Jun 27, 2011

LulzSec leaks classified Arizona law enforcement documents

"We are releasing hundreds of private intelligence bulletins, training manuals, personal email correspondence, names, phone numbers, addresses and passwords belonging to Arizona law enforcement," states the latest press release by LulzSec. "We are targeting AZDPS specifically because we are against SB1070 and the racial profiling anti-immigrant police state that is Arizona."

This is the first data drop since the group banded with Anonymousand other "affiliated battleships" and launched Operation Antisec - a call-to-arms to all individuals that share their view of the world to steal and leak any classified government information they can get their hands on.

According to Rob Beschizza, among the leaked documents - many of which are classified as "law enforcement sensitive", "not for public distribution", and "for official use only" - are emails discussing the Mexican governments, reports about unusual law enforcement encounters and incidents trends, vulnerable targets for terrorists to attack, and more.

The Arizona police spokesman has said that the documents seam to be authentic and that the hackers have probably used compromised email accounts of a number of officers to get them.

In the meantime, the hunt for LulzSec members continues. Topping off the effort put by the authorities, there are hackers who have chosen not to affiliate themselves with LulzSec and have been actively working to disclose the real names of the group's members.

An ex-US military hacker that goes by the handle of Th3J35t3r (The Jester) claims that he has DDoSed www.lulzsecurity.com and discovered details about a LulzSec member that goes by the handle "Sabu". As you might remember, "The Jester" has also previouslyproved his contempt of WikiLeaks.

Another LulzSec member has, in the meantime, talked to Adrian Chen and expressed his unconcern when it comes to the possibility of being hunted down. He also repeated that the recently arrested Ryan Cleary is not a member of LulzSec, that he only ran a chat server on which a public LulzSec chat room was hosted

AT&T hacker pleads guilty

Despite predictions that the two Goatse Security members arrested for the AT&T breach will likely plead not guilty to the charges of identity theft and conspiracy to access a computer without authorization, one of them ended up pleading guilty on both counts.

For all the initial protestations that they compromised the AT&T site only to point out its poor security, Daniel Spitler has had a change of heart and is now awaiting sentencing that is scheduled for the end of September. The maximum sentence for each charge is five years in prison and a $250,000 fine.

Andrew Auernheimer, the other arrested Goatse member, is still out on bail and is expected to be indicted at the end of the year.

According to the NYT, AT&T has offered no comment about the court's decision.

At the time of the breach, the situation raised quite a few questions about the security of AT&T servers, especially because amidst the 114,000 iPad owners' emails and account IDs exposed, there were quite a few belonging to staffers in Senate, Department of Justice, DHS, and other state and federal institutions, various CEOs and media moguls.

Travelodge UK confirms customer database breach

Budget hotel chain Travelodge UK sent its customers an email confirming that their customer database has been accessed by unauthorized individuals and that the collected email addresses have been used in a spam campaign:


According to the warning, the number of affected used is small and no financial information has been compromised. The company's chief executive Guy Parsons emphasized that Travelodge didn't sell the data to third parties.

The company is investigating the breach and has notified the Information Commissioner's Office of it. No further details were shared at this time, but users are warned to be careful of similar or phishing emails.

Demonstrating compliance effectiveness a top priority

71 percent of banks, 72 percent of insurance companies and 84 percent of other financial services organizations believe that demonstrating compliance effectiveness is a top priority, according to Compliance 360.

With the majority of organizations citing the Dodd-Frank Act as the reason for this prioritization, the survey illustrates the high-level of importance placed on establishing effective compliance procedures within the financial services industry.

To help prevent fraud by strengthening oversight, the Dodd-Frank Wall Street Reform and Consumer Protection Act is bringing major changes to the financial services industry. Rather than just providing evidence that compliance programs exist, organizations will need to be able to show proof that their compliance programs actually work.

While many of the regulations stemming from the Dodd-Frank Act are still taking shape, the SEC’s Whistleblower Program is a good indicator of the greater regulatory scrutiny to come. The provision, enacted in May 2011, monetarily rewards people who proactively provide the SEC with information about violations of the federal securities laws.

The SEC has established a framework for evaluating cooperation in determining whether and how to charge these violations, including the potential for reduced sanctions for organizations that have established effective compliance procedures.

Financial services organizations understand the need for compliance strategies and solutions that will help them enhance employee relations, identify gaps, remediate issues and demonstrate compliance effectiveness.

The survey was conducted among compliance professionals in organizations, including banking (traditional banking, lending), financial services (brokerage, investment and wealth management) and insurance (life, property & casualty).

Detailed findings include:

  • 71 percent of banking, 84 percent of financial services and 72 percent of insurance respondents cited demonstrating compliance effectiveness as either “our #1 priority” or “one or our top priorities.”
  • For banking and financial services, the top reasons for this prioritization were “increasing regulatory focus from the Dodd-Frank Act” (52%) and “pressure from regulators or external auditors” (48%).
  • Insurance respondents cited “pressure from internal audit” (50%), “market conduct exams” (45%) and “pressure from regulators or external auditors” (45%) as the major reasons spurring compliance effectiveness.

New evidence-based risk management service

To help enterprises analyze the effectiveness of their data security measures and determine whether they need to be strengthened, Verizon is offering a new evidence-based risk management service that takes the guesswork out of security decision making while putting to work the insight gained from Verizon's Data Breach Investigations Report (DBIR) series.


The offering, Incident Analytics Service (IAS), enables customers to describe, track, analyze and benchmark data breach incident metrics via a Web application that provides access to data from Verizon's historical and ongoing incident analysis research, one of the largest information risk repositories in the world.

