Malware Attacks Hit News Websites – Foretelling Cyber False Flag?

• Subscribe to PCF Networked Blog Daily Updates 
• Subscribe to our Twitter / Google / Yahoo Daily Updates

Malware alerts struck the web last night and this morning, in a preview of what Internet users have to look forward to once the real cyber false flag hits the Net.  Real and fake malware will create chaos, as users get blocked from their favorite websites.

Regular visitors to BIN may have noticed that we had some of those cute red screens courtesy of your browsers (Safari, Chrome and Firefox) on our site last night and this morning alerting you that "you'd better not go there".

The Google Chrome malware warning from BIN late last night.  Firefox and Safair had similar dire warnings for these sites.

Outages were reported at many popular sites, including ZD Net, CNET, Glenn Reynold's popular Instapundit, etc.  Here's a report from ZD Net that covered their end of things.  Facebook is running behind, they are still showing warnings for some sites, including BIN.  The BIN site is completely clean at this time, according to Google.

 

Here's a screen grab from Instapundit:

Has anyone else noticed what's happened to the internet?  Sites with edgy alternative content or conservative points of view get hacked more often, and in this case not hacked, but effectively taken down by scary looking warning messages.  This type of censorship has been going on for years with email.  If you want to keep a lid on the news, you just signup for a site's email, then send it to one of the 50 self appointed "spam police" sites and they'll blacklist a site.  It usually takes a day or two for things to return to normal and get off the blacklist and by then the damage is done.  The same thing is now happening to web sites.

There's only one way around this, a new way to communicate and get news and information using the internet.  We've been developing it for a year and it's going to be what we think is a very good alternative to insecure email and chat programs, as well as providing a way to view web content without surfing around for it.

Before its news

Pakistan Cyber Force

Follow PCF on Facebook

Follow PCF on Twitter

World’s Highest Resolution Surveillance System: 1.8 Gigapixel ARGUS-IS

• Subscribe to PCF Networked Blog Daily Updates 
• Subscribe to our Twitter / Google / Yahoo Daily Updates

DARPA and the USZ Army have taken the wraps off ARGUS-IS, a 1.8-gigapixel video surveillance platform that can resolve details as small as six inches from an altitude of 20,000 feet (6km). ARGUS is by far the highest-resolution surveillance platform in the world, and probably the highest-resolution camera in the world, period.

ARGUS, which would be attached to some kind of unmanned UAV (such as the Predator) and flown at an altitude of around 20,000 feet, can observe an area of 25 square kilometers (10sqmi) at any one time. If ARGUS was hovering over New York City, it could observe half of Manhattan. Two ARGUS-equipped drones, and the USZ could keep an eye on the entirety of Manhattan, 24/7.

It is the definition of “observe” in this case that will blow your mind, though. With an imaging unit that totals 1.8 billion pixels, ARGUS captures video (12 fps) that is detailed enough to pick out birds flying through the sky, or a lost toddler wandering around. These 1.8 gigapixels are provided via 368 smaller sensors, which DARPA/BAE says are just 5-megapixel smartphone camera sensors. These 368 sensors are focused on the ground via four image-stabilized telescopic lenses.

The end result, as you can see in the (awesome) video above, is a mosaic that can be arbitrarily zoomed. In the video, a BAE engineer zooms in from 17,500 feet to show a man standing in a parking lot doing some exercises. A white speck is a bird flying around. You can’t quite make out facial features or license plates (phew), but I wonder if that would be possible if ARGUS was used at a lower altitude (during a riot, say).

ARGUS’s insane resolution is only half of the story, though. It isn’t all that hard to strap a bunch of sensors together, after all. The hard bit, according to the Lawrence Livermore National Laboratory (LLNL), is the processing of all that image data. 1.8 billion pixels, at 12 fps, generates on the order of 600 gigabits per second. This equates to around 6 petabytes — or 6,000 terabytes — of video data per day. From what we can gather, some of the processing is done within ARGUS (or the drone that carries it), but most of the processing is done on the ground, in near-real-time, using a beefy supercomputer. We’re not entirely sure how such massive amounts of data are transmitted wirelessly, unless DARPA is waiting for its 100Gbps wireless tech to come to fruition.

