TweakTown NewsRefine News by Category:
US citizens' phone calls, and all electronic data is captured and recorded by the FBI, accessible by the government
Tim Clemente, a former FBI counterterrorism agent claims that there is a 'Person of Interest'-type surveillance network used by the US government to monitors their citizens. Clemente talked about this when he appeared on CNN Wednesday night.
The discussion turned to the Boston Marathon attack, and past telephone calls with Katherine Russell and her deceased husband, suspect Tamerlan Tsarnaev. The former FBI agent said those conversations would be available to investigators. Clemente discussed the issue in an exchange, below, with host Erin Burnett:
BURNETT: ' Tim, is there any way, obviously, there is a voice mail they can try to get the phone companies to give that up at this point. It's not a voice mail. It's just a conversation. There's no way they actually can find out what happened, right, unless she tells them?'
CLEMENTE: 'No, there is a way. We certainly have ways in national security investigations to find out exactly what was said in that conversation. It's not necessarily something that the FBI is going to want to present in court, but it may help lead the investigation and/or lead to questioning of her. We certainly can find that out.'
BURNETT: 'So they can actually get that? People are saying, look, that is incredible.'
CLEMENTE: 'No, welcome to America. All of that
Everyone's favorite iOS hacker, Jay Freeman, or saurik, has discovered an exploit for Google Glass. The exploit is rather scary due to just how easy it is to implement. The exploit can be loaded onto Google Glass using any Android device, theoretically allowing people to quickly exploit devices while out and about.
More importantly, the exploit allows the hacker full access to the camera and microphone. All a hacker has to do is load a couple of files, which is simple due to Google Glass not having any sort of security protection. Glass has no pin lock, gesture lock, or other method of keeping it secure when not being worn.
If a hacker has full access to a camera and microphone, the device could easily be used to spy on a user's life, collect bank pins, or conduct industrial espionage. Of course, Google Glass Explorer Edition is a bit removed from what we will see in the final consumer version next year. One thing is clear, Google needs to make sure to add some sort of security to the device.
Twitter continues to be in the news and not for good things. Twitter accounts continue to be compromised left and right, though not because of a bug in Twitter's system. Often times these accounts are compromised because the owner used a weak password, fell victim of a phishing scam, or simply told someone else.
But that doesn't mean Twitter is off the hook. The micro-blogging site needs to hurry up and release its two-factor authentication in order to help prevent against these visible hackings. The latest accounts to be compromised are ones of the Guardian, a daily publication in the UK:
"We are aware that a number of Guardian Twitter accounts have been compromised and we are working actively to resolve this," a Guardian spokesperson said.
The Syrian Electronic Army has claimed responsibility for these hacks, much like they claimed responsibility for the recent hackings of NPR, CBS, and Associated Press handles. It's not clear how exactly the Guardian handles were compromised, though it's likely they used a similar e-mail phishing tactic.
Over the weekend Spanish authorities arrested a Dutch man who they say is responsible for the largest DDOS attack in the history of the internet. The man was said to be in his Barcelona home at the time of the arrest, and police seized several mobile phones and computers belonging to the suspect.
The man who has only been identified as "S.K." in official reports has been unofficially identified as 35-year-old Sven Olaf Kamphuis, by sources reporting to the NY Times. Kamphuis, or "The Prince of Spam", is a self-proclaimed minister of telecommunications and foreign affairs for the Republic of CyberBunker.
He is the spokesperson for a group that had previously protested tactics used by a European anti-spam group. He operates an ISP known as CB3ROB as well as web hosting company named CyberBunker. He faces charges after being linked to a DDOS attack last month that was like no other ever witnessed.
It targeted the anti-spam group Spamhaus, which maintains one of the largest spam block lists in the world.
LivingSocial, the company that helps users get better deals, announced that they have been hacked. The company notes that the hackers did not gain access to any credit card information. As a precaution, LivingSocial is sending out an e-mail to 50 million of its users informing them of the hack.
LivingSocial hasn't detailed how the hack occurred, but they have said that names, birthdays, e-mail addresses, and encrypted passwords were compromised. Given enough time and the correct tools, those encrypted passwords can be decrypted. Combine the password with the e-mail and the hackers could gain access to other sites.
If you use the same e-mail/password combination on any other sites, you're encouraged to change your passwords right away.
Cyberthreats are the new way of slowly removing citizens' privacy, and now the Department of Homeland Security (DHS) is preparing to deploy a very powerful new version of their EINSTEIN intrusion-detection system that is built to detect attacks and malware, especially when it comes to e-mail.
But because this new version of EINSTEIN is able to read electronic content, it is raising privacy concerns. DHS has recognized this, and have just issued a "privacy impact assessment" on what they're calling EINSTEIN 3 Accelerated, the intrusion detection and prevention system that is expected to be made available as a managed security service from ISPs to monitor the ".gov" traffic to and from civilian agencies and Executive Branch departments.
The DHS has said that EINSTEIN 3 might be able to collect "personally identifiable information" (PII) in some instances where this network security system will not just monitor but also prevent threats by clocking traffic in order to detect a cyberthreat or potential cyberthreat.
This afternoon some alarming news emanated from the Associated Press' Twitter account that stated the White House had been bombed and President Obama had been injured.
With recent events, this news spread across the web via social media within minutes. Fortunately, the report was 100% false - the President and the White House are safe and sound.
AP reporter Matt Moore took to his Twitter account to debunk the false report and confirm that the trusted news organization's Twitter account had indeed been hacked. The official source of the hack is unknown, but the hacker group Syrian Electronic Army appears to be claiming responsibility.
This morning TechSpot broke news that during 2011 and 2012 over 2700 servers hosted with HostGator were compromised when an employee installed backdoors on the machines. Prosecutors say that 29 year old Eric Gunnar Gisse of Texas was responsible for the inside hacking.
Gisse was employed by the company between September of 2011 and February 2012 as a medium level systems administrator. HostGator says that Gisse went to great lengths to hide the backdoor as a common Unix admin tool, which he renamed "pcre", which is a common system file.
No evidence was presented as to whether or not Gisse ever used the backdoor to access any of the servers remotely, but as the meme goes, "One simply does not install a backdoor onto 2700 servers without the intent to use them."
Gisse is scheduled to be arraigned next month. It's unclear if he has entered a plea as of this writing. He is being held on $20,000 bond at the Harris County Jail in Houston, TX.
Microsoft is pushing out a major upgrade to Microsoft account security by offering the option of two-step verification. As of late, many different online services have started to offer two-step or two-factor authentication to help keep online accounts more secure.
Two-step verification usually takes a bit longer to allow access to an account, but it makes it much more difficult for a hacker to brute-force your password. To login after two-step verification is enabled, you'll be required to enter your password and a code that was sent to either an e-mail or cell phone on file.
You'll be able to enable two-step verification at Microsoft's website, though the option might not be immediately available. For more information about Microsoft's two-step implementation, check out their blog post.
Gottfrid Svartholm, one of the co-founders of everyone's favorite torrent website The Pirate Bay, has been indicted on charges of hacking along with three others. Svartholm is said to be the mastermind behind a series of cyber intrusions into Nordea Bank and the Swedish federal tax agency.
In a statement, prosecutor Henrik Olin had the following to say:
"A large amount of data from companies and agencies was taken during the hack, including a large amount of personal data, such as personal identity numbers of people with protected identities."
These charges come completely independent of a recent sentence of one year in prison that was passed down to Svartholm after a series of shady happenings where Cambodian authorities managed to deport him back to Sweden. These new charges carry a much longer sentence than just one year.