Sources of this data include the anonymous and aggregated data from all IAS participants; Verizon's annual "Data Breach Investigations Report;" and information shared freely through the Verizon Enterprise Risk and Incident Sharing (VERIS) application.

The application is a repository for information collected from security incidents that are voluntarily and anonymously reported by participating organizations.

IAS can help enterprises strengthen their security posture, improve risk-management planning and better allocate resources while prioritizing security initiatives based on risk reduction and cost effectiveness. The new service also helps enterprises better understand how their security posture stacks up against peers by providing anonymous benchmarking information on peer security incidents, losses, controls and security spending.

For example, users can review actual information to determine whether they have more or less incidents on average than their peers, or how their incidents differ from their peers in nature or magnitude. Based on this information users can determine what is the optimal short-term and long-term remediation strategy to meet security goals.

Delivered as software-as-a-service, IAS provides customers with timely risk information via its online dashboard, where users can quickly access historical data, as well as analysis, reporting, trending and peer benchmarking information.

Multi-function fingerprint sensor for tablets and notebooks

AuthenTec announced its newest smart sensor for the PC market, the AES2665, which is integrated in the TouchStone package module, gives PC and tablet users security, enhanced aesthetics and touch-powered conveniences including personalization and LED feedback.

The AES2665 sensor module features a bi-color programmable LED to provide users quick visual feedback on sensor functions. Smart sensor features and functions are fully optimized when used on a PC equipped with AuthenTec’s TrueSuite and HP SimplePass 2011 identity management software.

The AES2665 combines a USB2.0 full speed interface with compact size and low voltage, low power operation. This new sensor features AuthenTec’s live layer fingerprint imaging technology and pattern-based matching algorithms.

It offers industry leading performance including Ability-To-Enroll (99 percent) and False Rejection Rate/False Acceptance Rate (less than 1% FRR at 1 in 500,000 FAR). This helps to ensure PC and tablet users are able to easily authenticate with one swipe of the finger while providing very high levels of security.

AES2665 module features:

  • Smart sensor embedded in durable 3.1mm thin, 22mm X 14.6 mm TouchStone package module
  • 4 Pin, 1.0mm pitch FPC connector
  • 192 x 8 pixel sensor array provides 500 DPI resolution
  • 128-bit AES image encryption
  • USB 2.0 Full Speed Interface
  • Multiple battery-friendly operating modes @ 3.3V
  • Integrated low-power finger detection with remote wakeup capability
  • One-time Password (OTP) capability
  • Cursor and menu navigation capability
  • Compatible with AuthenTec TrueSuite and HP SimplePass 2011 software
  • Ultra-hard surface coating offers >8H scratch hardness withstands >10 million rubs
  • Color variations available (standard color is black).

Jun 17, 2011

Anonymous Hackers hit 50 Malaysian government websites

Malaysia has been hit by a wave of attacks after the "Anonymous" hacker group accused the government of Internet censorship. More than 50 government websites were hit and 41 of them were closed

The Malaysian Communications and Multimedia Commission (MCMC) said in a statement the attacks on websites with the .gov.my domain started shortly before midnight Wednesday and lasted several hours.
Little damage was caused and these were denial of service attacks. Apparently most of the websites have already recovered.

Anonymous warned on a website that it would target the government portal www.Malaysia.gov.my on Wednesday. It was still down this morning.

It is interesting that it has just woken up to this problem. Malaysia's media operate under strict censorship laws. Until now websites have remained relatively free, due to an official pledge not to censor the Internet in a bit to get foreign cash into the country.

XSS attack on CIA (Central Itelligence Agency)

After Ddos attack on CIA (Central Itelligence Agency) website by Lulzsec,lionaneesh, an Indian hacker have found XSS Vulnerability on same site as shown. The Vulnerabile link is here . You can join Loinaneesh on Twitter

HP computers FTP hacked by HexCoder

Pakistani hacker named "HexCoder" . He Claim to hack FTP of HP computers at ftp.hp.com . 























Statement about this Hack by Hacker HexCoder,"I have done this by getting access to FTP successfully.All this by just mere stupidity!Oh and I will not share their database because its too big (9 GB)".


Some Proofs of Hack Submitted By Him :

About a month before , ACER hacked because of their own stupidity, and this time HP computers.

LulzSec leaked passwords come from Writerspace

Following LulzSec's sharing of a list of 62,000+ random login credentials, people who have been looking into it say that some of them are likely to come from online writing community.


As expected, the passwords used most often include “123456”, "123456789” and “password”. But is the fact that many users have used passwords tied to books ("bookworm", "reader", "reading", "booklover'", and others) has fueled that belief.

"It all points in a clear direction; and if you’re still doubtful, perhaps the smoking gun is the fact that 30 people have chosen 'writerspace' as their password," says Darien Graham-Smith.

And the theory was confirmed by Writerspace: "Today an anonymous group of hackers known as LulzSec posted a list of 62,000 e-mail addresses and passwords. That list included about 12,000 e-mail addresses and passwords from Writerspace members."

They are contacting the owners of the affected accounts and say that their techs are working to insure that their server is as secure as possible. The have also offered some good advice on choosing strong passwords, but I'm not so sure they have been storing the users' passwords as they should have - i.e. encrypted. Well, either that, or their encryption method of choice was weak.

Protect yourself from Olympic phishing scams

Nobody yet knows for certain whether they have been allocated 2012 Olympic event tickets. Until June 24, when confirmations arrive, there remains the risk that some people will have been the victim of cybercrime.

