This Cyber Security Lab has been optimally designed to tackle the challenges of Cyber Security in a comprehensive and multidisciplinary way. TNO’s CSL offers highly promising cyber-innovation projects not only its existing expertise but also the technical facilities and a safe working environment.
Archive for the ‘Network Security’ Category
Italian Anonymous Members Were IT Professionals Who Offered Their Services To Their Victims. They Also Ratted Out 30 Fellow HackersPosted: 2013/05/19 in Cybercrime, Education / Awareness, Enforcement, Network Security, Privacy / Data Protection, Public Policy, Stats / reports
Pirates and black hats both cowards when AFK. 4 Italian Anonymous members have been arrested after 10 homes were raided. 6 others under investigation
Dutch language news article:
It’s about the devices, not the content…
Security researchers from Trend Micro have uncovered an active cyberespionage operation that so far has compromised computers belonging to government ministries, technology companies, media outlets, academic research institutions and nongovernmental organizations from more than 100 countries.
The operation, which Trend Micro has dubbed SafeNet, targets potential victims using spear phishing emails with malicious attachments. The company’s researchers have investigated the operation and published a research paper with their findings Friday.
Four Anonymous/Lulzsec hackers handed jail sentences: 20 months suspended, 24 months, 30 months and even 32 monthsPosted: 2013/05/16 in Cybercrime, Education / Awareness, Enforcement, Jurisprudence, Litigation, Network Security, Organized Crime, Privacy / Data Protection, Public Policy, Stats / reports
Convicts: Ryan Cleary, Jake Davis, Mustafa al-Bassam and Ryan Ackroyd
Targets included the CIA, the U.S. Air Force, Sony Pictures, games maker EA, News International and the UK’s Serious Organised Crime Agency
- hacking into the US Air Force’s computers and possession of indecent images of babies and children;
- possession of images showing child abuse;
- stealing emails, credit card details and passwords from their targets’ computer servers and crashing victims’ websites with distributed denial of service (DDoS) attacks;
- providing the software to carry out attacks and posting stolen data online;
- stealing data from Sony;
- redirecting visitors trying to visit the Sun newspaper’s site to a fake story about News Corp chairman Rupert Murdoch committing suicide;
- an unauthorised act to impair the operation of a computer;
- hacking and launching cyber-attacks against organisations including the CIA and Soca.
Britain’s biggest businesses are draughting up cyber-security apprenticeships to train the online samurais of the futurePosted: 2013/05/16 in Cybercrime, Education / Awareness, Enforcement, Network Security, New Business Models, Privacy / Data Protection, Stats / reports
Organizer of International Securities Fraud Ring Sentenced to Prison for Using Hackers to Falsely Inflate Stock PricesPosted: 2013/05/15 in Cybercrime, Education / Awareness, Enforcement, Network Security, Public Policy, Stats / reports
Just the other day, the New York Post outed Bloomberg reporters for monitoring Bloomberg terminals to track Wall Street traders’ accounts. Now, the Financial Times has pointed out another egregious but unrelated security problem: apparently more than ten thousand confidential terminal records have been on the Internet—searchable by Google—probably for years.
Bloomberg has blocked its journalists from eavesdropping on users of its financial data terminals after it emerged that reporters were obtaining stories through their snooping.
Financial services firms, including merchant banks, pay about $20,000 a year to rent each Bloomberg terminal. Thousands of traders in stock exchanges around the world use the terminals to obtain real-time data from multiple financial markets, as well as access to news and instant messaging features.
CNN reports that a Bloomberg reporter asked a Goldman executive if a partner at the bank had recently left, after noting that the partner hadn’t logged into his Bloomberg terminal in some time. Goldman insiders later discovered that journalists at Bloomberg could access login records for Bloomberg’s proprietary terminals, as well as seeing how many times individual users had used particular functions.
Surreptitious access to the terminals had been possible for years, as a hangover from the 1990s when Bloomberg’s reporters also formed part of its sales operation.
A West Side man suspected of helping crash Sony’s online game servers worldwide in 2008 will spend a year on house arrest. But not for the hacking.
Instead, Todd M. Miller, 23, was sentenced yesterday in federal court for obstructing a federal investigation because he smashed his computers, halting an FBI investigation into his hacking. U.S. District Judge Peter C. Economus said Miller was part of the KCUF clan, a group of hackers who organized an attack on Sony’s computer servers in San Diego in 2008 and beyond. After the FBI interviewed Miller in 2011, they returned with a search warrant and found that his hard drives were missing and he had smashed his computers.
Without the computers, the FBI did not have enough evidence to pursue hacking charges against Miller and another unnamed Columbus man, according to court records. Miller, who has a ninth-grade education, told the judge that he was “immature and ignorant and caught up with the wrong people at the wrong time” when he destroyed the computers. He said he has learned his lesson.
“You will not see me again,” he told Economus.
