Data is assessed by our team members

Investigations can reveal some very sensitive & personal data. This intel is assessed by us & closely guarded used only for the purpose of fullfilling the needs of our clients to achieve the results we are commissioned to undertake More »

Team leader heads a group of professional investigators on the ready

We are proud to have access to the finest team members & discreet qualified persons who pride themselves in obtaining results for our clients where others fail. More »

The latest technology & equipment allow us to keep our finger on the intel pulse

Scientific apparatus & technical staff allow us to get sensitive & usefull information by utilizing the latest technology in getting information for our clients.The storage, use & availability of this data is done with great care More »

Communications between team members & networks is critical

In these days of world wide communications being at a peak of efficiency, the task of passing on & receiving information in the blink of an eye becomes possible between our team members & the network we have access to More »

Team leader & CEO of the intel agencies group is Donna-Lee Sapiecha Eyers

Donna-Lee is here at her graduation law degree ceremony proudly supported by her mother Karen, her sister Sharah-Lee & father Henry More »

 

YAHOO SPIED ON 500M USERS EMAILS REQUESTED BY FEDERAL AGENCIES

Published on 5 Oct 2016

An unsettling report says Yahoo complied with government requests to scan all incoming user emails, and even wrote a special program to do so. Between this news and the massive data breach, how can consumers trust Yahoo with their privacy?

CLUB LIBIDO BANNER THE EYES HAVE IT

Henry Sapiecha

New Trump national security adviser shared classified information with Australia

General Michael Flynn image www.intelagencies.com

US president-elect Donald Trump’s recently-appointed national security adviser was investigated for inappropriately sharing highly-classified intelligence with Australian forces.

Retired US three-star lieutenant general Michael Flynn, a maverick who spent more than 33 years in US Army intelligence, worked alongside Australian forces in Afghanistan and Iraq.

An outspoken believer in assisting allies on the battleground despite red tape preventing the flow of information, Lt Gen Flynn said the sharing of intelligence with Australian and British forces that left him in hot water was done “with the right permissions”.

“I’m proud of that one,” Lt Gen Flynn told The Washington Post. “Accuse me of sharing intelligence in combat with our closest allies, please.” His unconventional style and strong resume – he was tapped by US commander in Afghanistan General Stanley McChrystal to be his top intelligence officer and promoted by President Barack Obama as Defence Intelligence Agency director – was obviously attractive to fellow maverick Mr Trump.
Lt Gen Flynn was pushed out of the DIA job after two years in the role and has labelled Mr Obama a “liar”.

His views on the Middle-East are aligned with Mr Trump and both men are prolific users of Twitter.

During the recent presidential campaign Lt Gen Flynn, a registered Democrat, called Mr Trump’s chief opponent, Democrat Hillary Clinton, “the enemy camp” and joined the call to “lock her up” in jail.

He also raised eyebrows when he sat alongside Russian President Vladimir Putin at a lavish party in Moscow last year.

Offering insight into his more open, untraditional philosophy of sharing information, in 2010 he co-wrote the report Fixing Intel: A Blueprint for Making Intelligence Relevant in Afghanistan.

It concluded the US intelligence community “must open their doors to anyone who is willing to exchange information, including Afghans and NGOs (non-governmental organisations) as well as the US military and its allies”.

Lt Gen Flynn has confidently defended the incident that involved passing sensitive information to Australia and Britain.

“The investigation on me was for sharing intelligence with the Brits and Australians in combat, and I’m proud of that one,” Lt Gen Flynn said. “That was substantiated because actually I did it.

“But I did it with the right permissions when you dig into the investigation.” Lt Gen Flynn said he met with Mr Trump mid-2015 and described the real estate billionaire as a “very serious guy”, “good listener” and possessing similar views.

“I found him to be in line with what I believed,” he told the Washington Post.

Originally published as Trump’s new adviser is seriously scary
Russian_Girl_2_728_90
Henry Sapiecha

Protect your emails from being spied on by doing this

We live in a post-Edward Snowden world, in which US tech companies have been accused of complicity in mass surveillance by the US National Security Agency. One recent allegation is the claim that Yahoo scanned hundreds of millions of emails at the NSA’s request.

We don’t truly know how much or how often this is happening within the companies that host millions of people’s email accounts.

Yahoo secretly scans emails for US

Yahoo said to have secretly scanned all of its customer emails for US intelligence officials.

