The GIFiles By Wikileaks Publishing The Global Intelligence Files & Five Million E-mails From Stratfor

The GIFiles By Wikileaks Publishing The Global Intelligence Files & Five Million E-mails From Stratfor 

In the last month of 2011 U.S.-based security think tank Stratfor faced cyber attack from Hactvists. Anonymous claimed that they have stolen thousands of credit card numbers and other personal information belonging to clients of Stratfor’s confidential client list, which includes entities ranging from Apple Inc. to the U.S. Air Force to the Miami Police Department, and mining it for more than 4,000 credit card numbers, passwords and home addresses. But later in a press release Anonymous dines that attack so its quit difficult to figure out that who was really behind the hack.

But from this Monday Wikileaks has  planned to release over 5 Million emails from Stratfor Global Intelligence, whose website was hacked and emails and customer data stolen in December. 

According to official website Wikileaks:- 

"On Monday February 27th, 2012, WikiLeaks began publishing The Global Intelligence Files, over five million e-mails from the Texas headquartered "global intelligence" company Stratfor. The e-mails date between July 2004 and late December 2011. They reveal the inner workings of a company that fronts as an intelligence publisher, but provides confidential intelligence services to large corporations, such as Bhopal’s Dow Chemical Co., Lockheed Martin, Northrop Grumman, Raytheon and government agencies, including the US Department of Homeland Security, the US Marines and the US Defence Intelligence Agency. The emails show Stratfor’s web of informers, pay-off structure, payment laundering techniques and psychological methods..."

 

Full Release Of Wikileaks Can Be Found Here

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">The GIFiles By Wikileaks Publishing The Global Intelligence Files & Five Million E-mails From Stratfor"https://www.voiceofgreyhat.com/2012/02/gifiles-by-wikileaks-publishing-global.html</a>

Microsoft Planned To Release Skype Application For Windows Mobile

Microsoft Planned To Release Skype Application For Windows Mobile

Microsoft Corporation has planned to release Skype video-calling application for its Windows Phone. The application will be avalable on April this year. Terry Myerson, head of the Redmond, Washington-based company’s mobile business, said in an interview last week. It will unveil the software today at the Mobile World Congress in Barcelona, Spain, and release a version for beta testers. Terry Myerson, head of the Redmond, Washington-based company’s mobile business, said in an interview last week. It will unveil the software today at the Mobile World Congress in Barcelona, Spain, and release a version for beta testers.
Microsoft bought Skype to gain customers and enhance its existing products -- such as Windows phones and Xbox game consoles, along with Internet-calling and videoconferencing software. Skype customers made more than 300 billion minutes of calls last year, Microsoft Chief Executive Officer Steve Ballmer said in January. The service, which handles both voice and video calls, is the top provider of international calling. Windows Phone has just 2 percent of the mobile operating- system market, and lags behind Apple Inc. and Google Inc. in providing apps. Both those rivals already have Skype apps.
Microsoft bought Skype to gain customers and enhance its existing products -- such as Windows phones and Xbox game consoles, along with Internet-calling and videoconferencing software. Skype customers made more than 300 billion minutes of calls last year, Microsoft Chief Executive Officer Steve Ballmer said in January. The service, which handles both voice and video calls, is the top provider of international calling.
Windows Phone has just 2 percent of the mobile operating- system market, and lags behind Apple Inc. and Google Inc. in providing apps. Both those rivals already have Skype apps.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Microsoft Planned To Release Skype Application For Windows Mobile"https://www.voiceofgreyhat.com/2012/02/microsoft-planned-to-release-skype.html</a>

Android Vulnerability- Hacker Can Gains Complete Control Into Your SmartPhone

Android Vulnerability- Hacker Can Gains Complete Control Into Your SmartPhone  

 

Security experts have discovered a serious flaw in a component of the operating system of Google Inc’s widely used Android smartphone that they say hackers can exploit to gain control of the devices. Researchers at startup cyber security firm CrowdStrike said they have figured out how to use that bug to launch attacks and take control of some Android devices.
CrowdStrike, which will demonstrate its findings next week at a major computer security conference in San Francisco, said an attacker sends an email or text message that appears to be from a trusted source, like the user’s phone carrier. The message urges the recipient to click on a link, which if done infects the device. At that point, the hacker gains complete control of the phone, enabling him or her to eavesdrop on phone calls and monitor the location of the device, said Dmitri Alperovitch, chief technology officer and co-founder of CrowdStrike.
Google spokesman Jay Nancarrow declined comment on Crowdstrike’s claim. Alperovitch said the firm conducted the research to highlight how mobile devices are increasingly vulnerable to a type of attack widely carried out against PCs. In such instances, hackers find previously unknown vulnerabilities in software, then exploit those flaws with malicious software that is delivered via tainted links or attached documents. He said smartphone users need to prepare for this type of attack, which typically cannot be identified or thwarted by mobile device security software.
“With modifications and perhaps use of different exploits, this attack will work on every smartphone device and represents the biggest security threat on those devices,” said Alperovitch, who was vice president of threat research at McAfee Inc before he co-founded CrowdStrike.
Researchers at CrowdStrike were not the first to identify such a threat, though such warnings are less common than reports of malicious applications that make their way to online websites, such as Apple’s App Store or the Android Market.
In July 2009, researchers Charlie Miller and Collin Mulliner figured out a way to attack Apple’s iPhone by sending malicious code embedded in text messages that was invisible to the phone’s user. Apple repaired the bug in the software a few weeks after the pair warned it of the problem.
The method devised by CrowdStrike currently works on devices running Android 2.2, also known as Froyo. That version is installed on about 28 percent of all Android devices, according to a Google survey conducted over two weeks ending February 1. Alperovitch said he expects to have a second version of the software finished by next week that can attack phones running Android 2.3. That version, widely known as Gingerbread, is installed on another 59 percent of all Android devices, according to Google. CrowdStrike’s method of attack makes use of a previously unpublicized security flaw in a piece of software known as webkit, which is built into the Android operating system’s Web browser.