Until this uncertainty and the concern it has created has abated, below are some top tips courtesy of VADition on what do if you are concerned about the risks you may have been exposed to during the Olympic ticket application process.

1. If an ‘Olympics’ related sum has been taken from your account, do not assume that it is bona fide just because it says ‘Olympics Tickets 2012’ or some other official sounding reference. Contact your bank or card provider to query the origin of the transaction.

2. If you receive any correspondence pertaining to be from the Olympics authorities, read it carefully for spelling errors, peculiar language or anything else that doesn’t look quite right. If in any doubt, share the correspondence with the Olympics authorities yourself before accepting that any of the information is true, or following any instructions on it.

3. If you need to access the Olympics ticket website again, do so by entering the full website address manually into your browser window. Do not click any links you have received or used before, as these can be spoofed (i.e. redirect to another address different from the one you see on the page).

4. If your bank or card provider proactively contacts you regarding any specific bank transaction, or about your account in general, remain extremely vigilant to phishing threats and be cautious about disclosing any personal information.

5. Continue to routinely check your bank statements carefully. If your account details have been stolen, it could be some considerable time before the thief decides to take advantage.

6. For more guidance, consider a government endorsed, independent provider of authoritative advice like Get Safe Online. Or consider placing a fraud alert on your credit reports. Your bank should be able to help you do this.

LulzSec discloses 62,000+ random login credentials

LulzSec rampages on.

They claimed they took out cia.gov for a couple of hours tonight, but its difficult to say whether they really did it or whether the site was made unavailable because of a large number of people trying to access it after seeing the "Tango down - cia.gov - for the lulz" message on the group's Twitter feed.

The group also redirected the incoming phone calls to their dedicated and likely untraceable phone line to online retailer Magnets.com, then the Detroit offices of the FBI, and finally to HBGary offices.

As the latest prank, they made available for download a text document containing 62,000+ emails/passwords and encouraged Internet users to try and use them on various online services and social networks in order to hijack the accounts.

"In return for flooding /b/ this morning, have 62,000 passwords and emails," they said. "The top half is 'password | email', and the bottom half is 'email | password'; these are random assortments from a collection, so don't ask which site they're from or how old they are, because we have no idea. We also can't confirm what percentage still work, but be creative or something."

And judging by the comments of various users, some rose to the challenge. The worst thing is, the file is hosted on MediaFire, and as I'm writing this, is still available for download.

Free web hosting is a boon to phishers

Sometimes it seems that every legitimate service offered online can be misused by phishers, scammers and cyber criminals in general.

Free mail services are abused to send out spam. The Amazon cloud is used by criminals to host malware and mount attacks. Search engines are used to offer poisoned search results and to drive users to malware or scam sites. Social networks are misused to spread malicious links.

Free hosting services are also a boon for scammers, since they need a place to set up malicious sites as quickly as they get pulled down.

There are many such services on the Web, and among them isPasteHtml.com a free anonymous web hosting. And although the intentions of the people behind the service are honorable, the site has proven very handy for phishers.

"Try searches on the site for terms such as 'site:pastehtml.com facebook login' or 'site:pastehtml.com paypal'," points out a Zscaler's researcher. "Most of the pages are malicious."


And while the service tries to keep the pace and take down or block the pages in question - or sets up warnings for users to see when they try to view it - it is a constant race against the clock, not to mention a drain on its resources.

Unfortunately, there is no easy solution for them, and until there is one, users must become accustomed to checking the URL in the address bar in order to be sure they have landed on the right pages.

App that revealed most common iPhone passcodes booted from App Store

Following the publication of the statistics concerning the most common iPhone passcodes that application developer Daniel Amitay has shared on Tuesday, Apple's unsurprising reaction was to remove the app from its App store.

Even though Amitay did not, in fact, collect the users' passcodes, but the passcodes for his "Big Brother" app, and even though Amitay believed that the iTunes EULA allowed him to do so as long as it is in a form that does not personally identify the users, Apple has decided to shoot first and ask questions later.

I can't say that I blame them, and judging by the Amitay's blog post, neither does he. "ll gladly remove the code in question if it is what Apple has a problem with. That said, I had planned on having these common passcodes built into a next update, so as to prompt users not to choose obvious passcodes," he explained.

"I have sent in a new update without the analytics in question, as well as appealing on the grounds that the data in question was specific to my app, and not the iPhone, was anonymous and had no identifying markers, and was for the purpose of improving effectiveness of future updates," he announced.

It now remains to be seen if Apple will accept his reasoning.

Microsoft investigates emerging Internet phone scam

An Internet scam that targets English-language markets and costs victims on average $875, according to Microsoft.

The scam works by criminals posing as computer security engineers and calling people at home to tell them they are at risk of a computer security threat. The scammers tell their victims they are providing free security checks and add authenticity by claiming to represent legitimate companies and using telephone directories to refer to their victims by name.

Once they have tricked their victims into believing they have a problem and that the caller can help, the scammers are believed to run through a range of deception techniques designed to steal money.

To establish the extent of this emerging form of Internet fraud, Microsoft surveyed 7,000 computer users in the U.K., Ireland, U.S. and Canada. The survey showed that across all four countries, 15 percent of people had received a call from scammers. In Ireland this rose to 26 percent.

Of those who received a call, 22 percent, or 3 percent of the total survey sample, were deceived into following the scammers' instructions, which ranged from permitting remote access to their computer and downloading software code provided by the criminals to providing credit card information and making a purchase.

The vast majority (79 percent) of people deceived in this way suffered some sort of financial loss. Seventeen percent said they had money taken from their accounts, 19 percent reported compromised passwords and 17 percent were victims of identity fraud. More than half (53 percent) said they suffered subsequent computer problems.