According to Reuters, Yahoo was ordered by the secret US Foreign Intelligence Surveillance Court (FISC) to scour emails for a specific string of characters. This is significant, as it required Yahoo to create a custom-built program for real-time surveillance of email traffic.

The power for this type of surveillance was expanded by the US Patriot Act, which allows for the use of secret National Security Letters to compel service providers to hand over customer data. The letters come with gag orders, prohibiting companies like Yahoo from even admitting that they have been ordered to monitor customers.

oooYAHOO SIGN OFFICE image www.intelagencies.com

Email scanning does not only occur at the behest of national security agencies. 

But email scanning does not only occur at the behest of national security agencies. The past decade has seen the rise of “surveillance capitalism” and “data brokers”, who collect your information for behavioural profiling and targeted advertising.

Google has admitted to scanning emails to deliver targeted advertising and customised search results. Facebook is currently facing legal action for scanning private messages to do the same. And earlier this year Yahoo itself settled a class action lawsuit for scanning non-Yahoo customer emails without consent.

Protecting your privacy

So with all this going on, is it possible protect your privacy? And if so, how?

One way is through encryption, which allows only the sender and the receiver to read the content of messages, as it converts information into a secret code that requires a key to decode it.

Public-key cryptography is one type of encryption, involving two paired keys – one public and one private. When an encrypted email is sent it is encoded or “locked” with the receiver’s public key. Only the receiver can “unlock” it with their private key.

End-to-end encryption involves encrypting information before it leaves your device, with it only being decrypted once it reaches the receiver’s device. In other words, it is encrypted “at the ends” where the keys are held. This means that security and privacy are not dependent on the channel of communication – in this case the email provider – because if the message is intercepted it cannot be deciphered. This prevents eavesdropping in transit.

There are now numerous services that promise free end-to-end encrypted communication, including ProtonMail, Tutanota, and the messaging app Signal. Look for those with open source code because it enables peer-review, guaranteeing there are no backdoors.

The push-back against encryption

With increased encryption comes more demands from authorities for companies to “unlock” information. The best example may be the Apple-FBI case, which saw the FBI attempt to compel Apple to unlock a suspect’s iPhone. In the end this wasn’t necessary. There has also been a simultaneous rise in companies like Cellebrite who offer digital forensic services to decrypt and extract data.

Therefore, the best services use principles of privacy by design, that limit how much information the service provider themselves can collect or access. ProtonMail and Signal, for example, cannot access their users’ information, no matter how hard they try. If issued with a subpoena all they could provide is the date and time a user registered and the last date of connection.

Partly as a result of this encryption war, some states are considering outlawing encryption entirely. Criminalising encryption has been discussed in the United States, Britain, Australia, and elsewhere.

Tech companies safeguarding secrecy

But not all hope is lost. There is a growing trend of tech companies fighting back and refusing to comply with surveillance orders.

In 2014 Lavabit chose to shut down rather than turn over the private encryption key to a customer’s account. This customer was later revealed to be Edward Snowden. Microsoft has refused to hand over emails stored on its servers in Ireland, arguing that this would constitute an impermissible extraterritorial search by the FBI. And of course, Apple refused to disable inbuilt security features to crack an encrypted iPhone.

This shows that service providers are aware of the importance of developing and maintaining consumer trust in matters of privacy. They are intimately, and commercially, invested in protecting it.

Transparency reports and warrant canaries

Another way companies have attempted to gain trust is through transparency reports that detail the orders they have received from authorities. These can be found on company websites and are often reported in the media. Many of these reports feature a workaround to the restrictions on letting customers know if surveillance has been ordered. Companies simply include a statement that they have not been subject to a secret order. If this statement ever goes missing, customers know an order has been issued. This is known as a “warrant canary”.

Several companies routinely issue transparency reports with warrant canaries. Apple and Reddit have set them off, implying that they have received secret orders to provide data.

The same workaround may not be available in Australia however. Recent data-retention laws introduced journalist information warrants that made it an offence to disclose information about the existence (or non-existence) of the warrant, effectively outlawing warrant canaries for journalists in Australia.

The future

Encryption and transparency reports are some of the last protections that consumers have against both governments and the big tech companies we rely on. As more of our lives transition online, we will need them to protect civil rights and individual privacy. We can’t afford for either to be weakened or outlawed.