-Source (MyBoradband, Google, CrowdStrike)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Android Vulnerability- Hacker Can Gains Complete Control Into Your SmartPhone"https://www.voiceofgreyhat.com/2012/02/android-vulnerability-hacker-can-gains.html</a>

Flashback.G Trojan Targeting Mac Users While Stealing Passwords

 Flashback.G Trojan Targeting Mac Users While Stealing Passwords

Remember earlier MAC Security Blog reported that the latest version, Flashback.D, has gotten a bit sneakier. First, it checks to see if the user is running Mac OS X in VMware Fusion. If so, it does not execute. It does this because many malware researchers test malware in virtual machines, rather than infect full installations, as it is easier to delete them and start over with clean copies. This means that security researchers analyzing and looking for this malware need to be running regular Macs.

 Yet again Mac users became the victim of another trojan. This new Trojan virus is capable of infecting their computers and stealing passwords to services such as Google, PayPal, online banking & so on. This virus is using a new installation method When a user visits a crafted web page, the new variant either tries to exploit two old security vulnerabilities or deploys a Java Applet which tries to trick the user into believing it has been certified by Apple. According to Mac Security Blog (Intego):- This new variant of the Flashback Trojan horse uses three methods to infect Macs. The malware first tries to install itself using one of two Java vulnerabilities. If this is successful, users will be infected with no intervention. If these vulnerabilities are not available – if the Macs have Java up to date – then it attempts a third method of installation, trying to fool users through a social engineering trick. The applet displays a self-signed certificate, claiming to be issued by Apple. Most users won’t understand what this means, and click on Continue to allow the installation to continue.
It is worth noting that Flashback.G will not install if VirusBarrier X6 is present, or if a number of other security programs are installed on the Mac in question. It does this to avoid detection. It seems that the malware writers feel it is best to avoid Macs where the malware might be detected, and focus on the many that aren’t protected.

Earlier also Mac users faced such attacks where OSX/Revir-B trojan was installed behind a PDF, and giving hackers remote access to MAC computers, not only Revier-B also Linux Tsunami trojan Called "Kaiten" targeted Mac OS users in 2011. Also another malware named "Devil Robber" which was also make MAC users victim while stealing their personal informations.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Flashback.G Trojan Targeting Mac Users While Stealing Passwords"https://www.voiceofgreyhat.com/2012/02/flashbackg-trojan-targeting-mac-users.html</a>

Ontario Association of Chiefs of Police Hacked (#OpPiggyBank)

Ontario Association of Chiefs of Police Hacked (#OpPiggyBank)

A hacker named Visi0nZ from Hacker collective group Anonymous claimed to break into the official website of Ontario Association of Chiefs of Police. The attack took place on the Friday evening and the police chief association dismantled its website, which now includes one terse message: "Under maintenance." 

Couto said the cyber attack won't deter the association's support for enhanced federal surveillance legislation. "The police chiefs have been very clear on this," he told media. According to the hacker this hack is part of #OpPiggyBank and he hacked into the database of Ontario Association of Chiefs of Police and exposed sensitive information like server details, full name, user name, email-id and passwords of administrator. All those hacked credentials made available by the hacker while releasing a pastebin note.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Ontario Association of Chiefs of Police Hacked (#OpPiggyBank)"https://www.voiceofgreyhat.com/2012/02/ontario-association-of-chiefs-of-police.html</a>

AT&T.com Is Vulnerable, User Information Can Be Revealed

AT&T.com Is Vulnerable, User Information Can Be Revealed 

A serious security vulnerability has been found on AT&T.com -a leader in telecommunication services, including cell phones, wireless, U-verse, digital TV, high speed internet, DSL, home phone & so on. That vulnerability is allowing anyone to look up the phone numbers of AT&T subscribers, provided they have the subscriber’s email address. The issue involves a form on AT&T’s site where a subscriber can input their email address in order to recover their forgotten AT&T User ID. Except instead of simply emailing the User ID to the email address provided, the following page reveals the wireless phone number associated with that account. A security consulting company named Errata Security reported about this vulnerability. Later the vulnerability has been patched. The problem was first unveiled late Friday night in a posting on Reddit. According to the comments there, some Reddit users have already created working scripts that return a list emails followed by the associated wireless phone number. But the vulnerability seems to be hit or miss, in terms of whether or not it reveals the complete number or any number at all. It doesn’t appear to work for Business Accounts, one commenter noted, but in another case, it worked for someone who wasn’t even an AT&T subscriber anymore.

To see if the hack works for you, visit https://www.att.com/olam/enterEmailForgotId.myworld, enter in an email address, click next, and see if a phone number is returned.

For what it’s worth, it didn’t work for me (an AT&T subscriber), but that may be because it doesn’t seem to work for those who have already established AT&T User ID’s, as I have. At the very least, that should protect some of the potentially affected AT&T subscriber base from having their personal information revealed.

According to AT&T spokesperson:- “We are dedicated to protecting our customer’s personal information. While the function was intended to help improve customer experience, we have removed it from our site to prevent misuse.”

-Source (Tech Crunch & Errata Security)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">AT&T.com Is Vulnerable, User Information Can Be Revealed"https://www.voiceofgreyhat.com/2012/02/at-is-vulnerable-user-information-can.html</a>