The software, called Persistics after the concept of persistent ISR — intelligence, surveillance, and reconnaissance — is tasked with identifying objects on the ground, and then tracking them indefinitely. As you can see in the video, Persistics draws a colored box around humans, cars, and other objects of interest. These objects are then tracked by the software — and as you can imagine, tracking thousands of moving objects across a 10-square-mile zone is a fairly intensive task. The end user can view up to 65 tracking windows at one time.

The ARGUS system in its entirety produces one million terabytes per day — all of which is stored by the Army for future use. We’re a bit skeptical about PBS’s crazy figure (a million terabytes is an exabyte), but in theory most of that data is actually meta data — the coordinates and other identifying features of the thousands (millions?) of objects being tracked by ARGUS.

The original goal was to deploy ARGUS in Afghanistan, but that never came to pass. It isn’t entirely clear what ARGUS’s future is; it was meant to be mounted on Boeing’s high-altitude A160 Hummingbird helicopter (pictured right), but the chopper has since been scrapped. If ARGUS is to be deployed, it will most likely be strapped to the underbelly of a Predator drone. Where it will be used, however, with the war in Afghanistan apparently winding down, is another question entirely. Its efficacy in a military setting would be unsurpassed, but it’s easy to imagine how ARGUS could be used here at home in the US, too.

Via ExtremeTech

(Mildly Edited by PCF Web desk)

Pakistan Cyber Force

Follow PCF on Facebook

Follow PCF on Twitter

’Red October’: Global Cyber-Spy Network Uncovered by Russian Experts

• Subscribe to PCF Networked Blog Daily Updates 
• Subscribe to our Twitter / Google / Yahoo Daily Updates

A sophisticated cyber-espionage network targeting the world’s diplomatic, government and research agencies, as well as gas and oil industries, has been uncovered by experts at Russia’s Kaspersky Lab.

The system’s targets include a wide range of countries, with the primary focus on Eastern Europe, former Soviet republics and Central Asia – although many in Western Europe and North America are also on the list.

“The majority of infections are actually from the embassies of ex-USSR country members located in various regions such as Western Europe and even in North America – in the US we have few infections as well. But most infections are concentrated around Russia,” Vitaly Kamluk, chief malware expert at Kasperky Lab, told RT, adding that in Europe, the hardest-hit countries are apparently Beligum and Switzerland.

In addition to attacking traditional computer workstations, ‘Rocra’ – an abridgment of ‘Red October,’ the name the Kaspersky team gave the network – can steal data from smartphones, dump network equipment configurations, scan through email databases and local network FTP servers, and snatch files from removable disk drives, including ones that have been erased.

Unlike other well-known and highly automated cyber-espionage campaigns, such as ‘Flame’ and ‘Gauss,’ Rorca’s attacks all appear to be carefully chosen. Each operation is apparently driven by the configuration of the victim’s hardware and software, native language and even document usage habits.

The information extracted from infected networks is often used to gain entry into additional systems. For example, stolen credentials were shown to be compiled in a list for use when attackers needed to guess passwords or phrases.

The hackers behind the network have created more than 60 domain names and several server hosting locations in different countries – the majority of those known being in Germany and Russia – which worked as proxies in order to hide the location of the ‘mothership’ control server.

That malicious server’s location remains unknown, but experts have uncovered over 1,000 modules belonging to 34 different module categories.While Rocra seems to have been designed to execute one-time tasks sent by the hackers’ servers, a number of modules were constantly present in the system executing persistent tasks. This included retrieving information about a phone, its contact list, call history, calendar, SMS messages and even browsing history as soon as an iPhone or a Nokia phone is connected to the system.

The hackers’ primary objective is to gather information and documents that could compromise the security of governments, corporations or other organizations and agencies. In addition to focusing on diplomatic and governmental agencies around the world, the hackers also attacked energy and nuclear groups, and trade and aerospace targets.

