Posted on: June 3rd, 2013
For two companies, it’s all-out war. Spamhaus is a non-profit group dedicated to helping email providers filter out spam from their customer’s inboxes. Their efforts have been so successful it has caused several spammers and scammers to change their tactics. Before we knew that spam was not just delicious spiced ham in a can, scammers would send their email messages worldwide in an attempt to either get a victim to click on an infected link, download an infected video or picture or to trick them into some long distance financial scam.
It is big business in Russia, China, Indonesia and other countries where they send millions of emails by the hour. But modern technology, and the efforts of organizations like Spamhaus have cut into the revenues being made by these con artists. When Spamhaus identified the source of many of these illicit spam emails as coming from a company called Cyberbunker, which company fought back. Cyberbunker claims that they will host any internet need save for child pornography and terrorist related sites. Many of this company’s clients are those scammer spammers.
Spamhaus first identified one of Cyberbunker’s clients as a spammer, thereby cutting off all hope of that company being able to continue spamming for profit. Later, Spamhaus blacklisted Cyberbunker and the rest of the companies they host. With all sources of their revenues now affected negatively, Cyberbunker reps vowed revenge. Less than a week after Spamhaus blacklisted them, the non-profit organization experienced a Distributed Denial of Service attack the likes of which have never been seen.
The attack knocked Spamhaus’ site offline. The attackers utilize the DNS or Domain Name Servers to successfully overload the amount of information coming into the target’s servers. This overload can be likened to an attempt to fit 300 cars on a bridge wide enough for two. The web ‘traffic’ then backs up behind the bridge as it attempts to allow one or two across at a time. This attack reveals just how fragile the internet is. The traffic that built up on Spamhaus slowed down the traffic to other sites as well. The concern is that another attack like this one may affect everything from email services to online banking. Cyberbunker denies involvement in the attack.
Posted on: June 2nd, 2013
It sounds like something out of a James Bond or a Diehard type-movie, but it is very real. An android app that is designed specifically to lock on to a commercial airliner’s navigation system to change its course, its altitude or speed, or even cause it to crash. Hugo Teso is an analyst at N.Runs AG and a licensed pilot and has developed an Android app, dubbed, “Simon” which uses an exploit framework to attack the autopilot systems of most major commercial airliners. He did this to demonstrate the vulnerability of these systems called Automatic Dependant Surveillance-Broadcast, or ADS-B.
Teso spoke at the Hack in the Box conference in Amsterdam and explained how he could take advantage of the plane’s ADS-B system by breaking into the communication link between the plane and air traffic controllers to feed false information into the plane and potentially create another terrorist attack. He said that it took three years to build the “Simon” framework which used real-time information from Flightsradar24 and some easily attainable Flight Management System hardware.
In the virtual demonstration he conducted, he showed that he could send the command to the plane “visit ground” using the app and radio signals whereupon he could change the plane’s course, it’s speed or intentionally cause a crash. The reportedly ‘good’ news from this is that as of right now, this hacking system is limited. As of right now, this hack can only be accomplished virtually. The distance is also limited to the distance that the plane is from the antennae range of the device being used to hack it.
Other limitations on this include the fact that this only affects the plane’s autopilot function. If a pilot determines that the system has been compromised, a simple switch to manual control will end the vulnerability. That being said, there is no way for a plane to currently check the validity of data transmitted. New tech advances like the Simon bring new ways for terrorists to wreak havoc on the world.
Posted on: June 1st, 2013
The Australian Federal Police has turned to teens to help fight cyber-crime. It seems that the AFP has been keeping careful eye on several online forums that discuss hacking. These forums attract the experienced and amateur hackers where they can discuss fine-tuning their abilities. And as is usually the case with advanced technology, it is the young who are becoming more and more proficient on a daily basis. It is these youth that the AFP is targeting in an effort to intervene before they cross the line and break the law.
Some of these ‘potential hackers’ are as young as fifteen. When the police show up at the door to discuss their kids online activities with parents it is more than just a preventative measure. These youths are confronted with the threat of what could happen to them if their efforts at hacking into social media accounts or government websites are successful. Then they are presented with the concept of using their hacking skills on the side of law enforcement instead of law breaking.
Hacking has been a serious issue in Australia as it was in March that the Reserve Bank of Australia was hacked numerous times in an effort to gain access to internal information. Some of these attempts were traced back to malware that was created by the Chinese. The attempts were the result of malware sent via email to Reserve Bank employees.
In 2012, the AFP aided law enforcement in Romania in charging ten persons over a hacking that compromised the credit card information of many Australians. There were a half a million credit cards that were duplicated and used to purchase thirty million dollars’ worth of merchandise in four different countries. It is in the hacking forums run by crime syndicates like those being monitored by the AFP that teens are learning these skills. The teens are considered a valuable resource for police work when they choose to help law enforcement rather than to join the ranks of cyber-criminals.
Posted on: May 31st, 2013
Internet-based scams are nothing new, in fact, many of them are twists on pre-internet scams made faster and more lucrative for the crooks. It wasn’t too long ago that scammers were using emails that sent computer viruses that would allow them access to the infected computers. When email was a ‘new’ thing, people still opened many of the emails they received. There was little to fear as any links to a website or photos were not seen as a threat. Scammers used this to their advantage, leading to many problems for infected computers and their users.