There are a couple of challenges under way. NSL statutes and gag orders are currently being challenged by the Electronic Frontier Foundation and members of the US Congress as unconstitutional. Watch this space. The Conversation

Monique Mann is a lecturer at the Crime and Justice Research Centre at  Queensland University of Technology in Australia.

Meet_Russian_728_90

Henry Sapiecha

www.scamsfakes.com

 

I wouldn’t hire James Bond, says real life M16 British spy chief

M16 Real spy chief gives the thumbs down to hiring 007 spy film hero of the silver screen

Actor Daniel Craig poses for photographers on the red carpet at the German premiere of the new James Bond 007 film "Spectre" in Berlin, Germany, October 28, 2015. REUTERS/Fabrizio Bensch/Files

Actor Daniel Craig poses for photographers on the red carpet at the German premiere of the new James Bond 007 film “Spectre” in Berlin, Germany, October 28, 2015. REUTERS/Fabrizio Bensch/Files

Actor Daniel Craig poses for photographers on the red carpet at the German premiere of the new James Bond 007 film ”Spectre” in Berlin, Germany, October 28, 2015. REUTERS/Fabrizio Bensch/Files

Despite his unrivalled record for single-handedly saving the world from disaster while seducing beautiful women along the way, James Bond would not get a job as a British spy, the head of external intelligence agency MI6 has said.

Alex Younger said real spies had to cope with complex moral and physical challenges in the most forbidding environments on Earth, which would rule out the agent known as 007 because he lacked a strong ethical core.

“In contrast to James Bond, MI6 officers are not for taking moral shortcuts,” Younger said in an interview published on Black History Month, a website dedicated to Britain’s annual celebration of its black culture and heritage.

Russian_Girl_1_728_90

“It’s safe to say that James Bond wouldn’t get through our recruitment process,” said Younger.

He added that while real MI6 spooks shared Bond’s qualities of patriotism, energy and tenacity, they needed additional values not displayed by the hero of “From Russia with Love”, “Goldfinger”, “Dr. No” or more recently “Skyfall” or “Spectre”.

“An intelligence officer in the real MI6 has a high degree of emotional intelligence, values teamwork and always has respect for the law — unlike Mr Bond.”

(Reporting by Estelle Shirbon; editing by Stephen Addison)

www.ispysite.com

www.mymoviefiles.com

SPP

Henry Sapiecha

 

Red Cross data theft: personal info of 550,000 blood donors exposed to the masses

The private lives of half a million Australians – including sexual and medical histories – have been made public in what could be one of the country’s largest data breaches.

Australian Red Cross Blood Service staff are contacting more than 550,000 blood donors whose personal information was contained in a file accidentally placed on an unsecured, public-facing part of their website.

Massive Red Cross breach

A file containing the details of over 550,000 Red Cross blood donors and donor applicants has been leaked. Courtesy ABC News 24.

The information relates to donors from 2010 to 2016 and includes names, addresses and dates of birth as well as sensitive donation eligibility questions concerning sexual activity, drug use, weight and medical conditions.

The Australian Privacy Commissioner will launch an investigation and a human rights lawyer says those affected may be able to make a claim for damages.

red-cross-data-breach image www.intelagencies.com

The breach of data comes from the Australian Red Cross Blood Service and dates back to 2010. Photo: Dallas Kilponen

Australian Red Cross Blood Service image www.intelagencies.com

A text message sent to people potentially affected by the Red Cross data breach. Photo: Supplied

Red Cross Blood Service chief executive Shelly Park blamed human error by a contractor running the organisation’s website for the breach but said the information was considered to have a low risk of direct misuse in the future.

The data was available online since early September and is believed to have been accessed on Monday, October 24.

Investigations are continuing and the Australian Federal Police and Australian Cyber Security Centre have been informed of the breach.

“On October 26, we learnt that a file, containing donor information,which was located on a development website, was left unsecured by a contracted third party who develops and maintains our website,” Ms Park said.

“The issue occurred due to human error. Consequently, this file was accessed by a person outside of our organisation.”

Ms Park said the organisation had engaged cyber security experts to investigate how it was “caught out” and was in the process of notifying donors affected.

Donors affected have been warned there is an increased risk to their online security and that they should be on the look out for phone and email scams.

“We are extremely sorry. We are deeply disappointed to have put our donors in this position,” Ms Park said.

Microsoft employee and technology blogger Troy Hunt, who runs a data breach notification service, reported the person who gained access to the information had contacted him, revealing Mr Hunt’s own personal details and a 1.74GB data file containing the records.