No details have been given yet as to the attackers’ identity. However, there is strong technical evidence to indicate that the attackers are of Russophone origins, as Russian words including slang have been used in the source code commentaries. Many of the known attacks have taken place in Russian-speaking countries.

“It is bound to Russian language. We are currently uncertain which country is responsible for creating these malicious applications, but we are most certain the developers picked the Russian language. It is visible from the text links we extracted from the application. Some of them point to Russian origin. For example, the word used inside of the malware the word is ‘zakladka.’ In Russian it means a bookmark, or under cleared functionality it can refer to a backdoor functionality in some legitimate software. So that’s why we believe this work was used by Russian-speaking developers,” Kamluk told RT.

The hackers designed their own authentic and complicated piece of software, which has its own unique modular architecture of malicious extensions, info-stealing modules and backdoor Trojans. The malware includes several extensions and malicious files designed to quickly adjust to different system configurations while remaining able to grab information from infected machines.

These included a ‘resurrection’ module, which allowed hackers to gain access to infected machines using alternative communications channels and an encoded spy module, stealing information from different cryptographic systems such as Acid Cryptofiler, which has reportedly been used since 2011 by organizations such as NATO, the European Parliament and the European Commission.

The first instances of Red October malware were discovered in October 2012, but it has been infecting computers since at least 2007, Kaspersky Lab reported. The firm worked with a number of international organizations while conducting the investigation, including Computer Emergency Readiness Teams from the US, Romania and Belarus.

The EU is attempting to counter the huge rise in cyber-espionage by launching the European Cybercrime Center, which opened on Friday.

Pakistan Cyber Force

Follow PCF on Facebook

Follow PCF on Twitter

Google starts watching what you do off the Internet too

• Subscribe to PCF Networked Blog Daily Updates 
• Subscribe to our Twitter / Google / Yahoo Daily Updates

The most powerful company on the Internet just got a whole lot creepier: a new service from Google merges offline consumer info with online intelligence, allowing advertisers to target users based on what they do at the keyboard and at the mall.

Without much fanfare, Google announced news this week of a new advertising project, Conversions API, that will let businesses build all-encompassing user profiles based off of not just what users search for on the Web, but what they purchase outside of the home.

In a blog post this week on Google’s DoubleClick Search site, the Silicon Valley giant says that targeting consumers based off online information only allows advertisers to learn so much. “Conversions,” tech-speak for the digital metric made by every action a user makes online, are incomplete until coupled with real life data, Google says.

“We understand that online advertising also fuels offline conversions,” the blog post reads. Thus, Google says, “To capture these lost conversions and bring offline into your online world, we’re announcing the open beta of our Conversions API for uploading offline conversion automatically.”

The blog goes on to explain that in-store transactions, call-tracking and other online activities can be inputted into Google to be combined with other information “to optimize your campaigns based on even more of your business data.” When on-the-Web interactions start mirroring real life activity, though, even a certain degree of privacy doesn’t make Conversions API any less creepy. As Jim Edwards writes for Business Insider, “If you bought a T shirt at The Gap in the mall with your credit card, you could start seeing a lot more Gap ads online later, suggesting jeans that go with that shirt.”

Of course, there is always the possibility that all of this information can be unencrypted and, in some cases, obtained by third-parties that you might not want prying into your personal business. Edwards notes in his report that Google does not explicitly note that intelligence used in Conversions API will be anonymized, but the blowback from not doing as much would sure be enough to start a colossal uproar. Meanwhile, however, all of the information being collected by Google — estimated to be on millions of servers around the globe — is being handed over to more than just advertising companies. Last month Google reported that the US government requested personal information from roughly 8,000 individual users during just the first few months of 2012.

“This is the sixth time we’ve released this data, and one trend has become clear: Government surveillance is on the rise,” Google admitted with their report.

