Monthly Archives: March 2017

House Votes in Favor of Letting ISPs Sell Your Browsing History

Your internet history and browsing habits are for sale, and the House voted Tuesday to keep it that way, rolling back rules that would have barred internet service providers from selling your data without consent.

The measure would bar the Federal Communications Commission from enforcing rules it passed last year, during President Barack Obama’s administration, that would have required broadband providers to get your explicit consent before they could sell your personal data.

Before Tuesday’s the vote, representatives who wanted to keep the rules stripped the debate down to something as mundane as buying underwear online, privately.

“I know there has got to be somebody in this body who believes [internet service providers] should not have anybody’s underwear size,” said Rep. Keith Ellison, D-Minnesota.

With strong opposition from Democrats, the measure narrowly passed in the House by a 215-205 vote. No Democrats voted for the bill, and 15 Republicans opposed it. A similar version squeaked through the Senate last Thursday on a party-line vote of 50-48.

The president’s signature is all that is needed now to roll back the rules, leaving consumer data fair game for internet service providers and, crucially, barring the FCC from issuing similar protections in the future. The White House said in a statement on Tuesday that it “strongly supports” the repeal.

After the vote, the Internet & Television Association issued a statement applauding the congressional action to repeal “the FCC’s misguided rules.”

“With a proven record of safeguarding consumer privacy, internet providers will continue to work on innovative new products that follow ‘privacy-by-design’ principles and honor the FTC’s successful consumer protection framework,” the group said in a statement. “We look forward to working with policymakers to restore consistency and balance to online privacy protections.”

CTIA, formerly the Cellular Telecommunications and Internet Association, an advocacy group for the industry, applauded the measure’s sponsors last week for “seeking a common-sense and harmonized approach to protecting Americans’ privacy.”

“Wireless carriers are committed to safeguarding consumer privacy, and we support regulatory clarity and uniformity across our digital economy,” CTIA said in a statement.

But internet privacy advocates are framing this as a battle between privacy and profits.

Kate Tummarello, a policy analyst at the San Francisco based Electronic Frontier Foundation, said the “commonsense rules” Congress voted to repeal were designed “to protect your data” and keep internet service providers from doing a “host of creepy things” without your consent.

“Of course, the ISPs that stand to make money off of violating your privacy have been lobbying Congress to repeal those rules,” she said in a statement before the vote. “Unfortunately, their anti-consumer push has been working.”

The measure has also spawned a call to action from Data Does Good, a company that wants to empower people to leverage their data to help in the fight for online privacy rights.

The premise: Give Data Does Good your Amazon shopping history, which they say they’ll automatically anonymize and pool with others before selling it to retailers.

Data Does Good will then donate $15 on your behalf to a non-profit of your choice that is fighting for privacy rights, such as the Electronic Frontier Foundation or the ACLU.

Still more to come.  Remember the NSA already has all of this information.

People are talking about hackers ‘ransoming’ Apple — here’s what’s actually going on

If you don’t want to be hacked, don’t use the same password across different services.

And if you’re an Apple user, it’s a good idea to check your Apple ID and iCloud account today to make sure it’s using a unique and long password.

On Wednesday, a hacking group calling itself the Turkish Crime Family told Business Insider that it had about 600 million iCloud passwords it would use to reset users’ accounts on April 7.

Apple told Business Insider in a statement that if the hackers had passwords, they did not come from a breach of Apple systems:

“There have not been any breaches in any of Apple’s systems including iCloud and Apple ID. The alleged list of email addresses and passwords appears to have been obtained from previously compromised third-party services.

“We’re actively monitoring to prevent unauthorized access to user accounts and are working with law enforcement to identify the criminals involved. To protect against these type of attacks, we always recommend that users always use strong passwords, not use those same passwords across sites and turn on two-factor authentication.”

It is still possible that the group has some users’ passwords. Information from several large breaches, including those of Yahoo and LinkedIn, have spread across the internet in recent years. If an Apple user has the same password and email for, say, LinkedIn and iCloud, there’s a good chance that iCloud password is already publicly available.

