at the same time by collecting billions of funds for federal contracts we all know they can't fulfil.

* Lobby conglomerates who only follow their agenda to push the profits higher, while at the same time being deeply involved in governments around the world with the only goal to infiltrate and corrupt them enough so the status quo will never change.

With regards to the arrests of alleged members of Anonymous by the FBI, the hackers wrote, "Your threats to arrest us are meaningless to us as you cannot arrest an idea.  There is nothing - absolutely nothing - you can possibly to do make us stop."

According to the AP, the FBI on Tuesday arrested 14 people across the United States and confiscated computers in connection with the PayPal attack. Another two were arrested for unrelated activities. In addition, Britain's Scotland Yard took into custody one person, and the Dutch National Police Agency arrested four.

Click Here to see the Statement Of ANON & LULZSEC

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Anon & Lulzsec Respond Against The FBI"https://www.voiceofgreyhat.com/2011/07/anon-lulzsec-respond-against-fbi.html</a>