Pakistan Cyber Force

Follow PCF on Facebook

Follow PCF on Twitter

China Blocks Google access for 12 Hours

• Subscribe to PCF Networked Blog Daily Updates 
• Subscribe to our Twitter / Google / Yahoo Daily Updates

Google reported a dramatic drop-off in its traffic to sites in China for about 12 hours Friday, November 9, into Saturday morning. According to Google’s Transparency Report, which monitors traffic to Google’s sites around the world, all of its services were inaccessible in China, with Chinese Internet monitor Greatfire.org confirming the outage. “We’ve checked and there’s nothing wrong on our end,” a Google spokesperson e-mailed Computerworld. Observers noted that the blockage coincided with the beginning of Communist China’s 18th Party Congress, at which the government is expected to name new leaders.

China regularly blocks certain elements of the Google site to computers within the country, but this is the first time Google has been totally inaccessible since 2010, when there was a brief disruption in service. PCWorld.com noted that the latest outage occurred “just two weeks after Chinese censors targeted the New York Times after it had published an article on the billions in wealth amassed by the family of Chinese Premier Wen Jiaobao. The New York Times‘ website continues to be inaccessible from within the country.” According to PCWorld, the communist country “periodically increases the level of Internet censorship when sensitive government-related matters arise. This happened last year when an online call was made urging the Chinese people to protest. Subsequently, Google accused the Chinese government of disrupting access to its Gmail service in the country.”

While Google’s YouTube site has been largely blocked in China since 2009, said Internet observers, the latest disruption affected all of Google’s core services, including Gmail, Google Docs, Google Maps, and its analytics service, which is used by tens of thousands of companies to track who comes to their sites. SciTechToday.com noted that Google is the second most used search engine in China, behind the country’s own Baidu.com, and is the fifth most accessed site among China’s half-billion online users. But Google has been in an ongoing conflict with the Chinese government, dating back to 2010 when Google refused to comply with China’s censorship regulations. When the Chinese government blocked user access to some Google sites, the company redirected users of local search page to its sites in Hong Kong, which is not subject to the same restrictions imposed on China’s mainland.

That same year Google reported that there had been attempts to hack into the Gmail accounts of Chinese human rights activists. According to SciTechToday.com, in June Google announced that it would display warnings to users in China in the event of search errors that were beyond the control of Google. “For years, Google said it has received complaints about some search requests that had led to ‘this webpage is not available’ or ‘the connection was reset’ error pages,” reported the tech site. “Such pages often result in a temporary disconnection to Google.” GreatFire.org reported that during the disruption many Google subdomains were “DNS poisoned,” which it described as an attack method that redirects visitors to a typically non-existent website. Attempts by Internet users in China to reach Google.com resulted in a redirect that took them to a non-functioning Web address in Korea. “Never before have so many people been affected by a decision to block a website,” GreatFire said.

Earlier this year Google CEO Eric Schmidt predicted that China’s Internet firewall was destined to fall under increasing pressure from the country’s online users. And in a recent interview in Foreign Policy magazine he noted that China is “the only government that’s engaged in active, dynamic censorship. They’re not shy about it.” He suggested that once China’s censorship policies are swept away, the resulting free-flow of information would result in dramatic political and social changes in the country.

(TheNewAmerican)

Pakistan Cyber Force

Follow PCF on Facebook

Follow PCF on Twitter

Facebook turns off automatic facial recognition feature for EU users

• Subscribe to PCF Networked Blog Daily Updates 
• Subscribe to our Twitter / Google / Yahoo Daily Updates

Facebook has turned off its controversial tag suggestions feature for users in Europe, in a move that campaigners will hail as a victory for privacy.

The social network tool took biometric information provided when users tag friends' faces in photos to make suggestions on the correct tags for future images.

But the company was heavily criticised when it introduced the feature and automatically opted-in all users in Europe last June without formally announcing its arrival on the site.

Privacy campaigners were particularly disturbed since Facebook allows photographs to be published on its site without the express permission - or even knowledge - of those pictured.

With the facial-recognition feature activated on the site, this meant in essence that those uploading photos were handing the personal biometric information of those photographed over to the company.

