Comments Off on Rogue Anonymous Member Takes Responsibility For Downing The Ship Of Pirate Bay0LikeLike 569
Two days ago we reported on how Pirate Bay, the leading site for illegal torrents was being attacked by DDoS attacks. However, at the time no one including Pirate Bay knew who the attack was coming from. Leading votes where from the MPAA, RIAA or a Government, after Anonymous claimed it wasn’t them. That’s when the thought came to me that It could be someone(team) that has defected from the collective and that’s what it turned out to be.
Comments Off on Hackers Get 181,000 Medicaid Records And 25,000 SSNs From Utah Department Of Health.0LikeLike 482
On March 30th hackers believed to have been from Eastern Europe, hacked into a vulnerable server within Utah’s Department Of Health. UDOH has said that records were moved to a new server that had a configuration problem which allowed hackers to circumvent the department’s security protocols.
Although the breach occurred on March 30th UDOH waited until last Wednesday to publicly announce that the breach occurred. On Friday they revealed the damage. Hackers made off with 24,000 files. Each file can contain information on hundreds of Medicaid patients. UDOH tallied up all the damage and said that 181,000 patients have had information compromised.
The information that was taken includes patient names, birth dates, addresses, provider information, procedure codes answer social security numbers. The patients affected ranged from children kn Utah’s CHIP program to senior citizens.
At the government technology show, formerly called FOSE, in Washington DC we got a chance to talk with Biometrics Associates. This company has developed some very cool encrypted Bluetooth technologies that are implemented in military and government uses.
Their first product is a card reader that, when attached to a smartphone, allows apps that use Biometrics Associates SDK to be unlocked. The only way to unlock these apps is with the right key card and the right credentials on the keycard. Biometrics Associates offers an SDK where developers can build any kind of protected app.
App uses already in use or in development include email protection apps, phone unlocking apps, tactical planning apps and even apps that are used to protect plans for military equipment. Their technology is approved by the United States Department of Defense and NSA to ensure that it meets the top-secret clearance needed at such a high level.
The other technology they offer is a secure BlueTooth headset. As you’ll learn in the video the secured Bluetooth headset uses its own pairing mechanism so that the default 0000 and 1234 codes don’t work to pair the phone with the headset. In addition once locked to the phone it creates a shield that won’t allow any kind of Bluetooth interruption, penetration or eaves dropping.
The headsets were built to NSA specification so that even the highest level agent in any branch of government can talk securely via Bluetooth headset to another party.
“Today’s CAC user needs secure access to mobile applications”, noted Scott Johnson, BAL Executive Vice President and COO, “but sensitive information – both data and voice – must be protected from multiple points of attack. Imagine a doctor in a DoD hospital making his or her rounds with an Android tablet. This doctor needs CAC authenticated access to the hospital medical records database but also needs to be able to dictate notes into the patient’s record over an encrypted Bluetooth link. We are proud to provide products to make this a reality.”
Anonymous, has in the past shown great “humanitarian” beliefs by going after government sites in which those countries take away the freedom from their people. That is just what Anonymous did yet again by Hacking multiple Chinese related sites. But instead of defacing them, left messages explaining how people in China can have a free internet, without the censorship of it’s dictating Government.
A new Twitter account has been opened just for Anonymous attacks against China, which we have a feeling will start to become very active in response to preventing it’s people from having a free world.
Comments Off on MasterCard And Visa Hack, Work Of Anonymous Again?0LikeLike 737
Both Visa and MasterCard are reporting that over 10 million customers of both Credit Card companies have had their information hacked into.
As a result, we have alerted payment card issuers regarding certain MasterCard accounts that are potentially at risk
Krebs has been quoted on their Security blog. What they’ve failed to mention though is if this is payback from Anonymous as they have gone after both companies before. Or if this is another group of hackers. Alerts where sent out last week to banks as the Hack happened between Jan. 21 and Feb. 25.
Credit Cards them selves where not the target, however the processing of them was.
We’ve seen in the past that after both companies stopped letting donations to Wikileaks, that Anonymous hacked into both companies. Could this be their doing again is the question.
Both Visa and MasterCard have refused comment on this so far as the investigation is still on going. As well as the fact it’s yet another black eye on both companies as they continue to feel heat from Hackers who continue to go after both companies.
Comments Off on Brazilian Kids Being Tracked By Embedded Computer Chips0LikeLike 645
If the headline sounds like something out of a strange sci-fi movie, well it’s not. This is actually a true story out of Brazil. Grade school students in a northeastern Brazilian city have new uniforms. Those uniforms may look like typical school uniforms but they are not.
Twenty thousand students in a northeastern Brazilian school system are wearing uniform t-shirt embedded with microchips. All 20,000 students attend one of 25 schools in the Victoria da Conquista’s public school system. There are 213 schools in the system and when it’s all said and done 43,000 students aged 4 to 14 will be wearing the chip embedded t-shirts.