His name, email, gender, date of birth, phone number and date of last donation were disclosed in the file.

This was also the case with his wife, whose file also contained her blood type and their home address.

“The database backup was published to a publicly facing website. This is really the heart of the problem because no way, no how should that ever happen,” he wrote in a blog post.

Mr Hunt said he had deleted his copy of the information and the person who gave it to him had agreed to do the same. The Red Cross said, to their knowledge, “all known copies of the data have been deleted”.

Some exposed data could contain the highly sensitive eligibility questions, including: “In the last 12 months, have you engaged in any at-risk sexual behaviour?”

Beautiful_Russian_2_728_90ooo

Donors are also asked if they have ever injected recreational drugs, are on antibiotics, if they are under or overweight and if they have undergone any surgical procedures.

Australian Privacy Commissioner Timothy Pilgrim announced a probe into the breach on Friday afternoon.

“I will be opening an investigation into this matter and will work with the Red Cross to assist them in addressing the issues arising from this incident.

“The results of that investigation will be made public at its conclusion,” he said in a statement.

“My office encourages voluntary notification of data breaches, particularly where there is a risk to an individual as a result of a breach.”

Human Rights lawyer George Newhouse said the privacy commissioner had the power to order damages and apologies.

Adjunct Professor Newhouse also said his office was considering mounting legal action for those affected.

“We’re looking into a class action on behalf of those who have had their data unlawfully accessed,” he said.

“On the basis that they’ve had their privacy breached.”

Even basic personal information could lead to identity fraud but it was worse for anyone who’s sexual or medical history had been compromised, he said.

“This is highly sensitive personal information that could cause enormous embarrassment to people in their personal and work lives. This incident highlights how vulnerable organisations and individuals are to unauthorised access.”

A Health Department spokeswoman said she was confident the blood service would recover.

“The ARCBS is a long-standing institution who are charged with ensuring a viable donor base, safe collection, processing and distribution of blood and blood products,” she said.

“We are confident that the ARCBS will be able to recover from this incident, build the confidence of the donor base and ensure that the safety and security of their systems are robust and compliant with privacy and confidentiality requirements.”

The AFP and the Australian Cyber Security Centre referred questions about their involvement to the Health Department.

If people have privacy concerns about this incident they can contact the privacy commissioner’s office for free confidential advice on enquiries@oaic.gov.au or 1300 363 992 or contact the Red Cross Blood Service through a dedicated hotline.

GJVTooo

Henry Sapiecha

How to build defenses against the internet’s doomsday of DDoS attacks

Last week assault on Dyn’s global managed DNS services was only the start. Here’s how to fend off hackers’ attacks both on your servers and the internet.

internet-of-things-symbol image www.intelagencies.com

We knew major destructive attacks on the internet were coming. Last week the first of them hit Dyn, a top-tier a major Domain Name System (DNS) service provider, with a global Distributed Denial of Service (DDoS) attack.

As Dyn went down, popular websites such as AirBnB, GitHub, Reddit, Spotify, and Twitter followed it down. Welcome to the end of the internet as we’ve known it.

Up until now we’ve assumed that the internet was as reliable as our electrical power. Those days are done. Today, we can expect massive swaths of the internet to be brought down by new DDoS attacks at any time.

We still don’t know who was behind these attacks. Some have suggested, since Dyn is an American company and most of the mauled sites were based in the US, that Russia or Iran was behind the attack.

It doesn’t take a nation, though, to wreck the internet. All it takes is the hundreds of millions of unsecured shoddy devices of the Internet of Things (IoT).

In the Dyn onslaught , Kyle York, Dyn’s chief strategy officer said the DDoS attack used “tens of millions” devices. Hangzhou Xiongmai Technology, a Chinese technology company, has admitted that its webcam and digital video recorder (DVR) products were used in the assault. Xiongmai is telling its customers to update their device firmware and change usernames and passwords.

Good luck with that. Quick: Do you know how to update your DVR’s firmware?

The attack itself appears to have been made with the Mirai botnet. This open-source botnet scans for devices using their default username and password credentials. Anyone can use it — China, you, the kid next door — to generate DDoS attacks. For truly damaging DDoS barrages, you need to know something about the internet’s architecture, but that’s not difficult.