 The removal of the feature and the forced deletion of all the biometric data will be a blow to the company which is under intense pressure to find new ways to convert its vast hoard users' personal information into cash since it was floated on the stock market earlier this year.

Mark Zuckerberg, Facebook CEO: The decision will be a blow to the company which is under pressure to find new ways to rake in more money.

Responding to the removal of the feature, Nick Pickles, director of privacy campaign group Big Brother Watch, said: 'Users need to be in control of what happens to their data and it’s absolutely right this applies to people’s pictures on Facebook in the same way as their written personal information.

'The wider issue is not just about people opting-in to use the technology, but how you regulate something when often the person in the photo might not be aware their photo has even been uploaded.

'Facial recognition has the potential to undermine people’s privacy far more dramatically than most existing technology, with ever more creative uses finding ways to track us and target us.'

Facebook was forced to carry out a review of the controversial feature's introduction after a wave of anger about potential data protection issues.

It announced last month that it would suspend the feature across Europe and erase all the biometric facial-recognition data it has collected thus far from users on the continent by October 15.

GOOGLE ORDERED TO FIX PRIVACY POLICY 'WITHIN MONTHS'

European regulators have ordered Google to clarify its new privacy policy and make it easier for users to opt out of it.

France’s National Commission on Computing and Freedom led a European investigation into Google’s new unified policy, which replaced 60 individual policies for its search, email and other services and regulates how it uses the personal data it collects.

CNIL's president Isabelle Falque-Pierrotin said the company had 'three or four months' to make the revisions, otherwise 'authorities in several countries can take action against Google'.

Google responded that it is reviewing the commission’s report but that it believes its policy respects European law.

The current row revolves around Google's decision to pool of anonymous user data across Google services. For Google, this is a big advantage when selling online ads.

Google and other large internet groups like Facebook provide free services to consumers and earn money from selling ads that they say are more closely targeted than traditional TV or radio campaigns.

The move followed a review by Facebook Ireland of the degree to which the social networking site had implemented recommendations made in an audit of the social networking site by the Irish Data Protection Commission last December.

That report assessed Facebook Ireland’s compliance with Irish Data Protection law and by extension EU law. The aim is to re-introduce the tag feature in the future, but with new guidelines and different forms of notice and consent.

Billy Hawkes, the Data Protection Commissioner for Ireland, said last month the tool would only return to the site if Facebook agreed with the department on the 'most appropriate means of collecting user consent'.

He praised the multi-billion pound company for 'sending a clear signal of its wish to demonstrate its commitment to best practice in data protection compliance.'

Mr Hawkes says Facebook should make users more aware of what happens to their personal data to increase control over privacy settings.

Mr Pickles added: 'It may be possible in future to find a way to use facial recognition on Facebook in very limited circumstances.

'However, given the challenge of securing consent from both the person uploading the photo and the people in the photo being scanned, it may be practically impossible to secure an adequate level of consent.

'What must not happen is the consent requirement be watered down because it proves difficult.'

Pakistan Cyber Force

Follow PCF on Facebook

Follow PCF on Twitter

Android apps 'leak' personal details

• Subscribe to PCF Networked Blog Daily Updates 
• Subscribe to our Twitter / Google / Yahoo Daily Updates

Millions of people are using Android apps that can be tricked into revealing personal data, research indicates. Scientists tested 13,500 Android apps and found almost 8% failed to protect bank account and social media logins. These apps failed to implement standard scrambling systems, allowing "man-in-the-middle" attacks to reveal data that passes back and forth when devices communicate with websites. Google has yet to comment on the research and its findings.

Researchers from the security group at Leibniz University of Hanover and the computer science department at the Philipps University of Marburg tested the most popular apps in Google's Play store. By creating a fake wi-fi hotspot and using a specially created attack tool to spy on the data the apps sent via that route, the researchers were able to:

• capture login details for online bank accounts, email services, social media sites and corporate networks
• disable security programs or fool them into labelling secure apps as infected
• inject computer code into the data stream that made apps carry out specific commands

An attacker could even re-direct a request to transfer funds, while making it look to the app user like the transaction was proceeding unchanged. Some of the apps tested had been downloaded millions of times, the researchers said. And a follow-up survey of 754 people suggests users could struggle to spot when they were at risk.