The entire program, which cost the school system over $670,000 to implement, is aimed at targeting tardiness and truancy. The chip notifies the parent of the child by text message when their student has entered the school. It also lets them no if the student hasn’t entered the school after 20 minutes with a text message that says “Your child has still not arrived at school”.
The infamous collective of 6 people who became famous last year for websites in which they’ve hacked as well as companies may be back. Or may not be, matters whom you talk to. LulzSec because famous quickly via Twitter for hacking into the likes of Fox’s TV shows and reveling the contestants before the X-Factor even aired. Along with hacks like PBS and others. However, in the last couple of weeks everything seemed to have ended with their “leader” Sabu, who was outed as a FBI informant.
Comments Off on YouTube remotely accesses the camera on your tablet or phone0LikeLike 3,794
According to a “security expert” YouTube can remotely access the camera on your tablet or phone reports Read Write Web via The London Times (paywall). The reason I even paid attention to this was the fact that it was found at the bottom of the article and was mentioned in passing. If this were truly the case, would this not be the headline? With all the discussions of privacy and contacts happening lately certainly this would make waves with different government agencies. This is a very serious accusation to make and yet there is no solid evidence to support this claim; actually the “evidence” provided by the “security expert” uses the description found in the permission description (read below).
In an article about Facebook reading users emails (more on that later) the London Times and RWW accused Google owned YouTube of remotely accessing the camera found on tablets and smartphones. “Facebook, according to the report, joins several high-profile Web firms that have been caught snooping on their customers. Flickr, dating site Badoo and Yahoo Messenger have all been accused of accessing users’ private data, and YouTube can remotely access and operate a smartphone’s camera, security experts told the Times.” We pinged Google for an official statement and received this reply;
This is so silly…it requests the camera permission so you can launch camera to take a video from within the YouTube app. It’s not like the app can turn on your camera without asking you.
The permission being discussed is found in Hardware Controls and reads as follows:
TAKE PICTURES AND VIDEOS
Allows application to take pictures and videos with the camera. This allows the application at any time to collect images the camera is seeing.
The idea that Google or YouTube would give themselves the ability to remotely access your video camera is, well, silly. It illustrates the very real issue that companies are facing when it comes to permissions and users privacy. What is needed is more education regarding permissions and the use of data by these companies.
Comments Off on Wow More iPhone Apps Dipping Into Your Address Book0LikeLike 581
A little over a week ago everyone was up in arms over the fact that Path was stealing people’s address book information.
Path was taking user’s contact information and uploading names, phone numbers and email addresses to their private servers. Path’s CEO Dave Morin, was applauded by many for facing the issue head on, apologizing and fixing it. Even after he was linked to posts when he was at Facebook that showed a similar behavior.
Of course as we expected, once this story broke more apps came out of the woodwork for doing the exact same thing. In Silicon Valley don’t dare throw stones unless you’re ready to break everyone’s windows.
Silicon Alley Insider dug up a handful of other apps that are taking a peak at what you may think is your private address book:
Comments Off on Apple iMessage Fails To Protect Privacy0LikeLike 683
Apple iMessage fails to protect privacy. An Apple employee had his iMessage account accidentally hacked by a flaw in the way Apple currently has their iMessage account hardwired to the users SIM card. The apple employees personal details, communications and pictures have been released to the public via Gizmodo and Business Insider. Imagine if you were him. All your little details of your life being available to an anonymous person that could use that information to blackmail you into doing things you really don’t want to do or ruin relationships you have by exposing private personal or work conversations that are not meant to be public knowledge. The list goes on and on. I’m sure you can think of a few things wrong with this scenario too.
Here’s the short story of what happened. A mothers sons iPhone needed service, she takes it to an Apple store in her area for service, she picks it up with it appearing to be working as it should, they later find out it is somehow receiving a mysterious mans iMessage communication. Apparently it was transmitting an Apple employees information. More of the story can be found from the source links.
Currently Apples iMessage account is tied to the users SIM card. This is bad. Other messaging services have a sign in type account instead that makes this particular problem not happen. I’m sure Apple is going to fix this issue quickly. Anyone glad you’re using an Android device right about now?
Comments Off on Zuckerberg Admits To Making Mistakes While Settling US Regulator Privacy Complaint0LikeLike 657
“I’m the first to admit that we’ve made a bunch of mistakes,”, Mark Zuckeberg said today in regards to settling a privacy complaint by the United States Federal Trade Commission (FTC).
Facebook today agreed to settle complaints by the Federal Trade Commission that they knowingly failed to protect users privacy. They are now subject to a 20 year agreement that requires Facebook to clearly get user consent before sharing material that was previously protected by more restrictive measures. Facebook also agreed to independent reviews of the companies privacy policies.
“Companies must live up to their promises about privacy,” FTC Chairman Jon Leibowitz said on a conference call with reporters. The settlement “will protect consumer choices and ensure they have full and truthful information about their data.”