Twitter & Yahoo Tightening Their Security to Prevent Eavesdropping of NSA

Twitter & Yahoo Tightening Their Security to Prevent Eavesdropping of NSA & Other Govt Agencies 

Last month a untold and sensational story came to light, when the whistle blowers Edward Snowden unveiled one of the top secret program of NSA called called “Muscular” Former NSA contractor Snowden himself disclosed that the National Security Agency has secretly broken into the main communications links that connect Yahoo and Google data centers around the world in order to collect and snoop the private data of millions of internet users. NSA’s acquisitions directorate sends millions of records every day from internal Yahoo and Google networks to data warehouses at the agency’s headquarters at Fort Meade, Md. In the preceding 30 days, the report said, field collectors had processed and sent back 181,280,466 new records including “metadata,” which would indicate who sent or received e-mails and when, as well as content such as text, audio and video. Both Yahoo & Google said that they had never gave access to nay Govt agency to their data centers. Yahoo spokeswoman said, “We have strict controls in place to protect the security of our data centers, and we have not given access to our data centers to the NSA or to any other government agency.” Google’s chief legal officer, David Drummond said “We are outraged at the lengths to which the government seems to have gone to intercept data from our private fiber networks, and it underscores the need for urgent reform,” 

But the matter of fact is that NSA has indeed sniffed the personal & private communication of million internet users of tech giants like Yahoo and Google. To get rid of this kind of privacy breach, now the tech giants who hold the personal record and credential of mass, are tightening and enhancing their existing security system. According to Marissa Mayer, CEO of Yahoo "We’ve worked hard over the years to earn our users’ trust and we fight hard to preserve it." Yahoo also says it will encrypt all information moving between its data centers by the end of the first quarter, and it will work on getting international partners to enable HTTPS encryption in Yahoo-branded Mail services.Yahoo says it will give users an option to encrypt all data flow to and from Yahoo. "Yahoo has never given access to our data centers to the NSA or to any other government agency ever. There is nothing more important to us than protecting our users’ privacy. To that end, we recently announced that we will make Yahoo Mail even more secure by introducing https (SSL - Secure Sockets Layer) encryption with a 2048-bit key across our network by January 8, 2014." added Marissa Mayer.

Not only Yahoo, but the social networking giant Twitter, who have registered users of almost 550 million with an active user of 250 million across the globe has also taken immediate steps after this breathtaking story of spying by NSA get the spot light. Twitter is implementing new security measures that should make it much more difficult for anyone to eavesdrop on communications between its servers and users. The entire security mechanism has been taken to tighten the data privacy of its users. According to a blog post of twitter the company has implemented "perfect forward secrecy" on its Web and mobile platforms, which made eavesdropping almost impossible. "As part of our continuing effort to keep our users’ information as secure as possible, we’re happy to announce that we recently enabled forward secrecy for traffic on twitter.com, api.twitter.com, and mobile.twitter.com. On top of the usual confidentiality and integrity properties of HTTPS, forward secrecy adds a new property. If an adversary is currently recording all Twitter users’ encrypted traffic, and they later crack or steal Twitter’s private keys, they should not be able to use those keys to decrypt the recorded traffic." -said the blog post.

While talking about Muscular program of NSA, we would also like to remind you that couple weeks ago we came to know about 'Royal Concierge' another secret program of GCHQ & NSA to spy foreign diplomats through hotel bookings uncovered by Edward Snowden.

-Source (CIO & PC World) 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Twitter & Yahoo Tightening Their Security to Prevent Eavesdropping of NSA"https://www.voiceofgreyhat.com/2013/11/twitter-yahoo-tightening-security-2stop-eavesdropping.html</a>

MultiObfuscator (Cryptography Software)

MultiObfuscator is a professional cryptography tool, with unique features you won’t find among any other free or commercial software. MultiObfuscator is 100% free and suitable for highly sensitive data storage and transmission.
MultiObfuscator is a free program for Windows that uses multiple security layers to protect data from third party access. In particular, the program uses a three layered approach that combines cryptography with data scrambling and based whitening. Users can furthermore use deniable cryptography to use less important data as a decoy in case someone’s forcing them to decrypt the data.
Interesting thing is MultiObfuscator is portable no need for installation or any sign that system is using any cryptography tool.

Features of MultiObfuscator:-

• HW seeded random number generator (CSPRNG)
• Deniable cryptography
• Up to 256Mb of secret file (binary mode)
• Up to 256Kb of secret text (text/email mode)
• Whitening selection level
• Modern multi-cryptography (16 algorithms)
• Multi-layered data obfuscation (4 passwords)
• X-square cryptanalysis resistance

To download MultiObfuscator click Here

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">MultiObfuscator (Cryptography Software)"https://www.voiceofgreyhat.com/2011/09/multiobfuscator-cryptography-software.html</a>