Across all four countries surveyed, the average amount of money stolen was $875 (U.S.), ranging from $82 (U.S.) in Ireland up to $1,560 (U.S.) in Canada. The average cost of repairing damage caused to computers by the scammers was $1,730 — rising to $4,800 in the U.S.

"The security of software is improving all the time, but at the same time we are seeing cybercriminals increasingly turn to tactics of deception to trick people in order to steal from them," said Richard Saunders, director of International Public and Analyst Relations at Microsoft. "Criminals have proved once again that their ability to innovate new scams is matched by their ruthless pursuit of our money."

While Microsoft's research shows the huge scale of the phone scam issue, at this stage it is believed to only affect countries where the main language is English. However, according to Saunders, it's only a question of time before the scammers acquire skills in other languages and look to expand their operation. "Fake lottery scams and other forms of Internet scams have followed this pattern," Saunders said.

Because phone scammers rely on deceiving, Microsoft believes the most effective protection lies in consumer education to prevent people from becoming victims in the first place.

The following is Microsoft's advice:

  • Be suspicious of unsolicited calls related to a security problem, even if they claim to represent a respected company.
  • Never provide personal information, such as credit card or bank details, to an unsolicited caller.
  • Do not go to a website, type anything into a computer, install software or follow any other instruction from someone who calls out of the blue.
  • Take the caller's information down and pass it to the authorities.
  • Use up-to-date versions of Windows and application software.
  • Make sure security updates are installed regularly.
  • Use a strong password and change it regularly.
  • Make sure the firewall is turned on and that antivirus software is installed and up to date.
The Microsoft survey showed that 67 percent of people who lost money were able to recover, on average, 42 percent of it. Microsoft advises anyone who thinks they may already have been a victim of a phone scam to do the following:
  • Change their computer's password, change the password on their main email account and change the password for any financial accounts, especially bank and credit cards.
  • Scan their computer with the Microsoft Safety Scanner to find out if they have malware installed on their computer.
  • Contact their bank and credit card companies.

Risk management under pressure

Has the financial services industry reached a comfort zone, placing it in jeopardy of another crisis? Are today’s risk management practices and reporting in tune with existing risk culture and organizational expectations?

Despite lessons learned, reform remains threatened by an imbalance of risk management demands and actual programs and practices in place, according to a recent global risk management survey.


In February and March 2011, the Economist Intelligence Unit (EIU) surveyed 315 executives globally for SAS, the leader in business analytics software and services. Respondents were primarily focused on risk management in banks, capital markets firms and insurers of all sizes from less than $100 million to more than $1 trillion in assets (USD).

While financial institutions initiated some risk management measures to address deficiencies exposed by the financial crisis, risk cultures are ill-prepared for current demands and have been overtaken by competing priorities that encourage growth and profitability without embedded risk strategies.

Because of the cautious overall recovery and recent strong performances in the financial sector, firms have seen increased risk appetites with pressure to expand and boost profits. Respondents are struggling to manage risk, with more than three out of five citing growing complexity in their organizations’ risk exposures.

Two-thirds of respondents say external risks pose a greater challenge to their institutions than internal ones, yet only 52 percent say that their risk management processes are well placed to deal with this volatility and complexity.

The momentum of revamping and strengthening risk management may have peaked since the percentage of respondents is the same compared to last year when questioned about confidence in having a clearly defined risk management strategy. Year on year, the proportion of respondents who are increasing investment in the risk function has fallen slightly across IT, data, training and recruitment.

Silos continue to hamper risk management progress. Although the risk function has been elevated, organizations still lack strong and open relationships between the risk function and lines of business, which need the most improvement. Respondents cite poor communication between departments as a major barrier to effective risk management – whereas last year’s report named future regulation the top concern.

According to the survey, management boards have increased both their risk expertise and demand for risk reporting. More than two in five respondents indicate a rise in the board’s risk expertise and over half report boosted demands for risk reporting, with the retail banking seeing the most. Yet only a minority of institutions appears to be taking steps to upgrade risk reporting, including timeliness, consistency and extent of reporting on emerging risks.

The complete report is available here (registration required).

Protect yourself while surfing the mobile web

Lookout Mobile Security introduced Safe Browsing to protect against online threats when surfing the Web from a mobile device.

Safe Browsing users can feel confident that they can safely access personal information including financial accounts, social networking and donation websites on their mobile device.

The software examines every website in real-time and automatically warns against phishing attempts and unsafe sites—guarding users from identity theft, financial fraud or malware. On a mobile device, because of the small form factor, people are three times more likely to click on a suspicious link than if they are using a PC1.

The Lookout Mobile Threat Network protects more than nine million Lookout users daily from downloading or accessing bad applications and will now protect users from phishing attempts and malware sites, safeguarding phones and privacy.

Without impacting the performance of mobile browsing, Lookout’s Safe Browsing reviews every website in real time before the site loads to confirm it is safe. If a user unknowingly clicks on a link to a bad site, Safe Browsing will block access to the site automatically.

“With new devices and quickly evolving 4G networks, it is even easier for people to use their mobile devices to stay connected while on the go, but consumers need to have the confidence to safely surf the Web,” said John Hering, CEO and founder, Lookout Mobile Security. “Safe Browsing leverages our global threat detection network that already protects millions of users from malicious applications. By extending protection with Safe Browsing, mobile consumers can feel safe surfing the web, accessing email and entering other personal information on their mobile device.”