Here’s what you can do to protect yourself:

Turn on two-factor authentication. That means when you log in to your iCloud account you’ll be asked to send a six-digit code to your phone. It’s annoying, but it’s the best way to ensure that your account remains your own.

Don’t use the same password for multiple services. If one of your accounts is hacked or breached, hackers can essentially access all your accounts that used the same password. Make sure to use a different password for your Apple ID and your email account — here’s how to change your Apple ID password and how to check if your password may already be public.

Make sure your password is long, random, and unique. Don’t use your name, birthday, or other common words.

  • Why this matters now

    Over the past few days, the Turkish Crime Family has contacted media outlets saying it has 200 million, 250 million, 519 million, or as many as 750 million Apple ID account credentials culled from breaches of other services.

    The hacking group also said it had been in contact with Apple and was demanding $75,000 in cryptocurrency like bitcoin or $100,000 in Apple gift cards.

    If Apple did nothing, it would “face really serious server issues and customer complaints” in an attack on April 7, a member of the hacking group told Business Insider in an email. They said they were carrying out the attack in support of the Yahoo hacking suspect.

    A report from Motherboard said the group had shown the outlet an email from one of the hackers to an Apple product-security specialist that discussed the ransom demands. That email is fake, a person with knowledge of Apple’s security operations told Business Insider.

    Apple is in contact with law enforcement about the ransom demand, the person said. Apple is unsure if the group’s claims are true, but people at the company say they doubt they are.

    There are other reasons to doubt the hackers’ claims, such as their thirst for publicity and their fluid story.

    But even if the hackers are telling the truth, Apple users can protect themselves by making sure their Apple ID password is unique and hasn’t been revealed in a previous breach.

    “A breach means nothing in 2017 when you can just pull the exact same user information in smaller scales through companies that aren’t as secure,” the group purportedly said in a post on Pastebin in response to Apple’s statement.

    Best thing to do to insure this does not happen to you is “Change Your Passwords”

 

Over 20 million Gmail and 5 million Yahoo decrypted accounts now reportedly for sale on the Dark Web

Over 20 million Gmail and 5 million Yahoo decrypted accounts now allegedly for sale on the Dark Web

A dark web vendor is reportedly selling millions of decrypted Gmail and Yahoo accounts in an unspecified underground marketplace. Over 20 million Gmail accounts and five million Yahoo accounts from previous massive data breaches are now reportedly up for sale.

A dark web vendor going by the name “SunTzu583”, who has previously also allegedly listed over one million decrypted Gmail and Yahoo accounts on the dark web, now appears to have ramped up his efforts.

According to a HackRead report, in separate listings, the cybercriminal is allegedly offering 4,928,888 and 21,800,969 Gmail accounts, of which the latter has been listed for $450 (0.4673 Bitcoins). While the first listing includes email addresses and clear text passwords, 75% of the second listing allegedly contains decrypted passwords and 25% hashed passwords.

The Gmail data reportedly corresponds to those stolen in previous breaches, including the Nulled.cr hack and the Dropbox data breach.

The cybercriminal is also allegedly selling 5,741,802 Yahoo accounts for $250 (0.2532 Bitcoins). Most of the accounts listed were allegedly disabled and appear to have been stolen from MySpace, Adobe and LinkedIn data breaches.

For both the Gmail and Yahoo accounts, the dark web vendor claims that not all the email and password combinations work directly, warning potential buyers to not expect them to match in all cases.

The data has reportedly been matched against those on popular data breach notification platforms such as Have I Been Pwned and Hacked-DB. However, the data has not been independently verified by IBTimes UK.

How to keep your data safe

Cybercrime ramped up to alarming levels last year, which also saw a slew of massive cyberattacks. Those concerned about keeping their accounts and data safe should incorporate safe security practices. In the event of a breach, or even a potential one, it is recommended that passwords be changed immediately. It’s also essential that you not reuse passwords, instead use unique and strong passwords for each of your accounts.