Out of four one online criminal are the informer of FBI

One in four computer hackers is secretly working for the FBI and U.S. secret service to inform on their peers, it has been claimed. By threatening long prison sentences, officers have managed successfully to infiltrate communities of the online criminals, recruiting a huge number of informants.
The moles, who are already embedded deep inside the hacking community, are then reporting back to the FBI about large-scale identity fraud in an attempt to earn themselves softer sentences. Some major illegal forums where hackers sell stolen credit card details and forged identities are even being run by the FBI moles, it has been claimed. The management of other sites have been taken over by FBI agents posing as ID theft specialists, or 'carders', where they can use the intelligence to land genuine hackers with lengthy jail sentences. It is thought their work has already managed to put dozens of online criminals in jail - leaving the underground hacking world riddled with paranoia about infiltration. Eric Corley, who publishes 2600, the hacker quarterly, told the Guardian that as many as a quarter of all hackers in the U.S. may have been recruited by authorities as moles. 'Owing to the harsh penalties involved and the relative inexperience with the law that many hackers have, they are rather susceptible to intimidation, he said.
John Young, who runs Cryptome, a website similar to WikiLeaks that attempts to publish secret documents, added: 'It makes for very tense relationships. There are dozens and dozens of hackers who have been shopped by people they thought they trusted.' Among many convictions is the extremely high-profile case of Bradley Manning, who is being held on suspicion of passing on documents to WikiLeaks.
He was shopped to authorities by Adrian Lamo, a convicted hacker turned informant.
Lamo, who is viewed in online communities as a 'Judas' and has been called 'the world's most hated hacker', has said: 'Obviously it's been much worse for him but it's certainly been no picnic for me. He followed his conscience, and I followed mine.
Barrett Brown, a spokesman for the 'hacktivist' group Anonymous, told the Guardian: 'The FBI are always there. They are always watching, always in the chatrooms. You don't know who is an informant and who isn't, and to that extent you are vulnerable.'
Kevin Poulsen, senior editor at Wired magazine, added: 'We have already begun to see Anonymous members attack each other and out each other's IP addresses.
'That's the first step towards being susceptible to the FBI.'

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Out of four one online criminal are the informer of FBI"https://www.voiceofgreyhat.com/2011/06/out-of-four-one-online-criminal-are.html</a>

White House Orderd to Issue New Cyber Security Policies

The White House will issue Friday an executive order on computer security to prevent breaches of the sort that occurred with the release last year of hundreds of thousands of classified documents to the Web site WikiLeaks.
The order, coinciding with National Cybersecurity Month, replaces an outdated policy predating the Obama administration and caps a seven-month review of procedures for handling classified information.
The order directs agencies to designate a senior official to oversee classified information sharing and safeguarding for the agency and enshrines a number of measures the Pentagon and other agencies have announced, including the Pentagon’s disabling the “write” capability on most computers in the military’s secret-level classified network to prevent downloading classified data onto removable drives.
“Our nation’s security requires classified information to be shared immediately with authorized users around the world, but also requires sophisticated and vigilant means to ensure it is shared securely,” Obama’s order said.
The order, first reported by the New York Times on Thursday night, also creates an interagency task force headed by the attorney general and the director of national intelligence to detect and prevent leaks from government employees  what is known as the “insider threat.”
It also calls for a Senior Information Sharing and Safeguarding Steering Committee with responsibility for coordinating interagency efforts and ensuring that agencies are held accountable for carrying out the policies and standards.

The White House notes that agencies have made “significant progress” in shoring up security. The Pentagon, for instance, has begun to issue smart cards with special identity credentials required to log onto the secret-level classified network. The cards allow holders access to only those portions of the network that contain information relevant to their jobs.
The Pentagon is also piloting insider-threat technology developed by the National Security Agency and is developing an information-technology audit to identify suspicious behavior on all Department of Defense systems.

-News Source (Washington Post)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">White House Orderd to Issue New Cyber Security Policies"https://www.voiceofgreyhat.com/2011/10/white-house-orderd-to-issue-new-cyber.html</a>

Cyber Security Summit Hosted By Department of Homeland Security (DHS)

Cyber Security Summit Hosted By Department of Homeland Security (DHS) 

As part of the national Stop.Think.Connect campaign against cyber threats to computers in the private and public sector, the city of Mesa and the Department of Homeland Security are hosting a cyber security summit at the Mesa Arts Center on Wednesday, Sept. 26. The mayor of Mesa said on Wednesday that interest in the summit is growing, and that there also will be numerous representatives of government from throughout the state and a member of the Secret Service attending the event.  Kelvin Coleman, U.S. Department of Homeland Security director of state, local, tribal and territorial cyber engagement, will be the keynote speaker. Mesa Mayor Scott Smith and District 3 councilman and Mesa Public Safety Committee chair Dennis Kavanaugh also will offer comments and help to facilitate questions during the event. “We use computers every day,” Smith said. “We don’t know how important computers are until they’re breached.”

-:Agenda & Other Details:- 

Date: September 26, 2012

Venue:- Mesa Contemporary Arts - Brown Sculpture Courtyard

1 E. Main Street
Mesa, AZ  85201 

7:30 a.m. Registration & Continental Breakfast sponsored by Siemens

8:30 a.m. Welcome and Opening Remarks

• Mayor Scott Smith
• Councilmember Dennis Kavanaugh

9:00 a.m. Keynote Address

• Mr. Kelvin Coleman, Director, State, Local, Tribal and Territorial Cybersecurity Engagement Program DHS National Cyber Security Division

9:30 a.m. Convenience vs. Security Expert Panel

Current Threats in an increasingly Networked World Panelist Bios

John Meza (Moderator), Assistant Chief, Mesa Police Department

James Choplin, Special Agent, Electronic Crimes Task Force, U.S. Secret Service

Dr. Dee H. Andrews, Ph.D. Senior Research Psychologist, Army Research Institute for the Behavioral and Social Sciences

Kristy Westphal, Director of Security Operation, T-Systems North America

Lonnie Benavides, Red Team Lead, The Boeing Company

Ilene Klein, City of Phoenix Office of Information Security and Privacy

Bill Kalaf, Executive Director - Intelligence-Led Policing, Mesa Police Department

 

During this session, the panel will outline and discuss many of the current threats affecting businesses, local government, users, such as social engineering, security of mobile devices and many of the trending applications on smart phones and PCs.