Then came the spam filters that screened out those emails from the Nigerian prince who needed help and would pay for it. The scammers, not to be outdone, changed their tactics creating more and more unusual ways of getting innocents to click the link and get infected. Then came legislation that put spammer-scammer types on notice. Now, in order for one person to successfully send an email to another person, that person must be in your contacts list or the email ends up getting caught in that spam filter.
Google’s Gmail accounts have one of the most advanced systems in dealing with spam. And they have improved on that system to counter the further efforts of these spammer/scammers. Since the change in security measures meant that the infected emails would never see human eyes, the spammers realized that the only way to reach people through email was if those people were on their contact list. And since the spammer/scammers don’t want to send these emails to their friends and families, their only option was to hack into other Gmail accounts and use those contacts.
But Google stopped that assault dead in its tracks. They added an extra layer of security so that even if the spammers get a password correct, they still have to verify that they are the legitimate owners of the account. Their new ‘risk assessment’ tool determines how likely it is that the person signing on to the account is actually you. This has cut the number of hacked Gmail accounts by 99.7%, another reason to use Google’s email services.
Posted on: May 30th, 2013
A lot of people own Apple’s iPhone, iPad and other phones. Unfortunately the odds are good that some of those people are criminals. Ordinarily, this wouldn’t prove to be a problem save for the seemingly impenetrable Apple iOS security software that prevents police and federal law enforcement officers from gaining access to a criminals’ phone and personal devices. Criminals, like most people who use these modern devices, add contacts, emails, messages from their sources, pictures and GPS information on the places the criminal suspect has been.
Decrypting the security on a criminals’ Apple phone or personal device has become a serious problem for law enforcement. But the iSO security has proven so tough that even the most skilled computer forensics experts have trouble accessing information that could provide key evidence that could be used to prosecute these criminals. It seems that the only ones capable of decrypting an Apple device are the experts at Apple. In fact, Apple has gotten so many requests to aid Police that there is a waiting list of cases from police agencies, the ATF, and Federal Bureaus for cases involving suspects that use Apple products.
One federal agent with the ATF, Rob Maynard attempted for three months to find anyone with the ability to unlock an iPhone 4S, after consulting with several forensic experts he finally went to Apple. Apple can apparently maneuver around the lock and get all the data downloaded to another device. It is that device that the Apple experts give to the authorities.
How Apple succeeds at penetrating the impenetrable is not clear. Some speculate that Apple has created a ‘backdoor’ through which they can get into someone’s phone. It is in Apple’s privacy policy that they will not reveal personal information stored on a customer’s device, unless a request is made by law enforcement or legal process. While most Apple customers don’t have to worry about outsiders gaining access to their phone, criminals are put on notice that Apple will and does provide access to their devices when requested by the authorities.
Posted on: May 28th, 2013
The Google I/O developers conference began at the Moscone Center in San Francisco with quite a bang with the iconic company making quite a few announcements and has also revealed details of numerous new applications and programs which shall be affecting the users directly.
Introduction of an all new Google Play Music Access
One of the most significant announcements is the introduction of a new music service which is known as the Google Play Music Access. The service would cost $9.99 per month and shall allow users to stream music on demand along with creating custom ration stations on the move as well. For users who sign up for the trial by June 30 and then decide to stick with it, the monthly charges shall be reduced to $7.99 only.
The Google+ Enhancements
The second announcement which is making waves is the fantastic new look if the Google +. The new Google+ boasts of a magnificent look and is modern and clean as well. Moreover, it does not feel like a website and seems and acts like an application, which is a good thing today. This all new UI is already rolling out and users who still have not seen it, go and take a look. Apart from sleek looks and better designs, the Google+ also boasts of great enhancements in the photo sections. The section features an Auto Enhance option which figures out exactly what enhancements the uploaded photo needs and applies them automatically to make the photo look really good. The professional and advanced users also have the option of making these enhancements manually. Lastly, the Google+ shall also be able to create animated GIF’s from specified sets of photographs.
All new universal chat service
Google has also gone ahead and integrated the various versions of its chat messengers such as the Google+ Messenger, Google Talk and Gmail Chat. The result of this integration is known as the Hangouts, which is a user friendly and easy to use universal chat system for all Google products.
Google Voice Search for PC’s
Almost all Android users are in love with the Google Voice Search. The good news for PC lovers is that the PC version of the Voice Search is also being launched and works exactly like it does on Andriod.
Upgraded Google Now Systems
The Google Now, a card based information system which was introduced with the Android 4.1 has also got enhancements such as the ability to set intelligent reminders with the help of basic voice commands. The Google Now can also integrate the public transit commute times so that users can get an alert when the last train or bus is about to leave.
Revamped Google Maps
The Google Maps are also being completely revamped and will be boasting of features such as a completely new look, custom made suggestions, reviews from Zagat and area highlights. The maps shall also include a proper tour of the most popular destinations which will include photographs that are user submitted.