Or, as Jeff Jarmoc, a Salesforce security engineer, tweeted, “In a relatively short time we’ve taken a system built to resist destruction by nuclear weapons and made it vulnerable to toasters.” That’s funny, but it’s no joke.

Fortunately, you can do something about it.

Russian_Girl_1_728_90

Securing the Internet of Things

First, and this unfortunately is a long-term solution, IoT vendors must make it easy to update and secure their devices. Since you can’t expect users to patch their systems — look at how well they do with Windows — patching must be made mandatory and done automatically.

One easy way to do this is to use an operating system, such as Ubuntu with Snap, to update devices quickly and cleanly. These “atomic” style updating systems make patches both easier to write and deploy.

Another method is to lock down IoT applications and operating systems. Just like any server, the device should have the absolute minimum of network services. Your smart TV may need to use DNS, but your smart baby monitor? Not so much.

That’s all fine and dandy and it needs to be done, but it’s not going to help you anytime soon. And, we can expect more attacks at any moment.

Defending your intranet and websites

First, you should protect your own sites by practicing DDoS prevention 101. For example, make sure your routers drop junk packets. You should also block unnecessary external protocols such as Internet Control Message Protocol (ICMP) at your network’s edge. And, as always, set up good firewalls and server rules. In short, block everything you can at your network edge.

Better still, have your upstream ISP block unnecessary and undesired traffic. For example, your ISP can make your life easier simply by upstream blackholing. And if you know your company will never need to receive UDP traffic, like Network Time Protocol (NTP) or DNS, your ISP should just toss garbage traffic into the bit bin.

You should also look to DDoS mitigation companies to protect your web presence. Companies such as Akamai, CloudFlare, and Incapsula offer affordable DDoS mitigation plans for businesses of all sizes.

As DDoS attacks grow to heretofore unseen sizes, even the DDoS prevention companies are being overwhelmed. Akamai, for example, had to stop trying to protect the Krebs on Security blog after it was smacked by a DDoS blast that reached 620 Gbps in size.

That’s fine for protecting your home turf, but what about when your DNS provider get nailed?

You can mitigate these attacks by using multiple DNS providers. One way to do this is to use Netflix‘s open-source program Denominator to support managed, mirrored DNS records. This currently works across AWS Route53, RackSpace CloudDNS, DynECT, and UltraDNS, but it’s not hard to add your own or other DNS providers. This way, even when a DDoS knocks out a single DNS provider, you can still keep your sites up and running.

Which ones will work best for you? You can find out by using Namebench. This is an easy-to-use, open-source DNS benchmark utility.

Even with spreading out your risk among DNS providers, DNS attacks are only going to become both stronger and more common. DNS providers like Dyn are very difficult to secure.

As Carl Herberger, vice president for security solutions at Radware, an Israeli-based internet security company, told Bloomberg, DNS providers are like hospitals: They must admit anyone who shows up at the emergency room. That makes it all too easy to overwhelm them with massive — in the range of 500 gigabits per second — attacks. In short, there is no easy, fast fix here.

One way you can try to keep these attacks from being quite so damaging is to increase the Time to Live (TTL) in your own DNS servers and caches. Typically, today’s local DNS servers have a TTL of 600 seconds or 5 minutes. If you increased the TTL to say 21,600 seconds or six hours, your local systems might dodge the DNS attack until it was over.

fhj,ljk

Protecting the internet

While the techniques might help you, they don’t do that much to protect the internet at large. DNS is the internet’s single point of total failure. That’s bad enough, but as F5, a top-tier ISP notes, DNS is historically under-provisioned. We must set up a stronger DNS system.

ISPs and router and switch vendors should also get off their duffs and finally implement Network Ingress Filtering, better known as Best Current Practice (BCP)-38.

BCP-38 works by filtering out bogus internet addresses at the edge of the internet. Thus, when your compromised webcam starts trying to spam the net, BCP-38 blocks these packets at your router or at your ISP’s router or switch.

It’s possible, but unfortunately not likely, that your ISP has already implemented BCP-38. You can find out by running Spoofer. This is a new, open-source program that checks to see how your ISP handles spoofed packets.

So why wasn’t it implemented years ago? Andrew McConachie, an ICANN technical and policy specialist, explained in an article that ISPs are too cheap to pay the small costs required to implement BCP-38.

BCP-38 isn’t a cure-all, but it sure would help.

Another fundamental fix that could be made is response rate limiting (RRL). This is a new DNS enhancement that can shrink attacks by 60 percent.