   

10:30 a.m. Networking Break

   

10:45 a.m. Closing Remarks

• Mayor Scott Smith

11:15 a.m. Adjournment

   

11:30 a.m. Post CyberSecurity Summit Break Out Session:  Methods for training supervisors to detect behavioral indicators of insider threat

Dr. Dee H. Andrews 

Senior Research Psychologist , U.S. Army Research Institute for the Behavioral and Social Sciences 

During this session, participants will get an overview of methods in training supervisors to spot and mitigate the cyber insider threat.  Statistics reveal that approximately 40% of the cyber incidents are caused by insiders.  

If you want to register for the U.S. Department of Homeland Security Cyber Security Summit then click Here. For additional information about Stop.Think.Connect. click Here

-Source (mesaaz.gov)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Cyber Security Summit Hosted By Department of Homeland Security (DHS)"https://www.voiceofgreyhat.com/2012/09/Cyber-Security-Summit-Hosted-By-DHS.html</a>

FBI Used LulzSec To Track & Spy on Wikileaks Founder Julian Assange

FBI Used LulzSec To Track & Spy on Wikileaks Founder Julian Assange

After the inside story of Anonymous former leader Hector Xavier Monsegur aka "Sabu" case get revealed, the world came to know that Sabu was working as an under cover agent of FBI which lead a series of arrest for several key members of hacker collective Anonymous & LulzSec. Now we got another twist which came from a new book written by Parmy Olson, the London bureau chief for Forbes Magazine, saying that FBI used an agent inside the LulzSec hacker group to track and spy on Wikileaks founder Julian Assange. According to the book, an associate of WikiLeaks contacted LulzSec spokesman Topiary on June 16 hours after the assault on the CIA. The two would eventually converse over an Internet Relay Chat channel that was reported to be witnessed by Assange, who confirmed his identity by providing a video to the hacker in real time during their chat. For a few weeks, writes Olson, Assange and/or his associate returned to the LulzSec IRC channel “four or five more times,” during which others occasionally engaged in conversation with both sides. During at least one of those conversations, Assange’s contact at WikiLeaks offered LulzSec a spreadsheet of classified government data contained in a file named RSA 128, which she says was heavily encrypted and needed the manpower of black hat hacktivists to decode.

According to an exclusive report of RT - Aside from a few unsealed court documents, details about the now-defunct hacktivism group LulzSec remains few and far between. One journalist is saying she got inside the organization though — along with Julian Assange.
“We Are Anonymous: Inside the Hacker World of LulzSec, Anonymous, and the Global Cyber Insurgency” is an upcoming book from Parmy Olson, the London bureau chief for Forbes Magazine. And although her alleged account has not yet hit the shelves, a lengthy excerpt has been leaked to the Web — and its contents suggest that that the world’s once most powerful hacking collective was in correspondence with WikiLeaks founder Julian Assange after he allegedly reached out to the organization for assistance. The US government says that they had already infiltrated LulzSec by then, though, meaning that WikiLeak’s plea to the hacking collective was actually being offered to an FBI mole.
According to Olson, the June 2011 attack on the public website of the US Central Intelligence Agency by LulzSec caught the attention of Assange, who was residing in the countryside manor of an English journalist while on house arrest.Once he saw that a LulzSec-led invasion had crippled CIA.gov, Assange allegedly sent out two tweets from the WikiLeaks Twitter account, only to delete the micomessages shortly after:
"WikiLeaks supporters, LulzSec, take down CIA . . . who has a task force into WikiLeaks," read one."CIA finally learns the real meaning of WTF” reads the other.
Assange “didn't want to be publicly associated with what were clearly black hat hackers” writes Olson, speaking of computer compromisers who target network for perhaps no real intention other than mischief making. “Instead, he decided it was time to quietly reach out to the audacious new group that was grabbing the spotlight,” she says. Olson says that one of those hackers aware the newfangled relationship was Hector Xavier Monsegur, who spearheaded LulzSec by serving as a leader of sorts under the handle Sabu. Perhaps unbeknownst to all engaged in the IRC chats, however, was that Sabu had been arrested on June 7 and, according to the federal government, began immediately working as an FBI informant.
"Since literally the day he was arrested, the defendant has been cooperating with the government proactively," Assistant US Attorney James Pastore said at a secret bail hearing on August 5 2011, according to a transcript released this March after his arrest was made public.
While details of Sabu’s escapades under the direct influence of the FBI are obviously being kept confidential, federal attorneys have said that the hacker more or less masterminded the group under their command until LulzSec dissolved on June 25; Jake Davis — Topiary — was arrested in the UK on August 1. If Olson’s allegations add up, that could mean that the FBI’s top-secret informant, Sabu, was speaking directly with America’s cyber-enemy number one: Julian Assange.
On Wednesday this week, the UK Supreme Court agreed to extradite Assange to Sweden, where he is facing a lawsuit unrelated to his involvement with WikiLeaks. Once there, however, the United States may be able to more easily fight to have him sent stateside to be charged with aiding the enemy — the crime being pegged to alleged WikiLeaks contributor Bradley Manning, who now faces life in prison for that involvement. The uncertainty of who exactly conversed with whom might be near impossible to confirm given the widespread anonymity of hacktivists tied with LulzSec and Anonymous alike, but if Olson’s account adds up, the FBI’s inside man may very well have come close to working with Assange. On his part, Topiary claims that he never received the RSA 128 file.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">FBI Used LulzSec To Track & Spy on Wikileaks Founder Julian Assange"https://www.voiceofgreyhat.com/2012/06/fbi-used-lulzsec-to-track-spy-on.html</a>