F-Secure Mobile Security 7 protects smartphones and tablets

The mobile world is changing fast. Smartphones and tablet computers are at the cutting edge of technological sophistication and defining what is cool to a new generation of younger users. Mobile devices are now widely used by both children and adults for surfing the Web, keeping in touch with favorite digital communities, and for online transactions.


The security context is also evolving. The Web is constantly growing and according to F-Secure’s Data Security Labs much of its content is harmful or low quality. Many websites now consist of recycled material that spammers attempt to exploit for advertising revenue. This means that mobile devices need better security than ever before, with online security and parental control to prevent children accessing harmful websites taking on an added importance.

Confidential data like photos, emails and passwords are now stored on many mobile devices, also making data loss and identity theft a major concern. According to a recent F-Secure survey, 75% of respondents who had lost a phone said they were more worried about losing the data on their cell phone than the phone itself.

F-Secure Mobile Security 7 is a security solution for smartphones and tablet computers. It provides safe web browsing with parental control, protects confidential content, and makes it possible to locate your device if it is lost or stolen.

The new Parental Control feature in Mobile Security is easy to set up based on the children’s age. It is fully customizable according to 15 content categories, such as adult, chat, dating, drugs and gambling content, which can all be blocked. According to F-Secure’s survey, 77% of respondents would like to filter inappropriate web content if their child is using a smartphone with Internet access.

Mobile Security identifies which websites are safe to enter and which you should avoid. Harmful sites designed to spread malware or to steal your online identity, such as banking details, are automatically blocked to ensure safe browsing.

Globally millions of phones are lost or stolen every year. This is also reflected in F-Secure’s survey results, where 33% of respondents said they had lost a cell phone. With Mobile Security you can remotely locate and lock your lost device and – as a last resort - erase the data to prevent it from falling into the wrong hands.

If someone changes the SIM card, Theft Control locks the phone automatically and the thief’s phone number is reported to you. There is also a Remote Alarm feature to help find that hidden phone under the sofa, even if it’s on silent mode.

Location Sharing is another useful new feature. The user can easily report his or her current location to friends and family. The person holding the device can also be remotely located. This makes it easy to keep tabs on your children, for example making sure that they arrive safely at school. And if a child loses the phone, the device can be remotely locked or wiped by the parents.

F-Secure Mobile Security 7 protects against the harmful apps, malware and viruses that criminals are using to exploit mobile devices for financial gain. As smartphones and other mobile devices become more affordable, they are increasingly used for shopping and other financial transactions. Consequently, mobile devices are also becoming an attractive target and the amount of mobile malware is expected to grow significantly.

Jun 13, 2011

Samsung, Apple to end Nokia's smartphone reign


Samsung Electronics Co Ltd will become the world's largest smartphone maker this quarter, overtaking struggling Nokia Oyj which has lead the market since 1996, Nomura said on Monday.
In the next quarter Nomura sees Apple Inc also overtaking Nokia, pushing the Finnish company to No. 3 in the rankings.
"Nokia looks set to relinquish its smartphone crown to Samsung and Apple," Nomura analysts said in a research note. "Further emphasizing the shift in power to Asia is our forecast for HTC to almost match Nokia during 2012."
Research firms Gartner and Canalys both said they saw Nokia -- which created the smartphone market with its 1996 launch of the Communicator model -- losing smartphone volume leadership later this year.
"If Nokia's new phones are not well received in the third quarter and with the Galaxy S2 ramping up, Samsung might overtake them and become the smartphone leader in Q3," said Gartner analyst Carolina Milanesi.
On Monday Kantar Worldpanel ComTech's survey showed Nokia's share of the British smartphone market -- seen as a key indicator for trends in Europe -- had dropped to 10.6 percent in 12-weeks to mid-May from 31 percent in the same period a year earlier.
Nokia has lost initiative in the smartphone market to Apple's iPhone and Google Inc's Android devices, and at the lower end to more nimble Asian rivals.
"There is certainly a very close three-way battle going on for top spot in global smartphone volumes between Nokia, Apple and Samsung during the second quarter," said Neil Mawston, analyst at Strategy Analytics.
"With Symbian demand crashing, there is growing opportunity for Samsung or Apple to grab the lead," said Mawston, but said he still expects Nokia to stay ahead in the ongoing quarter.
Overall, Nokia still makes more cellphones than Samsung due to its strong position in basic cellphones and its wider distribution network in emerging countries.
The company is switching to Microsoft Corp's software from its own Symbian platform as part of an overhaul of its phone business set out in February by new Chief Executive Stephen Elop.
On May 31 Nokia abandoned hope of meeting key targets just weeks after setting them, raising questions over whether its new boss can deliver on the turnaround he promised.
Shares in Nokia closed 0.1 percent lower in Helsinki, at 4.33 euros, in line with a slightly softer technology sector.

Facebook looking at IPO in first quarter: report


Facebook is preparing to file for an initial public offering as early as October or November that could value the popular social networking site at more than $100 billion, financial news channel CNBC reported on Monday.
Goldman Sachs is leading the chase to manage the lucrative offering, which could come in the first quarter of 2012, CNBC said.
With more than 500 million users, Facebook is the world's most popular Internet social network and one of the most hotly-anticipated initial public offerings on Wall Street.
Facebook, whose chief operating officer last month told Reuters that an IPO was "inevitable," declined to comment on the latest report about its timing for an offering.
Anticipation about a Facebook's future plans comes at a time of heightened investor appetite for shares of fast-growing social networking companies.
Professional networking site LinkedIn Corp launched its own IPO last month, valuing the company at about $7 billion.
Earlier this month, daily deals site Groupon Inc filed to raise up to $750 million in an IPO, fueling speculation that Internet valuations have become too rich.
Founded in a Harvard dorm room in 2004 by the now 27-year-old Mark Zuckerberg, Facebook threatens Internet companies like Google Inc and Yahoo Inc as it becomes a popular online destination for Web surfers and an important marketing channel for advertisers.
Facebook was valued at $50 billion earlier this year when Goldman Sachs invested in the company.
Recent transactions of Facebook shares on the secondary market have valued the company between $78 billion and $81 billion, according to information on the website of Sharespost, an exchange for trading shares in private companies.
Facebook is expected to generate roughly $4 billion in advertising revenue in 2011, up from $1.86 billion a year earlier, according to market research firm eMarketer.