Remember to stay safe out in the cyber world !!!

CIA Rant :-)

From a great friend in the business
Chris Roberts:
Chief Security Architect at Acalvio Technologies

Was asked to provide something to a media source….thought I’d post it here too…enjoy..was told to NOT use “its a wake up call….”

1. Of course it’s not a bloody wake up, Oh No! An intelligence spy agency is caught spying…headline news…my ass.

2. Of course it’s not a wake up call, 0Day exploits are as old (almost) as the hills AND the stuff that was in most of the files was nothing new.

3. Tactics, yes nice to see them, but nothing out of the ordinary we didn’t already know OR suspect..

4. Of course it’s not a bloody wake up call when it becomes public (again) that Samsung can’t code worth shit and their TV’s listen in 🙂

5. What IS surprising BUT NOT REALLY is the fact that our CIA friends could have helped THEIR FBI friends get into all sorts of Apple shit…and didn’t

  •  So does the CIA not trust the FBI and it’s inability to retain secrets…welcome to the pot calling the kettle black 🙂
  •  Or does the CIA not want people knowing what we already know…people can break into almost anything, again NOT a bloody wake up call.
  •  Nice to see the CIA practice code re-use, good to see the taxpayer dollars not being spent on re-inventing the bloody wheel, that’s got to be a first!

Chris is always entertaining in his post, thank you Chris !!!!

WikiLeaks publishes ‘biggest ever leak of secret CIA documents’

The 8,761 documents published by WikiLeaks focus mainly on techniques for hacking and surveillance

The US intelligence agencies are facing fresh embarrassment after WikiLeaks published what it described as the biggest ever leak of confidential documents from the CIA detailing the tools it uses to break into phones, communication apps and other electronic devices.

The thousands of leaked documents focus mainly on techniques for hacking and reveal how the CIA cooperated with British intelligence to engineer a way to compromise smart televisions and turn them into improvised surveillance devices.

The leak, named “Vault 7” by WikiLeaks, will once again raise questions about the inability of US spy agencies to protect secret documents in the digital age. It follows disclosures about Afghanistan and Iraq by army intelligence analyst Chelsea Manning in 2010 and about the National Security Agency and Britain’s GCHQ by Edward Snowden in 2013.

The new documents appear to be from the CIA’s 200-strong Center for Cyber Intelligence and show in detail how the agency’s digital specialists engage in hacking. Monday’s leak of about 9,000 secret files, which WikiLeaks said was only the first tranche of documents it had obtained, were all relatively recent, running from 2013 to 2016.

The revelations in the documents include:
1. CIA hackers targeted smartphones and computers.
2. The Center for Cyber Intelligence, based at the CIA headquarters in Langley, Virginia, has a second covert base in the US consulate in Frankfurt which covers Europe, the Middle East and Africa.
3. A program called Weeping Angel describes how to attack a Samsung F8000 TV set so that it appears to be off but can still be used for monitoring.

The CIA declined to comment on the leak beyond the agency’s now-stock refusal to verify the content. “We do not comment on the authenticity or content of purported intelligence documents,” wrote CIA spokesperson Heather Fritz Horniak. But it is understood the documents are genuine and a hunt is under way for the leakers or hackers responsible for the leak.

WikiLeaks, in a statement, was vague about its source. “The archive appears to have been circulated among former US government hackers and contractors in an unauthorized manner, one of whom has provided WikiLeaks with portions of the archive,” the organization said.

The leak feeds into the present feverish controversy in Washington over alleged links between Donald Trump’s team and Russia. US officials have claimed WikiLeaks acts as a conduit for Russian intelligence and Trump sided with the website during the White House election campaign, praising the organization for publishing leaked Hillary Clinton emails.

Asked about the claims regarding vulnerabilities in consumer products, Sean Spicer, the White House press secretary, said: “I’m not going to comment on that. Obviously that’s something that’s not been fully evaluated.”