WikiLeaks Releases 'Detainee Policies' The Dark History of U.S. Post-9/11 Military Prisoners

WikiLeaks Releases 'Detainee Policies' The Dark History of U.S. Post-9/11 Military Prisoners 

The WikiLeaks website began publishing the 'Detainee Policies' on Thursday what it said more than 100 classified or otherwise restricted files from the United States Department of Defense covering the rules and procedures for detainees in U.S. military custody. “The Detainee Policies,” a collection of more than a hundred once-secret files outlining America’s military detainee practices from Guantanamo to Iraq since 2002. WikiLeaks says it plans to release the files in chronological order to paint a picture of the evolution of America’s military detainee practices since September 11th in prisons from Guantanamo to Iraq to Europe. Unlike other recent releases, with the Detainee Policies WikiLeaks seems to be focusing on history more than news: Its first release is the 2002 Guantanamo Camp Delta standard operating procedure manual, a kind of prequel to the 2003 and 2004 manuals from camp it’s already published in past years. Other documents in the collection, WikiLeaks says, will show American attempts to “disappear” detainees by delaying the process of entering them into the detainment system’s records, or detail psychological torture methods. According to WikiLeaks official site - "Over the next month, WikiLeaks will release in chronological order the United States’ military detention policies followed for more than a decade. The documents include the Standard Operating Procedures (SOPs) of detention camps in Iraq and Cuba, interrogation manuals and Fragmentary Orders (FRAGOs) of changes to detainee policies and procedures. A number of the ’Detainee Policies’ relate to Camp Bucca in Iraq, but there are also Department of Defense-wide policies and documents relating to Abu Ghraib, Guantanamo Bay and European U.S. Army Prison facilities." 

According to the press release of WikiLeaks :-  The previously unpublished 2002 manual went on to shape successive years in the Guantanamo Bay prison complex and other U.S. military prisons around the world, such as Abu Ghraib. "This document is of significant historical importance. Guantanamo Bay has become the symbol for systematised human rights abuse in the West with good reason," said WikiLeaks founder Julian Assange. "But how is it that WikiLeaks has now published three years of Guantanamo Bay operating procedures, but the rest of the world’s press combined has published none?"

In relation to Iraq, the release includes Operation Orders (OPORD) regarding policies for screening and interrogating detainees. The documents also include routine instructions relating to staffing, scheduling of legal visitation, procedures for administering medical treatment, how medical records and daily staff journals are to be kept, cigarette rationing and what items are "authorised for detainee possession".

A number of what can only be described as ’policies of unaccountability’ will also be released. One such document is the 2005 document ’Policy on Assigning Detainee Internment Serial Numbers’. This document is concerned with discreetly ’disappearing’ detainees into the custody of other U.S. government agencies while keeping their names out of U.S. military central records – by systematically holding off from assigning a prisoner record number (ISN). Even references to this document are classified "SECRET//NOFORN". Detainees may be disposed of in this manner without leaving a significant paper trail.

Another formal policy of unaccountability is a 2008 Fragmentary Order that minimises the record-keeping surrounding interrogations. Following revelations of torture tapes and pictures from Abu Ghraib and the political scandal over the destruction of Central Intelligence Agency interrogation tapes, the FRAGO eliminates "the requirement to record interrogation sessions at Theatre Internment Facilities". Although the FRAGO goes on to state that interrogations that take place at Division Internment Facilities and Brigade Internment Facilities must be recorded, it then states that these should be "purged within 30 days". This policy was subsequently reversed by the new Obama administration.

WikiLeaks founder Julian Assange said: "The ’Detainee Policies’ show the anatomy of the beast that is post-9/11 detention, the carving out of a dark space where law and rights do not apply, where persons can be detained without a trace at the convenience of the U.S. Department of Defense. It shows the excesses of the early days of war against an unknown ’enemy’ and how these policies matured and evolved, ultimately deriving into the permanent state of exception that the United States now finds itself in, a decade later."

A number of documents relate to the policies surrounding the interrogation of detainees (2004, 2005, 2008). Direct physical violence is prohibited, in writing, but a formal policy of terrorising detainees during interrogations, combined with a policy of destroying interrogation recordings, has led to abuse and impunity. We learn of policies that apply to international forces: a 13-page interrogation policy document from 2005 relates to all personnel in the Multi-National Force–Iraq (MNF–I). It details "approved" "interrogation approaches". The documents detail the promotion of exploitative techniques such as the "Emotional Love Approach: Playing on the love a detained person has for family, homeland or comrades". In the "Fear Up (Harsh)" approach, by contrast, "the interrogator behaves in an overpowering manner with a loud and threatening voice in order to convince the source he does indeed have something to fear; that he has no option but to co-operate".

The ’Detainee Policies’ provide a more complete understanding of the instructions given to captors as well as the ’rights’ afforded to detainees. We call upon lawyers, NGOs, human rights activists and the public to mine the ’Detainee Policies’ and investigate important issues such as the denial of access to the ICRC (International Committee of the Red Cross) to detainee facilities, as well as to research and compare the different generations of SOPs and FRAGOs to help us better understand the evolution in these policies and why they have occurred. Publicise your findings using the hashtag #WLfindDP

Here we want to give you reminder that earlier in this year we got several leaks from WikiLeaks, among them -SpyFiles, GI Files (Global Intelligence Files & Five Million E-mails From Stratfor) & The Syria Files Containing 2.5 Million Emails of Syrian Politicians, Govt, Ministries & Companies.  