Web host victims repeatedly exploited by cybercriminals

More than one-third of respondents to an Anti-Phishing Working Group (APWG) survey were repeat victims of phishing attacks that resulted in a successful establishment of phishing or spoofing websites on their web server platforms.

Some 37 percent of respondents to the wide-ranging study of website vulnerabilities and administrative responses to exploitation reported that their websites had phishing or spoof sites planted on their web servers two or more times before, a telling statistic that reflects both the persistence of phishers and the difficulties of keeping them at bay.

“Phishers value compromised web sites highly because they are much harder for interveners to take down. They’re confident that they’ll be able to identify and exploit sites, and do so repeatedly. Victims are not mitigating exploits entirely or are not implementing adequate measures to keep them away,” said APWG Research Fellow Dave Piscitello of ICANN.

“Keeping all components of a web site – OS, web server, applications, and content - patch current and applying the most secure configuration options possible could significantly reduce initial and repeat attacks,” concluded Piscitello.

The APWG’s Internet Policy Committee began an online survey for managers of websites that had been exploited in phishing attacks and other malevolent enterprise nearly 18 months ago. Some 270 completed surveys are included in this first tally and analysis.

The APWG IPC organized this study to understand the web site operating environments that are abused by cybercrime gangs, the nature of the attacks, and actions the victim took in response, to obtain a clearer understanding of attacker methodologies and target preferences.

While the survey results clearly indicate that web sites could benefit from broader implementation of preventative measures to mitigate known vulnerabilities, they also reveal that organizations are not adequately monitoring for anomalous behavior or suspicious traffic patterns that may indicate previously unseen, so-called zero day attacks.

While only one in five victims reported that the attacks were discovered by their own staff, fifty-two percent of respondents were informed of the attack by third-party security companies. Victims indicated that their web hosting service (18%) or the company that was phished (18%) were as likely to notify victims as the organization’s staff.

“You can’t publish active content in Internet time and verify that your protective measures against attacks remain effective. Vulnerability testing, if done at all, is done too infrequently,” lamented Piscitello.

“That nearly 80% of incidents are being detected by third parties tells us that too few organizations take real time monitoring or examination of logs for suspicious activities seriously,” concluded Piscitello.

The full report is available here.

Alleged Spanish, Turkish Anonymous members arrested

News that three Spanish nationals linked to Anonymous have been arrested has been followed by the announcement of the Turkish police that it has detained 32 individuals thought to be connected to the hacktivist group.

The Spanish police has arrested three Spaniards in their early 30s, in Almeria, Barcelona and Valencia, who are thought to have been behind the attacks on the Sony PlayStation online gaming store, and part of the attacks against two Spanish banks, Italian Enel and a number of government sites all over the world (including Spain).

According to the NYT, one of the three arrested men had a computer server in his home which has been tied to the attacks.

During the investigation that lead the police to these suspects, police officers went through more than two million chat logs and analyzed the Web pages used by the group. The police believes that the three are not merely participants of the DDoS attacks, but the ones that made decisions and directed the attacks.

Anonymous has responded by launching a DDoS attack against the website of the Spanish police, downing it for a while.

"You have not detained three participants of Anonymous. We have no members and we are not a group of any kind. You have, however, detained three civilians expressing themselves," said the group in a press release. "Arresting somebody for taking part in a DDoS attack is exactly like arresting somebody for attending a peaceful demonstration in their hometown. Anonymous believes this right to peacefully protest is one of the fundamental pillars of any democracy…"

The arrests in Turkey have followed a number of DDoS attacks on sites belonging to the Turkish parliament and the prime minister made in protest against the government's plan to introduce Internet content filtering.

According to IT Pro, 32 individuals from a dozen of Turkish cities have been arrested during raids executed by the police, and they have all been taken to the Security Directorate in the capital. No further details about the investigation and the arrested individuals are known.

"Over the last few years, we have witnessed the censorship taken by the Turkish government, such as blocking YouTube, Rapidshare, Fileserve and thousands of other websites. Most recently, the government banned access to Google services," said Anonymous before the attacks against the Turkish government's websites. "These acts of censorship are inexcusable. The internet is a platform for freedom, a place where anyone and everyone can come together, discuss topics, and share information, without the fear of government interference."

IRISS Conference 2011 call for papers

IRISS will hold its second annual conference on Wednesday the 23rd of November 2011 in Dublin. This is an all day conference which focuses on providing attendees with an overview of the current cyber threats facing businesses in Ireland and throughout the world and what they can do to help deal with those threats.



Experts on various aspects of cyber crime and cyber security share their thoughts and experiences with attendees, while a number of panel sessions will provide the opportunity to discuss the issues that matter most.

Submissions are invited on the following topics
  • Cyber Crime
  • Cyber Security
  • Incident Response
  • Data Protection
  • Incident Investigation
  • Information Security Threats
  • Information Security Trends
  • Securing the Critical Network Infrastructure.
If you are interested in submitting a presentation proposal for IRISSCON please use the following form and submit to info@iriss.ie by 17:00 GMT on 22nd July 2011.