Asked about Trump’s praise for WikiLeaks during last year’s election, when it published emails hacked from Clinton’s campaign chairman, Spicer told the Guardian: “The president said there’s a difference between Gmail accounts and classified information. The president made that distinction a couple of weeks ago.”

Julian Assange, the WikiLeaks editor-in-chief, said the disclosures were “exceptional from a political, legal and forensic perspective”. WikiLeaks has been criticized in the past for dumping documents on the internet unredacted and this time the names of officials and other information have been blacked out.

WikiLeaks shared the information in advance with Der Spiegel in Germany and La Repubblica in Italy.

Edward Snowden, who is in exile in Russia, said in a series of tweets the documents seemed genuine and that only an insider could know this kind of detail. He tweeted:
The document dealing with Samsung televisions carries the CIA logo and is described as secret. It adds “USA/UK”. It says: “Accomplishments during joint workshop with MI5/BTSS (British Security Service) (week of June 16, 2014).”

It details how to fake it so that the television appears to be off but in reality can be used to monitor targets. It describes the television as being in “Fake Off” mode. Referring to UK involvement, it says: “Received sanitized source code from UK with comms and encryption removed.”

WikiLeaks, in a press release heralding the leak, said: “The attack against Samsung smart TVs was developed in cooperation with the United Kingdom’s MI5/BTSS. After infestation, Weeping Angel places the target TV in a ‘Fake Off’ mode, so that the owner falsely believes the TV is off when it is on. In ‘Fake Off’ mode the TV operates as a bug, recording conversations in the room and sending them over the internet to a covert CIA server.”

The role of MI5, the domestic intelligence service, is mainly to track terrorists and foreign intelligence agencies and monitoring along the lines revealed in the CIA documents would require a warrant.

The Snowden revelations created tension between the intelligence agencies and the major IT companies upset that the extent of their cooperation with the NSA had been exposed. But the companies were primarily angered over the revelation the agencies were privately working on ways to hack into their products. The CIA revelations risk renewing the friction with the private sector.

The initial reaction of members of the intelligence community was to question whether the latest revelations were in the public interest.

A source familiar with the CIA’s information security capabilities took issue with WikiLeaks’s comment that the leaker wanted “to initiate a public debate about cyberweapons”. But the source said this was akin to claiming to be worried about nuclear proliferation and then offering up the launch codes for just one country’s nuclear weapons at the moment when a war seemed most likely to begin.

Monday’s leaks also reveal that CIA hackers operating out of the Frankfurt consulate are given diplomatic (“black”) passports and US State Department cover. The documents include instructions for incoming CIA hackers that make Germany’s counter-intelligence efforts appear inconsequential.

The document reads:

“Breeze through German customs because you have your cover-for-action story down pat, and all they did was stamp your passport.

Your cover story (for this trip):

Q: Why are you here?

A: Supporting technical consultations at the consulate.”

The leaks also reveal a number of the CIA’s electronic attack methods are designed for physical proximity. These attack methods are able to penetrate high-security networks that are disconnected from the internet, such as police record databases. In these cases, a CIA officer, agent or allied intelligence officer acting under instructions, physically infiltrates the targeted workplace. The attacker is provided with a USB stick containing malware developed for the CIA for this purpose, which is inserted into the targeted computer. The attacker then infects and extracts data.

A CIA attack system called Fine Dining provides 24 decoy applications for CIA spies to use. To witnesses, the spy appears to be running a program showing videos, presenting slides, playing a computer game, or even running a fake virus scanner. But while the decoy application is on the screen, the system is automatically infected and ransacked.

The documents also provide travel advice for hackers heading to Frankfurt: “Flying Lufthansa: Booze is free so enjoy (within reason).”

The rights group Privacy International, in a statement, said it had long warned about government hacking powers. “Insufficient security protections in the growing amount of devices connected to the internet or so-called ‘smart’ devices, such as Samsung smart TVs, only compound the problem, giving governments easier access to our private lives,” the group said.