For detailed information & to download to latest release by WikiLeaks on 'Detainee Policies' Click Here

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">WikiLeaks Releases 'Detainee Policies' The Dark History of U.S. Post-9/11 Military Prisoners"https://www.voiceofgreyhat.com/2012/10/WikiLeaks-Releases-Detainee-Policies.html</a>

Indian army officer's ( ISI Major) email hacked

A serving Inter-Services Intelligence (ISI) officer Major Sameer Ali hacked an Indian Army major's e-mail account in 2010 and extracted many sensitive documents, intelligence sources said. Ali has been named by India in the list of 50 'most wanted' terrorists sheltered by Pakistan for involvement 
in the Mumbai attacks conspiracy,The news of the hacking was given to Indian probe agencies by the FBI, which was then interrogating Mumbai attack accused David Coleman Headley.  The US agency told the CBI Ali had been accessing an Indian Army officer's rediffmail account from the ISI headquarters.
The hacked account was traced to Major Shantanu De of 21 Bihar Regiment, who was at that time posted in the Andamans. De's computer was seized and scrutinised jointly by the Intelligence Bureau, National Investigation Agency and the Military Intelligence.
What was baffling was that his computer and e-mail had more than 4,000 sensitive documents - some of them marked 'secret' and 'top secret'-which he was not supposed to be in possession of, leading to suspicions of espionage on part of Major De.

While the joint investigation cleared De, it came to light how an innocuous posting of his own photograph in uniform in the social networking site Orkut with his various details made him the ISI's target.
He had collected the documents out of interest and also to prepare for his departmental exams that were slated for September 2010.
De has since been demoted after being held guilty of violating the Army's Standard Operating Procedures on cyber security.
Another of Ali's colleague in the ISI, Major Iqbal, who also figures in India's "most wanted" list, was Headley's handler for the ISI.
On April 26, a US court had also chargesheeted Major Iqbal for conspiracy in the 2008 Mumbai terror strike. Iqbal's role has also been confirmed by Headley during his confessions.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Indian army officer's ( ISI Major) email hacked"https://www.voiceofgreyhat.com/2011/05/indian-army-officers-isi-major-email.html</a>

British Spy Agency GCHQ Performed DDoS Attack Against Anonymous -Snowden Documents Transpired

British Spy Agency GCHQ Performed DDoS Attack Against Hacktivist Anonymous & LulzSec -Snowden Documents Transpired

While excavating the past, it was always found that cyber criminals, large hacker collective groups were the culprits for engaging voluminous denial of service attack. But this widely transfusing story get a one eighty degree reverse turn, when the former NSA contractor Edward Snowden revealed another trade secret. Recently a lurid story get spot lighted, as the whistle blower Snowden unfold yet another breathtaking stealthy  documents taken from the National Security Agency. The clandestine documents taken the mask from the so called good guys, unveiling British spy agency GCHQ had launched a secret war against the infamous hacktivist collective Anonymous and a splinter group known as LulzSec several years ago. Many of you guessed right, this was happened when Anonymous were targeting various UK companies and government websites. The documents disclose that GCHQ carried out seemingly illegal DDoS attacks against the collective, flooding their chatrooms with so much traffic that they would become inaccessible – and all with the approval of the British government. The revelations come less than a year after several LulzSec activists were jailed by a British court for carrying out similar DDoS attacks against targets including the CIA, the UK’s Serious Organized Crime Agency (SOCA), News International, Sony and the Westboro Baptist Church, among others. 

This sensational issue was made public by NBC News deferentially with the help of none other than Edward Snowden. In their exclusive report headed 'War on Anonymous: British Spies Attacked Hackers,' NBC said -The blunt instrument the spy unit used to target hackers, however, also interrupted the web communications of political dissidents who did not engage in any illegal hacking. It may also have shut down websites with no connection to Anonymous. According to the documents, a division of Government Communications Headquarters (GCHQ), the British counterpart of the NSA, shut down communications among Anonymous hacktivists by launching a “denial of service” (DDOS) attack – the same technique hackers use to take down bank, retail and government websites – making the British government the first Western government known to have conducted such an attack.

The documents, from a PowerPoint presentation prepared for a 2012 NSA conference called SIGDEV, show that the unit known as the Joint Threat Research Intelligence Group, or JTRIG, boasted of using the DDOS attack – which it dubbed Rolling Thunder -- and other techniques to scare away 80 percent of the users of Anonymous internet chat rooms. 

The existence of JTRIG has never been previously disclosed publicly. The documents also show that JTRIG infiltrated chat rooms known as IRCs and identified individual hackers who had taken confidential information from websites. In one case JTRIG helped send a hacktivist to prison for stealing data from PayPal, and in another it helped identify hacktivists who attacked government websites. 

As soon as this story getting all the spot lights, immediately the GCHQ responded to this saying all their movements and operations were lawful. “All of GCHQ’s work is carried out in accordance with a strict legal and policy framework which ensure[s] that our activities are authorized, necessary and proportionate, and that there is rigorous oversight, including from the Secretary of State, the Interception and Intelligence Services Commissioners and the Parliamentary Intelligence and Security Committee. All of our operational processes rigorously support this position.” -GCHQ said the press. To know more detail about this story, don't forget to stay tuned with VOGH. 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">British Spy Agency GCHQ Performed DDoS Attack Against Anonymous -Snowden Documents Transpired"https://www.voiceofgreyhat.com/2014/02/gchq-ddos-hacktivist-anonymous.html</a>

Team Ghost Exposed Secrete Documents of DOD, NATO, NSA, Home Land Security & Many More

The team "Ghosts" uploaded a .Zip file containing files from Government, Military, DOD, NSA, Homeland security, NATO and many more organizations. The download itself contained 27 PDF Files, 13 Microsoft Word Files, 1 ppt File and a Text file.
The text file contains 130+ login details  for a website that had been infiltrated an hour beforehand.

www.Westdorset.org.uk

The download contained information such as forms, Top secret cover sheets and restricted and classified information about the organisation.