The following video shows the highlights from our conference in 2010 at which over 200 people attended:



Citigroup acknowledges data security breach

Citigroup Inc. has publicly acknowledged a breach of its systems that exposed the data of about 200,000 bank card holders in North America.
Citi said the information stolen by hackers include account numbers, email addresses, phone numbers and other sensitive data. Details about the breach are scarce. The Financial Times reported the breach was discovered by the bank in early May.
Citi said the breach was contained. The attackers did not have access to other identifying data such as birth dates, Social Security numbers and card expiration dates. The bank said card security codes (CVV) were not compromised.
"We are contacting customers whose information was impacted. Citi has implemented enhanced procedures to prevent a recurrence of this type of event," Sean Kevelighan, a U.S.-based spokesman, told Reuters by email.
The breach is one in a string of high-profile data breaches that began with the attack on RSA, The Security Division of EMC Corp. That breach exposed information on its SecurID two-factor authentication product.
Several government contactors including L-3 Technologies, Lockheed Martin and Northrup Grumman have announced attacks on their systems. All of the attacks have been contained. RSA confirmed an element of SecurID was used in the Lockheed attack.
A massive breach at Epsilon Data Management LLC, a firm that handles email messaging for large enterprises, including 150 banks, exposed the names and email addresses of tens of thousands of people. Sony has also been bolstering the security of its systems after several successful attacks exposed the personal information on more than 100 million PlayStation Network and Qriocity accounts.

Microsoft gearing up for disruptive Patch Tuesday

Microsoft appears to be gearing up for a disruptive Patch Tuesday next week.
The software giant’s advance notice, released earlier today, shows a total of 16 bulletins. The majority of the bulletins released are labeled “critical,” the highest rating the company gives. The remaining seven bulletins received an “important” designation.
Of the nine critical vulnerabilities, almost all require a restart and all allow remote code execution if not fixed. Most fixes tend to flaws in the operating system and two patch holes in Microsoft’s .NET framework. The second bulletin addresses a Microsoft Silverlight issue.
The bottom seven saw a similar fare, with most of those bulletins dedicated to fixing vulnerabilities in the Windows operating system; however, two of the important bulletins deal with flaws in Microsoft’s Office software suite of programs.
The important bulletins saw much more diversity in terms of the threats they pose, bulletins 13 and 14 are denial-of-service threats, 10 and 15 are information disclosure threats, 12 and 16 are elevation of privilege threats, and 10 is a remote code execution threat.

AppSec adds blocking, virtual patching to database activity monitoring solution

Application Security announced new enhancements to DbProtect. Version 6.3 of this database security solution now includes the ability to block real-time attack and unauthorized activity. In addition, DbProtect will now include rights management support for DB2 and Sybase environments.



The new blocking feature stops users when inappropriate activity occurs. Blocking is automatically triggered when database activity, the communication between users or applications and the database, violates a customer’s security policy. The feature will be added to the Audit and Threat Management module of DbProtect, the database activity monitoring (DAM) component of the Database SRC platform, and is available for all supported database platforms.

“Today’s cyber threats pose significant risk to the confidentiality of digital information within companies, and blocking adds an additional layer of defense to thwart unauthorized activity,” said Josh Shaul, CTO, AppSec. “DbProtect excels at helping companies prevent attacks, regardless of where they initiate and what paths they take. AppSec already offers proactive measures that short-circuit attacks in their early stages, and now we’re bolstering those capabilities with an active defense. Blocking is a last line of defense against intruders that have managed to slip through other security measures.”

The new blocking feature is an automated incident response that comes equipped with an out-of-the-box set of actions to effectively quarantine accounts that behave inappropriately while immediately alerting appropriate personnel of the violation. DbProtect 6.3 will update its management console to allow users to specify which blocking actions are appropriate under what conditions.

Blocking is powered by AppSec’s leading SHATTER Knowledgebase – the largest and most expansive library of database vulnerability and threats – which is updated with the greatest frequency to provide current protection from continuously changing cyber threats.

Primary use cases for blocking capabilities include:

Privileged user segregation of duties (SoD) enforcement - By enforcing SoD rules on database administrators (DBAs) and other privileged users, personnel responsible for administering the performance of the database system is blocked from accessing the information stored in the database that is not relevant to their responsibilities. Organizations can now readily satisfy information security concerns that have become common audit findings.

Virtual patching - It is expensive and difficult to patch databases. In many cases, it’s simply impossible to patch a critical database within a reasonable timeframe. Blocking augments DbProtect’s ASAP Update program – the security update service that keeps its knowledgebase current, to help organizations apply patch protection when a patch hasn’t actually been applied. Virtual patching saves DBAs significant time while dramatically reducing risk.

Data leakage prevention - Organizations are left exposed by not monitoring database activity, or not being able to react quickly enough to the database audit logs they may be collecting. Ironically, most Data Leakage Prevention technologies focus on end-point protection, and are largely ineffective at protecting the database. Blocking unauthorized queries that attempt to extract large amounts of sensitive data ensures that data does not leave the database.

Attack prevention - Exploits of known vulnerabilities or database misconfigurations could easily be mistaken for normal activity by security generalists that lack database experience. Detecting suspicious activity and locking out the user accounts exploited by attackers can halt a database attack before the attacker can get to the data and do real damage.