"About half of the participants could not judge the security state of a browser session correctly," the researchers wrote. "Most importantly, research is needed to study which counter-measures offer the right combination of usability for developers and users, security benefits and economic incentives to be deployed on a large scale."

(BBC)

Pakistan Cyber Force

Follow PCF on Facebook

Follow PCF on Twitter

Google accused of spying on Gmail users

• Subscribe to PCF Networked Blog Daily Updates 
• Subscribe to our Twitter / Google / Yahoo Daily Updates

Google isn’t exactly a stranger to allegations that they invade the privacy of their customers, but now the search engine is being asked to explain itself in court over accusations that they snoop through messages sent through its Gmail service. Representatives from Google are asking a federal judge to dismiss a lawsuit waged at the company’s Gmail platform because the plaintiffs in the case cannot explicitly prove that their correspondence is being unlawfully monitored by the email service.

Brad Scott and Todd Harrington are the lead plaintiffs in a case that attempts to call-out the Silicon Valley search engine company as being in violation of California’s Invasion of Privacy Act (CIPA) because they believe Gmail conducts clandestine scans of emails for words and content, intentionally intercepting private communiqué as a result without obtaining the user’s permission. Google, on the other hand, maintains that only computers complete all the legwork and that no humans actually have their eyes on any emails, also insisting that neither Mr. Scott nor Mr. Harrington can back up their claims that any action from Gmail has led to injury.

Google condemned the case this week, Courthouse News reports, arguing by way of a 25-page motion that Gmail scans data sent over its servers using its "fully automated processes involve no human review of any kind" that they insist exists to screen out viruses and spam "for the protection of its users." Now they are asking US District Judge Lucy Koh to dismiss the complaint with prejudice. The plaintiffs say that Google’s actions are enough to land them in court because that conduct constitutes wiretapping and eavesdropping in their eyes, a claim which Google says is “contorting” state law "in ways the California Legislature never intended.”

"In the context of emails, multiple courts have recognized that no one can reasonably expect that the emails they send to others will be free from the automated processing that is normally associated with delivering emails," Google responds to the case with this week’s motion. "Plaintiffs fail to articulate a single concrete injury stemming from the automated processing of emails sent to Gmail users," Google adds. "Plaintiffs instead rely on conclusory allegations that their privacy rights were infringed in the abstract."
Additionally, Google charges that no state statues being called into question applies to the plaintiffs’ allegations, writing in their motion that the terms "electronic communication," "email," "Internet" and "computer" are not included.

"Even if the court were to accept plaintiffs' invitation to judicially rewrite the statute to reach electronic communications, choice of law rules would still preclude applying CIPA to this case," Google’s motion states. "CIPA makes clear on its face that it is intended to protect California residents and not to regulate California businesses," Google adds.

Judge Koh is now expected to hear the motion on March 21, 2013. Meanwhile, congressional Republicans wrote to the White House this week to attack a planned cybersecurity executive order that would allow third-party companies, such as Google, to openly share customer-inputted information with the federal government.

“An executive order exerting influence over critical infrastructure is not just a step in the wrong substantive direction,” the letter reads. “It will almost certainly be exploited by other nations to justify their efforts to regulate the Internet. This is a most critical time, and we cannot afford a hasty, unilateral action that will only serve to bolster the efforts of less democratic nations to stifle the very free exchange of ideas and expression that has allowed the Internet to flourish across the globe. For these reasons, we urge you to rethink the wisdom of an executive order.”

The letter to US President Barack Obama was signed by 11 GOP members of Congress, including US Rep. Fred Upton (R-Michigan), Senator Kelly Ayotte (R-New Hampshire), Senator Marco Rubio (R-Florida) and Senator Mike Lee (R-Utah).

RT

Pakistan Cyber Force

Follow PCF on Facebook

Follow PCF on Twitter