To download the secrete file uploaded by  Ghost click Here

Twitter Page of Team Ghost:- https://twitter.com/BlackHatGhosts
FB Page of Team Ghost:- http://www.facebook.com/TeamGhosts

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Team Ghost Exposed Secrete Documents of DOD, NATO, NSA, Home Land Security & Many More"https://www.voiceofgreyhat.com/2011/09/team-ghost-exposed-secrete-documents-of.html</a>

#OP maZYNGA: Anonymous Targeted Zynga, Leaked Confidential Documents & Games

#OP maZYNGA: Anonymous Targeted Zynga, Leaked Confidential Documents & Games

Infamous hacker collective Anonymous again vows to destroy the most popular social network Facebook and one of its associate along with one of the best place to play online games Zynga. The offensive has been  named Operation MaZynga or dubbed #OP MaZynga. According to a post on AnonNews forum, the hacker group threatened to to take Facebook down on November 5 and release Zynga games to the public on that day for free if Zynga doesn't stop its alleged plans for massive layoffs and offshoring of jobs. Anonymous says that it has obtained secret documents about Zynga's strategy which includes a "massive layoff of a thousand people." The hacker group is ticked off about the jobs. "With a billion dollars cash sitting in a bank we do believe that such actions are an insult to the population and the behaviour of corporations like Zynga must change," it said. Last week, Zynga reported that it has $1.6 billion in cash, equivalents and marketable securities and confirmed that it laid off 150 people. As for rumors of bigger layoffs, these have been circulating for a while.

#OP MaZynga. Press Release From Anonymous:- 

Transcript:-

"Zynga customers and Facebook users , We are anonymous . During the last few days anonymous has been targeting Zynga for the outrageous treatment of their employees and their actions against many developers. 

We have come to believe that this actions of Zynga will result in massive layoff of a thousand people and legal actions against everyone that speaks to the public about this plan.

It will also come to end of the US game market as we know it as all this jobs will be replaced in other more convenient financial countries.

With a billion dollars cash sitting in a bank we do believe that such actions are an insult to the population and the behaviour of corporations like Zynga must change.

Anonymous could not allow this to happen so it's starting to release confidential documents we have leaked on this plan

As we speak we are planning to release also all the games we've taken from their servers for free.

That being said we will stop the idea of the distribution of such games if Zynga will cease immediately the plan.

The leaked strategy of Zynga , transcript:

Following the preliminary announced of this week the final strategy for the next two quarters has been successfully set to delivery by november 23 an additional but of 800 jobs with further raising of new capital from the market to support businesses.

We've identified our global gambling strategy with bwin.party and as we speak discussions are progressing with a partner to cover the US market.

Work is focused and on-going to completely outsource our development teams in our offices in Bangalore , India to hedge our position in the long term.

We've identified key new products from third parties such as Lovers in a Dangerous Spacetime , Shove Prod and Music Invaders in which we are starting business contacts to buy these IP for transaction value of approximately 20 million.

We strongly believe we will conclude these deals this month and compete with this titles against mobile competitors with ease.

Our business continues to evolve and we must evolve with it. We operate in a exciting and challenging industry and I am very pleased that our senior leadership team continue to strengthen and develop with us." 

 ******

Here are the documents it mentions:-

http://www.multiupload.nl/DELBKM7I2I mazyngaop_docs.zip (36.41 MB)

http://www.multiupload.nl/WV48I345JM ANON_MA_ZYNGA.7z (412.59 MB)

Not that above files have already been removed for “copyright infringement”. Here we want yo give you reminder that in 2011 Anonymous openly declared to take down Facebook. The operation was dubbed #Op-Facebook and Anonymous told that they will hit FB on the 5th of November last year. But in reality it was just a threat and as expected Anonymous failed to execute Operation Facebook. This year also members of Anonymous vows to re-engage the same operation on the same day (November 5th) also known as Guy Fawkes Day, named for the English historical figure from which Anonymous derives inspiration. So far neither Facebook, nor Zynga responded this message of the hacker group, so lets wait till November 5th, and stay tuned with VOGH for all the latest update on this & also other stories on cyber security, hacking & infosec industry. 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">#OP maZYNGA: Anonymous Targeted Zynga, Leaked Confidential Documents & Games"https://www.voiceofgreyhat.com/2012/10/OPMaZynga-Anonymous-Targeted-Zynga.html</a>

KDE 4.8 Release Candidate With Secret Service Is Available

After the release of KDE 4.8 Beta 1 now the KDE developer released the first release candidate for its renewed Workspaces, Applications, and Development Platform. With API, dependency and feature freezes in place, the KDE team's focus is now on fixing bugs and further polishing new and old functionality. Compared to Beta1, RC1 contains hundreds of fixes.