Jun 11, 2011

Final Space Shuttle Mission Will Feature iPhones


NASA’s final shuttle mission will feature outer space’s first iPhone, tricked out with an app to measure spacecraft radiation levels, orbital location and altitude.
The iOS-based software, called SpaceLab, will come pre-loaded on two iPhone 4s. Testing the software isn’t mission-critical, but it may lead to terrestrial commercial devices being repurposed for space in the near future.
“When Apple added gyros to the iPhone, it suddenly became a small avionics platform,” said Brian Rishikof, CEO of Odyssey Space Research, the company that designed SpaceLab. “You can imagine using it to do backup functions to recover navigational state. If it has any potential life-saving functions, it suddenly becomes a whole different animal.”
Getting any gadget aboard a NASA space shuttle, much less the space agency’s very last mission on July 8, involves a grueling certification process that typically takes up to two years. The device can’t off-gas dangerous chemicals into recycled air, interfere with electronics or otherwise compromise mission performance.
Without relying on wireless communication, SpaceLab can tell astronauts their altitude by analyzing Earth’s curvature, which becomes more pronounced with distance. Sequential photos of Earth’s coastlines, perhaps snapped from the space station’s big window, will give orbital position and spacecraft speed. Letting the phones rest will allow SpaceLab to measure radiation by looking for “single bit upsets,” when radiation smacks into a memory bit and changes its value (from 1 to 0 or 0 to 1).
Space station crew can play with the phones until September, when a Russian Soyuz spacecraft takes them back to Earth for analysis.
“We’re attempting to show how a commercial product that millions of people use can function as spaceflight hardware,” Rishikof said. “Once you demonstrate that it’s capable, you begin to wonder what else is possible.”
Before the phone launches into orbit, NASA will review its software one final time. Rishikof said it’s safe to assume a copy of Angry Birds won’t make its way on.
“We don’t want to compromise astronauts’ time,” he said.

Jun 10, 2011

Most organization experienced data loss

75% of UK organizations experienced data loss in the last year, compared with an average of 77% internationally, according to Check Point.

Key findings from the survey show customer information was the most common type of data to be compromised in UK businesses at 52%, in addition to intellectual property (36%), employee information (36%) and consumer information (35%).


With the adoption of Web 2.0 applications and more mobile devices connecting to the network, organizations are challenged with enforcing better data security and IT Governance, Risk and Compliance (GRC) requirements.

According to the survey of over 450 IT security administrators in the UK, the primary cause for data loss was from lost or stolen equipment, cited by 35% of the UK respondents. Network attacks accounted for a quarter, followed by Web 2.0 and file-sharing applications (22%), and unencrypted USB or media storage devices (19%).

In addition, more than half (53%) of UK respondents surveyed believe their employees have little or no awareness about data security, compliance and policies, with only 19% reporting high awareness of these issues – the third lowest of the five countries surveyed (UK, USA, France, Japan, Australia), highlighting the need for user awareness to be implemented into data protection strategies, as people are often the first line of defense.

“We understand that data security and compliance are often at the top of the CISO’s list. However, if you look at the drivers for data loss, the majority of incidents are unintentional,” said Oded Gonda, vice president of network security products at Check Point Software Technologies. “In order to move data loss from detection to prevention, businesses should consider integrating more user awareness and establish the appropriate processes to gain more visibility and control of information assets.”

"With hundreds of data loss incidents every year - both reported and unreported - it’s no surprise the issues with governance, risk and compliance are being magnified," said Dr. Larry Ponemon, chairman and founder, Ponemon Institute. "Data security in a modern day world means more than deploying a set of technologies to overcome these challenges. In fact, the lack of employee awareness is a primary cause in data loss incidents and is encouraging more businesses to educate their users about corporate policies in place."

Cybercriminals targeting sporting events and music festivals

BitDefender identified a series of scams targeting music festival goers, sporting event fans and holidaymakers this summer.

The top summer-themed spam messages for 2011 relate to holiday booking and ticket confirmation. BitDefender’s Online Threats Lab also forecasts a rise in event ticketing scams through rogue websites offering counterfeit tickets.

At a time when it is relatively easy to fall for seasonally-themed spam or rogue websites, the top summer 2011 spam baits include: “Plan a vacation in sunny Virginia Beach”, “69 euro x settimana in Turchia, Spagna, Sardegna, Sicilia!”, “Confirm your ticket” or “Order payment verification”.

If the victim has recently ordered tickets or been researching holiday options, the dangers are twofold. Firstly, malicious e-mail attachments expose the user to worms and Trojans. Secondly, links are included pointing to websites designed to capture financial data.

In the past month, BitDefender has also been monitoring the rise of a summer vishing scam. Typically, the potential victim will receive a telephone call on behalf of a fake travel agency offering the chance to win a holiday to Disneyland.

Once hooked, the victim is asked to log onto a website and complete a form in order to be in with a chance of winning. In reality, the prize is not a luxury visit to a theme park but the theft of credit card data for fraud.

Here's some advice on how to stay safe this summer:

  • Use a reputable website that you were familiar with before the event
  • Research the ticketing website you are using and see what others are saying about it
  • Contact customer services and ask questions such as venue location or seat details
  • Keep up to date with the latest spam and security threats and ensure your computer is protected with up to date internet security software.
“In addition to scams resurfacing under new guises, we anticipate a whole new variety to appear this summer. The recipe for a holiday scam is simple - take a few pictures of a tropical island, add some appealing prices, a popular destination and the malicious trap is set.” said Catalin Cosoi, Head of the BitDefender Online Threat Labs. “Others are fooled by rogue ticketing websites, a proportion of which look almost identical to legitimate sites. Over the last two years, people have lost millions of pounds to such scams in exchange for fake tickets, hotel vouchers or the promise of a luxury holiday abroad.”