RRL works by recognizing that when hundreds of packets per second arrive with very similar source addresses asking for similar or identical information, chances are they’re an attack. When RRL spots malicious traffic, it slows down the rate the DNS replies to the bogus requests. Simple and effective.

Those are some basic ideas on how to fix the internet. It’s now up to you to use them. Don’t delay. Bigger attacks are on their way and there’s no time to waste.

Beautiful_Russian_2_728_90

Henry Sapiecha

Middle Eastern hackers employ this phishing technique to infect political targets with Trojan malware

‘Moonlight’ group is likely to be involved in cyber espionage, warns Vectra Networks.

White full moon atmosphere with star at dark night sky background

White full moon atmosphere with star at dark night sky background

The hacking group has been dubbed Moonlight due to references in code

A hacking group is conducting cyber espionage against targets in the Middle East by duping politicians, activists and staff at NGOs into clicking links to authentic-looking but fake versions of high-profile websites in the region, and then infecting them with malware.

The operation — dubbed ‘Moonlight’ by cyber security researchers, after the name the attackers chose for one of their command-and-control domains — has generated over two hundred samples of malware over the past two years and targets individuals via their private email accounts instead of their corporate ones, to increase the chances of a successful attack.

The attacks, which are themed around Middle Eastern political issues such as the war in Syria or the conflict in Palestine, have been unearthed by cybersecurity researchers at Vectra Networks, who say the tools and targets are reminiscent of the Gaza Hacker Team, a group of hacktivists said to be aligned with Hamas, the Palestinian militant Islamic group. The attacks are purely centered on Middle Eastern targets, with the text crafted in Arabic.

Moonlight typically delivers an obfuscated version of the widely available H-Worm, a malicious Visual Basic Script-based remote access Trojan. It isn’t sophisticated, but the effort the attackers put into their phishing attacks means that it’s effective.

“They put effort into lovingly crafting the emails, the websites, the documents they’ve created, putting a fair amount of effort and energy into it. But beyond that the underlying tech is off the shelf,” says Oliver Tavakoli, CTO at Vectra Networks, emphasizing how the attackers don’t need sophisticated hacking skills.

“It teaches you about the low degree of skill required to actually pull something like this off,” he adds.

As with other phishing schemes, those behind Moonlight are attempting to entice their target to click on malicious documents, which claim to contain information about issues and events in the Middle East, such as Hamas, Gaza, Syria, Egypt and other topics relevant to audiences in the Arab world.

moonlight-decoy-people-trafficing image www.intelagencies.com

A decoy report on people trafficking.

Image: Vectra Networks

The lure is deployed as an EXE file, but rather than doing nothing but install malware when clicked on, Moonlight presents the victim with a relevant decoy, therefore avoiding suspicion that the document may be malicious.

Another method the attackers use to deploy malware is via malicious links that lead to fake but convincing versions of authentic Middle Eastern media organizations’ websites. Typically deploying the link via a shortened URL, the user is invited to click through to a news article based on current events in the Middle East. While it looks like the real deal, users will find themselves infected with malware.

The end result in each of these two attacks is that the victim — of which there have been hundreds — becomes infected with a Trojan that’s most likely used to conduct espionage. But rather than infecting corporate environments, it’s the personal email addresses and therefore home networks of victims which have been targeted, because they represent more vulnerable targets — and that’s reflected in unsophisticated nature of the malware itself.

“The obscuring that they did wasn’t of network communications, but of the actual exploit and malware they delivered. That leads me to believe that it’s not really targeted at employees of companies, but more at end users — politicians using their private emails or private machines, activists in the Middle East and NGOs,” says Tavakoli.

While the endgame of Moonlight and who is ultimately pulling the strings remains unknown, the group behind it is still active and still targeting individuals interested in political issues in the Middle East.

While those outside the Middle East aren’t likely to be targeted by Moonlight, it serves as a reminder that a well-crafted phishing attack can be almost indistinguishable from a real email. Nonetheless, there are still ways that targeted users and organizations can fight back.

www.scamsfakes.com

Russian_Girl_1_728_90

Henry Sapiecha

The Dyn report: What we know so far about the planet’s biggest DDoS attack yet

The Internet of Things has been proven to be just as dangerous as we feared, with an assault from tens of millions of internet addresses & clogging up the works

We don’t know all the answers about the Distributed Denial of Service (DDoS) attack that blew away Dyn and its clients, but here’s what we do know.

close-up black web camera at the laptop

Close-up black web camera at the laptop

That innocent webcam on your desk may have attacked the internet.