Highlights of 4.8 :-

• Qt Quick in Plasma Workspaces -- Qt Quick is making its way into the Plasma Workspaces, the new Plasma Components provide a standardized API implementation of widgets with native Plasma Look and Feel. The device notifier widget has been ported to using these components and is now written in pure QML. KWin's window switcher is now also QML-based, paving the way for newly designed window switchers.
• Dolphin's file view has been rewritten for better performance, scalability and more attractive visual appearance.
• KSecretService optionally enables a shared password storage, therefore making your saved passwords available to many other applicatios, leading to a more secure system and better integration of non-KDE apps into the Plasma Workspaces and KDE apps into non-Plasma workspaces.
• Many performance improvements and bugfixes improve the overall user experience, making the KDE Applications and Workspaces more productive and fun to use than ever before.

To Download KDE 4.8 Release Candidate Click Here

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">KDE 4.8 Release Candidate With Secret Service Is Available"https://www.voiceofgreyhat.com/2011/12/kde-48-release-candidate-with-secret.html</a>

Fin Bank of Nigeria Hacked By Hitcher (Database Compromised)

Official website of Fin Bank of Nigeria Hacked and defaced by Pakistani hacker Hitcher. He also hacked into the Databse of the Bank and exposed lots of top secret documents.

Hacked Site:-
http://www.finbank.com.ng/newhitcher.html
Mirror Link:-
http://legend-h.org/mirror/224188/finbank.com.ng/newhitcher.html

To download the Hacked DB Click Here

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Fin Bank of Nigeria Hacked By Hitcher (Database Compromised)"https://www.voiceofgreyhat.com/2011/09/fin-bank-of-nigeria-hacked-by-hitcher.html</a>

Internet Criminals Targeting Smaller Companies

Last week Sony announced that its PlayStation Network fell victim to hackers. This was embarrassing for the company, worrisome for gamers and just proved that big companies remain targets. But last week Verizon also released its annual Data Breach Investigation and there was good news and bad news.

The good was that cyber criminals were far less successful in 2010, with the amount of data that was obtained or compromised falling dramatically last year. One reason cited is that law enforcement has begun to crack down on cyber crime, with one individual receiving a 20-year prison sentence last year. In total the Secret Service arrested more than 1,200 suspects last year for cyber crime violations.

So what’s the bad news? Instead of targeting large companies, it seems the new breed of cyber criminals is going after smaller companies that tend to be less well-guarded. According to reports, about 40 percent of the breaches were in the hospitality industry, 25 percent in retail and 22 percent in financial services.

Attacks against small business have been on the rise since 2008, and in according to a recent report from KnowBe4 in 2009 cyber criminals extracted nearly $400,000 from a Florida dentist’s account! Talk about a painful extraction.

But it was also a savvy style of attack, where Robert Thousand Jr. received thousands of calls to his business, home and mobile phones. These calls consisted of 30-second long recorded messages from a sex hotline – and these were done to keep Thousand’s phone lines tied up while cyber criminals made five transfers totaling $399,000 from a TD Ameritrade retirement account.

Cyber criminals also targeted lawyer Kimberly Graus, bypassing her anti-virus software to initiate $35,000 in wire transfers from a trust fund she managed. She was likely the victim of a phishing attempt, which installed malware that allowed hackers to capture her account passwords.

Both Graus and Thousand had virus protection in place, but today’s savvy hackers are finding inventive ways around it.

Part of the issue for small business is that identity theft is often a large component of the cyber crime. When fraud strikes it reportedly costs the average consumer $631 and take on average 130 hours to recover from identity theft

The good news is that help may be on the way. Last month President Barack Obama stated that he is looking to create an “identity ecosystem” that could include unique software that creates one-time digital passwords. This is part of the National Strategy for Trusted Identities in Cyberspace (NSTIC).

The most important thing to do is to always be on guard, and not to be the low hanging fruit for cyber crimina

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Internet Criminals Targeting Smaller Companies"https://www.voiceofgreyhat.com/2011/05/internet-criminals-targeting-smaller.html</a>

Executives underestimate cybercrime danger

These are boom times for stolen data. Be it the publication of secret diplomatic cables on Wikileaks, foreign intelligence services mining data from German government computers, or the case of Sony, which had to admit that information on millions of customers had been hacked, the incidence of sensitive data being stolen from protected networks is on the rise.
German business leaders are well aware of this phenomenon, according to consulting firm Ernst & Young, which surveyed 400 executives on the topic of economic espionage and data theft. Almost all the respondents said they were convinced that the problem would become even more serious in the future, especially in countries and regions such as Asia, China, eastern Europe, Russia and the US.
However, Ernst & Young found a remarkable contradiction in its poll. While 94 percent of those leaders surveyed talked about the growing danger of cybercrime, 38 percent said they thought the threat to their own firm was rather small.



Digital denial
One-half of those polled said the danger posed to their companies was only moderate, and only one in ten admitted that their firms had been victims of corporate espionage or data theft in the past three years.
"This is far removed from reality," said Stefan Heissner, a security expert at Ernst & Young. "Our experience tells us that every company faces this risk, not just large corporations."
He added that many executives do not take the risk seriously enough.
"All information today can be accessed in some way and those who don't accept that live with a sense of false security," he said.


In-house problem
Sometimes simple online searches and the collection of data from different sources, available to anyone with an Internet connection, can lead to the assembly of amazingly complete troves of sensitive information.
Getting hold of important information doesn't always involve a talented hacker or direct access to a data-rich computer and a USB stick. Sometimes human vanity is enough, according to Heissner.
"Just think of the amounts of know-how some people reveal in speeches at conferences or trade fairs," he said. "It's sometimes really dramatic."

