Two Alleged Members of Anonymous Cambodia Arrested

Eduard Kovacs


“A couple of 21-year-old students believed to be members of Anonymous Cambodia have been arrested. Local authorities collaborated with the FBI on the investigation.”


Cybercrime Made More Affordable – The Implications


“Before the end of the month, we will release a new paper in our Cybercriminal Underground Economy Series titled Russian Underground Revisited. This is a followup to our earlier paper Russian Underground 101; both papers examined the Russian Underground and looked at the goods and services being sold inside these underground communities.”


Verizon: Espionage hacking grows, with more from east Europe




“Hacking for espionage purposes is sharply increasing, with groups or national governments from Eastern Europe playing a growing role, according to one of the most comprehensive annual studies of computer intrusions.”


RedHack Hackers Target Aktif Bank over Controversial e-Ticketing System


Eduard Kovacs


“Members of the hacktivist collective RedHack claim to have breached into the systems of Aktif Bank (, Turkey’s largest privately owned investment bank. The attack comes just as the bank introduced a controversial e-ticketing system for soccer (football) fans.”


Mounties always get their man: Heartbleed 'hacker', 19, CUFFED


Shaun Nichols


“A teen suspected of exploiting the Heartbleed bug to rifle through Canada's tax computer systems has been arrested.”


Putin tells Snowden: Russia conducts no US-style mass surveillance


Neil McAllister


“Vladimir Putin has said that Russia has no mass telephone and internet surveillance programs to compare with those in the United States.”


The security software being used by Edward Snowden to evade NSA


Praveen Kashyap


“Everyone was shocked and mostly the NSA-When one of the NSA employee ‘Edward Snowden’ leaked the internal information to the public that US Govt. Spies on people of own country, as well as other country, but one thing also was unique that how Snowden bypassing his networks, that none of them able to stop distributing the leaks online or to media.


How to confirm your systems aren’t suffering a major Heartbleed


David Kelleher


“The Internet was rocked last week when a two-year-old bug in OpenSSL was revealed. Heartbleed, as the vulnerability is known, can result in massive information disclosure through simple requests that require no privileges, and leave no logs. Anything from command history to other users’ credentials to private keys can be exposed, and the aftershocks of this revelation will go on for months as SysAdmins try to patch their systems and data losses are reported. CVE 2014-0160 details the vulnerability."


Akamai Withdraws Proposed Heartbleed Patch


Mathew J. Schwartz


“As researchers demonstrate OpenSSL bug exploits that retrieve private keys, Akamai rescinds a patch suggestion for the SSL/TLS library after a security researcher punches holes in it.”


Heartbleed: Android Phones Still at Risk for Data Breach


Justin Bachman


“The Internet security world mobilized to tackle the Heartbleed software bug. But although most of the holes have been patched, a big one remains: Millions of smartphones still operate on Android version 4.1.1, which remains vulnerable to hackers exploiting a design flaw in the bedrock encryption software OpenSSL. It’s a good time to check what your phone is running.”


First sites admit data loss through Heartbleed attacks


Martyn Williams


“Canada's tax authority and a popular British parenting website both lost user data after attackers exploited the Heartbleed SSL vulnerability, they said Monday.”



New Snowden Leak Reports ‘Groundbreaking’ NSA Crypto-Cracking

Kevin Poulsen


“The latest published leak from NSA whistleblower Edward Snowden lays bare classified details of the U.S. government’s $52.6 billion intelligence budget, and makes the first reference in any of the Snowden documents to a “groundbreaking” U.S. encryption-breaking effort targeted squarely at internet traffic.”


Major DDoS attacks .cn domain; disrupts Internet in China


Michael Kan


“China's Internet was hit with a major distributed denial of service (DDoS) attack Sunday morning that briefly disrupted and slowed access to sites in the .cn domain. The DDoS attack was the largest in history against the domain servers for China's .cn ccTLD (country code top level domain), according to the China Internet Network Information Center (CNNIC), which administers the domain.”



NSA hacked into encrypted UN communications, leaked documents show

David Meyer


“The NSA successfully cracked the encryption guarding the United Nations’ internal videoconferencing system, according to documents seen by Germany’s Der Spiegel.”



Exclusive: UK’s secret Mid-East internet surveillance base is revealed in Edward Snowden leaks

Duncan Campbell , Oliver Wright , James Cusick , Kim Sengupta


“Britain runs a secret internet-monitoring station in the Middle East to intercept and process vast quantities of emails, telephone calls and web traffic on behalf of Western intelligence agencies, The Independent has learnt.”



German IT officials reportedly deem Windows 8 too ‘dangerous’ to use

Brad Reed


“The National Security Agency’s snooping practices may be costing American companies a lot of money. German publication Zeit Online has obtained leaked documents that purportedly show that IT experts within the German government believe that Windows 8 contains back doors that the NSA could use to remotely control any computers that have it installed.”


Hacker Reveals How Devastating A Cyberattack On The Stock Market Could Be


Paul Szoldra


“Of all the horrifying scenarios that hackers could pull off — from launching nukes to spoofing air traffic control — the one that poses the biggest risk for Wall Street would be a cyber attack on equity markets.”



