Group items matching

in title, tags, annotations or url

interesting story with many juicy details on how they proceed ... (similarly interesting nickname for the "operation" chosen by our british friends) "The spies used the IP addresses they had associated with the engineers as search terms to sift through their surveillance troves, and were quickly able to find what they needed to confirm the employees' identities and target them individually with malware. The confirmation came in the form of Google, Yahoo, and LinkedIn "cookies," tiny unique files that are automatically placed on computers to identify and sometimes track people browsing the Internet, often for advertising purposes. GCHQ maintains a huge repository named MUTANT BROTH that stores billions of these intercepted cookies, which it uses to correlate with IP addresses to determine the identity of a person. GCHQ refers to cookies internally as "target detection identifiers." Top-secret GCHQ documents name three male Belgacom engineers who were identified as targets to attack. The Intercept has confirmed the identities of the men, and contacted each of them prior to the publication of this story; all three declined comment and requested that their identities not be disclosed. GCHQ monitored the browsing habits of the engineers, and geared up to enter the most important and sensitive phase of the secret operation. The agency planned to perform a so-called "Quantum Insert" attack, which involves redirecting people targeted for surveillance to a malicious website that infects their computers with malware at a lightning pace. In this case, the documents indicate that GCHQ set up a malicious page that looked like LinkedIn to trick the Belgacom engineers. (The NSA also uses Quantum Inserts to target people, as The Intercept has previously reported.) A GCHQ document reviewing operations conducted between January and March 2011 noted that the hack on Belgacom was successful, and stated that the agency had obtained access to the company's

I knew I wasn't using TOR often enough...

Cool! It seems that after all it is best to restrict employees' internet access only to work-critical areas... @Paul TOR works on network level, so it would not help here much as cookies (application level) were exploited.

Few news events can unleash more schadenfreude within the security community than watching a notorious firm of hackers-for-hire become a hack target themselves. In the case of the freshly disemboweled Italian surveillance firm Hacking Team, the company may also serve as a dark example of a global surveillance industry that often sells to any government willing to pay, with little regard for that regime's human rights record. Scroll down for the commercial. :)) Funny that when I keep complaining about privacy and monitoring, people still point and laugh.

And the direct link to the whole stash: https://ht.transparencytoolkit.org/ Their admin kept a plain text file with passwords on his desktop. Maybe they should have hired someone to do an audit :) More importantly, from the files it follows that this company found and exploited yet another vulnerability in Flash. So the current round of plugin/browser updates is thanks to this hack :)

The vulnerability only seemed to affect some of the more recent versions. Maybe from time to time we should downgrade flash to avoid them :))

nice video how hacking started with telephones ...

nice laptop btw ...

University of Washington researchers have proved that it's possible to use one's thoughts to remotely control another person's body movements.

Why print stuff if you can turn it into an amazing air hockey table! Note, you will probably keep losing...

nice ... hacking a 1024-bit RSA key in 100 hours .... Francesco will like this one

We must enter thr kinect hacks business!! We will hear a lot about this technology in 2011

here we go with the next frontier for hackers .... we should have added a chapter on it on our BMI book :-)

this is what we will really need for the aquarium ....

uups :)

Well, I wouldn't expect a reply: "all our past emails have been downloaded and sold to NASA" even if that was the case.

Of course Marek is right... What matters is the theatre of security, not security itself. Just like in airports :)

In Israel, a new way to hack by turning speakers into microphones.

Randall Munroe is simply the best.

Yeah I remember this comic was tough to hack... With Click and Drag it was peanuts to download all the tiles once you figured out the file name pattern, but with this one some strange server-side event thing was used to feed the images at random time intervals... Nice to be able to see it all finally!

OpenKinect project http://openkinect.org/wiki/Main_Page

Quite funny and interesting (even though I'm not known as a fan of those "gurus".) Site is in German, but interview in English.