The judge also sentenced him to three years probation and ordered him to get his high-school equivalence certificate. Miller could have been sentenced to 20 years in prison and fined $250,000. Economus told Miller he could “see no purpose in sentencing you to prison” because Miller has a full-time job and some stability in his life after a tumultuous childhood.
Google And Apple Can Access Or Provide Access To Data Stored On Your Encrypted Google Or Apple DevicePosted: 2013/05/10 in Education / Awareness, Enforcement, Google, Network Security, Privacy / Data Protection, Public Policy, Stats / reports
5.5 million domain names allegedly at risk. Name.com and Melbourne IT have stepped forward to confirm security breachPosted: 2013/05/09 in Cybercrime, Education / Awareness, Network Security, Privacy / Data Protection, Stats / reports
Dutch Professor And Cyber Expert Jaap Van Till: Dutch Government Is In Denial About Cyber Security Risks. Noobs Should GO AND PLAY GOLF!Posted: 2013/05/08 in Cybercrime, Education / Awareness, Enforcement, Network Security, New Business Models, Organized Crime, Privacy / Data Protection, Public Policy, Stats / reports, Tech Evolution
- The Dutch government does NOT take cyber security risks seriously;
- Politicians and officials are denying and ignoring the problems;
Professor Van Till states:
“It’s incredible that there are still so many people in high places that have absolutely no clue about networks”
“People don’t need to have knowledge about everything. But they do need more knowledge than they currently have. And otherwise they should go and play golf or something.”
In addition to those embarrassing observations, CEO Ronald Prins of Fox-IT stated: “The Netherlands is lacking direction on a high level. People are only learning on the basis of security incidents.”
He also argued that the Dutch government will only take action after the fact. The country is lacking a mechanism for proactive and preventative action…
Dutch language news article:
When Authorities Discover That Pirates Can Be Hackers Too And Vice Versa…And Have Hell’s Angels For FriendsPosted: 2013/05/04 in Cybercrime, Education / Awareness, Enforcement, Network Security, Organized Crime, Privacy / Data Protection, Public Policy, Stats / reports
People with computer skills can engage in all sorts of legal and illegal activities on behalf of all sorts of “friends”. Cyber criminals are always looking for a variety of opportunities while enforcement authorities leave it to the “illegal act” and related section(s) in the national penal code to decide whether or not they will act against cyber criminals (and their “associates”)…
In November “MG” was interrogated again but refused to have a lawyer present. After being shown chatlogs he told his interrogators that “tLt” was Gottfrid Svartholm.
Evidence also gathered from MG included forensics on his cellphone which revealed tools for cracking WiFi networks. Text documents within them contained the exact same login credentials used to access Logica’s servers. The same data was found on his Ubuntu One cloud storage account. MG later went on to admit that he had used the name “diROX” online.
MG denied that he’d downloaded any data through the tax intrusions but admitted carrying out queries on his friends. The interrogator asked ‘MG’ if those friends are members of the “Hells Angels” – MG said that was possible.
What followed next was an exchange where MG implied he was scared for his safety so couldn’t say anything more. His interrogators suggested things were still going to look bad for him with his ‘friends’ whether he cooperated or not. MG’s lawyer stepped in and put an end to the approach.
Gottfrid also admitted to owning two computers, a desktop and a Macbook, that were found in his Cambodia apartment. He said the computers were used as servers, not by him personally, and were accessed via the Internet by individuals he admitted knowing and meeting.
“These people then, who have accessed [the servers]. Do you want to say something about them?” the interrogator asked.
Gottfrid responded “No…[..] because I fear for my own life.”
Don’t forget, some of them will be able to activate the microphone too…
Or did you really believe that the existing ‘tag your friends’ and ‘security questions’ schemes were only about enabling you to regain access to the social network? Wake up…it’s all about making you disclose the purest and most truthful levels of information…
Poor security practice and misjudgement allowed the hackers to siphon off terabytes of data, potentially compromising national securityPosted: 2013/05/02 in Cybercrime, Education / Awareness, Network Security, Privacy / Data Protection, Public Policy, Stats / reports
Britain’s businesses are being left vulnerable to crippling cyber attacks due to a severe lack of security skillsPosted: 2013/04/30 in Cybercrime, Education / Awareness, Network Security, Privacy / Data Protection, Stats / reports, Tech Evolution
Pirate Bay co-founder Gottfrid Svartholm Warg denies charges. Says that evidence against him was plantedPosted: 2013/04/30 in Copyright, Cybercrime, Education / Awareness, Enforcement, File Sharing, Illegal File Sharing, Litigation, Network Security, Organized Crime, Privacy / Data Protection, Public Policy, Stats / reports, Tech Evolution
Much of the prosecution’s evidence was obtained from a computer seized from Gottfrid. The Pirate Bay co-founder says that the information was placed there via the Internet but he won’t name the culprit out of fear of reprisals.