Millions stolen from US banks after 'wire payment switch' targeted

Danielle Walker,millions-stolen-from-us-banks-after-wire-payment-switch-targeted.aspx


“Criminals have recently hijacked the wire payment switch at several US banks to steal millions from accounts, a security analyst says. Gartner vice president Avivah Litan said at least three banks were struck in the past few months using "low-powered" distributed denial-of-service (DDoS) attacks meant to divert the attention and resources of banks away from fraudulent wire transfers simultaneously occurring.”



Snowden downloaded NSA secrets while working for Dell, sources say

Mark Hosenball


“Former intelligence contractor Edward Snowden began downloading documents describing the U.S. government's electronic spying programs while he was working for Dell Inc in April 2012, almost a year earlier than previously reported, according to U.S. officials and other sources familiar with the matter.”



Tibetans Under Cyber Attack – And The Security Industry Isn’t Helping

Tom Brewster


“Every month or so, a report on the latest malware attack aimed at Tibetans will emerge. But the reality is the frequency and range of Internet-based assaults on the people of Tibet, as well as their families, friends and associates, are far greater than people know. Attacks happen pretty much every day,” says Nart Villeneuve, from FireEye. Activists, Tibetan leaders and human rights activists operating in the area are the traditional targets. Off-the-shelf malware is regularly thrown at their systems, as highlighted this week, when the website of the Central Tibetan Administration, the Tibetan Government-in Exile’s official Chinese language website, was hacked. Once users visited the site, they were redirected to an exploit that dropped a backdoor on their systems.”


Suspected DDoS blackmailers arrested at Heathrow airport


Graham Cluley


“British police have arrested two men in connection with an internet attack against an online gambling website. The two Polish men, who have been named by the media as Piotr Smirnow, 31, of Warsaw, and 35-year-old Patryk Surmacki, of Szczecin, were arrested at Heathrow airport on Wednesday on suspicion of threatening a Manchester-based online casino with a DDoS (distributed denial-of-service) attack.”


EU among priority spy targets for NSA — Germany's Der Spiegel


“The European Union is ranked as a key priority in a list of spying targets for the US National Security Agency, German weekly Der Spiegel said Saturday, citing a document leaked by former intelligence contractor Edward Snowden.”



NSA to cut system administrators by 90 percent to limit data access

Jonathan Allen


“The National Security Agency, hit by disclosures of classified data by former contractor Edward Snowden, said Thursday it intends to eliminate about 90 percent of its system administrators to reduce the number of people with access to secret information.”


REVEALED: Cyberthug tool that BREAKS HSBC's anti-Trojan tech


John Leyden


“Cybercrooks on an underground forum have developed a technique to bypass anti-Trojan technology from Trusteer used by financial institutions worldwide – including HSBC and Paypal – to protect depositors from cybersnoopers.”



Any cellphone can be traced by its digital fingerprint

Paul Marks


“Tech-savvy criminals try to evade being tracked by changing their cellphone's built-in ID code and by regularly dumping SIM cards. But engineers in Germany have discovered that the radio signal from every cellphone handset hides within it an unalterable digital fingerprint – potentially giving law enforcers a simple way of tracking the handset itself.”



BT and Vodafone among telecoms companies passing details to GCHQ

James Ball, Luke Harding and Juliette Garside


“Some of the world's leading telecoms firms, including BT and Vodafone, are secretly collaborating with Britain's spy agency GCHQ, and are passing on details of their customers' phone calls, email messages and Facebook entries, documents leaked by the whistleblower Edward Snowden show.”


Feds Are Suspects in New Malware That Attacks Tor Anonymity


Kevin Poulsen


“Security researchers tonight are poring over a piece of malicious software that takes advantage of a Firefox security vulnerability to identify some users of the privacy-protecting Tor anonymity network.”



German prosecutors looking into US, UK snooping allegations


“Revelations about the surveillance activities of US and British intelligence agencies in Germany could be about to spark a federal investigation. Prosecutors aren't yet sure whether there is enough evidence for a case.”



MPs to quiz GCHQ spies over what they did in return for £100million payment from U.S. government

Tamara Cohen


“British spies will have to report to MPs about payments from the US government and what was expected in return. Sir Malcolm Rifkind, chairman of the parliamentary spy watchdog, said GCHQ would have to explain allegations that it received £100million over three years from Washington.”



Exclusive: NSA pays £100m in secret funding for GCHQ

Nick Hopkins and Julian Borger


“The US government has paid at least £100m to the UK spy agency GCHQ over the last three years to secure access to and influence over Britain's intelligence gathering programmes.”



Gone in 30 seconds: New attack plucks secrets from HTTPS-protected pages

Dan Goodin


“The HTTPS cryptographic scheme, which protects millions of websites, is susceptible to a new attack that allows hackers to pluck e-mail addresses and certain types of security credentials out of encrypted pages, often in as little as 30 seconds.”



Hacking Industrial Systems Turns Out to Be Easy

Tom Simonite


“Three presentations scheduled to take place at the Black Hat computer security conference in Las Vegas today will reveal vulnerabilities in control systems used to manage energy infrastructure such as gas pipelines. These are just the latest sign that such systems remain dangerously susceptible to computer attacks that could have devastating consequences; and although the researchers proposed fixes for each flaw they’ve identified, they caution that, on the whole, industrial infrastructure remains woefully vulnerable.”