However, the most dangerous risk for companies is not hackers from another continent - experience bears out – but disgruntled in-house workers. In two-thirds of data theft cases, companies say their own employees were the guilty parties.
In about half of those instances, monetary gain was the motive, although one-third involved taking revenge for some kind of slight, perceived or otherwise.
"A good defense against data theft is satisfied employees," said Heissner.


Antitrust issues
Computers in a company's administration department are most frequently targeted, even more often than those in research and development sections. According to Heissner, that is because a company's administration usually has to have an immense amount of information on its computer drives just to be able market its own products.
That means data theft from these machines often becomes an antitrust issue if the material taken is related to product launches or pricing.
"Some cases where antitrust authorities suspect price collusion among companies are in fact instances of data theft by competitors," Heisser said.



Lax security
Many firms struggle to establish effective countermeasures to prevent data theft. While most companies do have a basic system of firewalls and passwords in place, big holes often remain.
Only one in five companies forbid CD burners or USB ports on its computers, which are often used by data thieves absconding with precious data. Only about 18 percent of companies prohibit employees from accessing the Internet. And just 6 percent have installed so-called intrusion detection systems, which can alert system administrators when outside parties try to breach computer security walls.
In addition, only one in ten firms is certified according to standards set out by the Federal Office of Information Security (BSI), which investigates IT security risks and develops preventive security measures.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Executives underestimate cybercrime danger"https://www.voiceofgreyhat.com/2011/05/executives-underestimate-cybercrime.html</a>

SAMHAIN v2.8.4 is now available

The samhain open source host-based intrusion detection system (HIDS) provides file integritychecking and logfile monitoring/analysis, as well as rootkit detection, port monitoring, detection of rogue SUID executables, and hidden processes.
It has been designed to monitor multiple hosts with potentially different operating systems, providing centralized logging and maintenance, although it can also be used as standalone application on a single host.


Difference between the previous version and the new one:-

• Some bugs have been fixed that under certain circumstances would cause samhain to hang or crash when reloading the configuration file.
• A compile error in the samhain_hide.ko kernel module has been fixed. However, it has been found that this module will not work anymore with recent kernels because of protection measures introduced in newer kernel.
• A contributed patch for samhainadmin.pl has been included (allows to specify the location of the secret keyring).
• The (l)stat timeout has been increased to fix spurious timeouts under heavy load.
• The Apache logfile parser has been enhanced to allow the insertion of arbitrary regexes into the format definition.
• New options PortcheckMinPort, PortcheckMaxPort allow to define the port range for the openports check (requested feature).

Download SAMHAIN v2.8.4 (samhain-current.tar.gz) here

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">SAMHAIN v2.8.4 is now available"https://www.voiceofgreyhat.com/2011/05/samhain-v284-is-now-available.html</a>

The White House Official Facebook Page Hacked

Official Facebook page The White House defaced for a short time on Sunday, the tenth anniversary of the 9/11 terror attacks, with posts that appeared to be from Al-Qaeda, Taliban, or perhaps another terrorist organization.The posts came as authorities continue to exercise caution over what they called a "credible" threat against the United States, one that may involve attacks on infrastructure such as bridges or tunnels. The information provided by a source was scant, but indicated that three men would travel from Pakistan to the U.S. to carry out an attack.

The messages have been removed from the Facebook page, but one message, which featured an image of now dead 9/11 mastermind and Al-Qaeda leader Osama bin Laden, said, "We'll come back U.S.A. One day only 11/9/2011." Despite the format, the message refers to 9/11, using the day / month format used in other parts of the globe.

Another said, "We'll come to u white house sooooooooooon." A third said, "We'll come back 11/9/2011 to kill u all."

Secret Service spokesman Ed Donovan said that the agency had referred the messages to its Internet threat desk. 

-News Source (Examiner) 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">The White House Official Facebook Page Hacked"https://www.voiceofgreyhat.com/2011/09/white-house-official-facebook-page.html</a>

ANC Youth League Hacked by ‘Warbird’

Hours after a South African newspaper revealed that the lavish lifestyle of ANC Youth League (ANC YL) president Julius Malema was being bankrolled by a secret trust fund, the organisation’s website has been hacked.
The hack takes the form of a banner across the top of the site and shows a laughing Malema with silhouetted masses gathered behind him. Alongside the picture is the text “HA HA HA I have a 16 Million Rand house [sic]And all of you don’t!!!”. Clicking on the banner directs users to a page of comments in support of the league’s controversial policy of nationalising South Africa’s mines.
The youth wing of South Africa’s ruling party has been beset by internet security issues in recent months. In March this year, a fake post was put on the page claiming that Malema was going to step down as president of the organisation.
At the time of writing, the league had not taken down the banner, nor had it commented on the hack.
The story which prompted the attack had, however, received some attention. A statement on the story suggests that the league views it as part of a series of “continued attempts by sections of the media and right wing political parties to divert attention of the ANC YL and South African society through spread of pathetic lies”.
Alongside hacks like the ones listed above, the ANC YL has a history of mishandling its own online presence.
The most infamous instance of this mishandling arose from its reaction to the existence of a fake Malema twitter account late last year. In an open letter, the league famously threatened to “closer (sic.) Twitter if its administrators are not able to administer reports for violation of basic human rights and integrity”.
In the aftermath of this statement, the number of fake Malema accounts kept growing until it was impossible to tell which, if any, belonged the real Julius Malema and which belonged to the original, fake Julius Malema .

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">ANC Youth League Hacked by ‘Warbird’"https://www.voiceofgreyhat.com/2011/07/anc-youth-league-hacked-by-warbird.html</a>