First, there was nothing — nothing — surprising about this attack. As Paul Mockapetris, creator of the Domain Name System (DNS), said, “The successful DDoS attack on DYN is merely a new twist on age-old warfare. … Classic warfare can be anticipated and defended against. But warfare on the internet, just like in history, has changed. So let’s take a look at the asymmetrical battle in terms of the good guys (DYN) and the bad guys (Mirai botnets), and realize and plan for more of these sorts of attacks.”

This new twist came from the Internet of Things (IoT). Surprised? Please. We knew all along that not only could the IoT be used to attack networks, it would be used to target the internet.

IoT vendors must improve their security. Or, as Lyndon Nerenberg, an internet engineer, said on the North American Network Operators Group (NANOG), the professional association for internet engineering, architecture, and operations, mailing list, “The way this will get solved is for a couple of large ISPs and DDoS targets to sue a few of these IoT device manufacturers into oblivion.”

IoT vendors know this. Hangzhou Xiongmai Technology, the Chinese technology company that admitted its webcam and digital video recorder (DVR) products were used in the assault and recalled its webcams, is also threatening legal action against those that try to attach blame for the attack to its gear.

Of course, the ISPs and DNS providers deserve much of the blame as well. Their failure to implement Network Ingress Filtering, Best Current Practice (BCP)-38 and response rate limiting (RRL) played a large role in making the attacks possible.

The attacks themselves were in large part, as expected, driven by a Mirai botnet. Kyle York, Dyn’s chief strategy officer, reported, “The nature and source of the attack is under investigation, but it was a sophisticated attack across multiple attack vectors and internet locations. We can confirm, with the help of analysis from Flashpoint and Akamai, that one source of the traffic for the attacks were devices infected by the Mirai botnet. We observed 10s of millions of discrete IP addresses associated with the Mirai botnet that were part of the attack.”

Let that sink in for a minute. Tens of millions of IP addresses. DDoS attacks of this size were unheard of even six months ago.

Russian_Girl_2_728_90

The attack itself came in three waves. York stated, “At 7:00 am ET, Dyn began experiencing a DDoS attack. While it’s not uncommon for Dyn’s Network Operations Center (NOC) team to mitigate DDoS attacks, it quickly became clear that this attack was different. Approximately two hours later, the NOC team was able to mitigate the attack and restore service to customers. After restoring service, Dyn experienced a second wave of attacks just before noon ET. This second wave was more global in nature (i.e. not limited to our East Coast [Points of Presence] POPs), but was mitigated in just over an hour; service was restored at approximately 1:00 pm ET. Again, at no time was there a network-wide outage, though some customers would have seen extended latency delays during that time.”

This understates the problem. Globally users reported problems for hours afterward and many Dyn-supported sites were unavailable until the late afternoon.

Finally, “there was a third attack attempted, we were able to successfully mitigate it without customer impact.”

That ended the largest DDoS attack of all time… so far. More will be coming.

As York concluded, “It is said that eternal vigilance is the price of liberty. As a company and individuals, we’re committed to a free and open internet, which has been the source of so much innovation. We must continue to work together to make the internet a more resilient place to work, play and communicate.”

If we don’t, the internet will fail.

Russian_Girl_1_728_90

Henry Sapiecha

FBI Tells Law Enforcement Police To Hide Phone Tracking of People

sweeping-under-the-carpet image www.crimefiles.net


Your local police may use a controversial piece of technology—ominously dubbed a stingray—to track your phone. But, the FBI is taking pains to make sure you never find out. The agency encourages police to find additional evidence so that stingray technology never comes up in court, according to a new memo.

It’s no secret that law enforcement agencies scattered around the country use such devices—known as IMSCI catchers, or colloquially “stingrays”—which mimic cellphone towers and collect data, like phone numbers and location, from everyone in their vicinity. But that’s not because the FBI isn’t trying to hide that fact. The agency is so keen on keeping the devices from the public that it asks local police departments to sign nondisclosure agreements about their stingrays—leading to some cops trying withdrawing cases that rely on stingrays for evidence.

But thanks to an open records request from the investigative journalism nonprofit Oklahoma Watch, there’s finally evidence that’s the FBI’s specific plan. In a 2014 memo from FBI Special Agent in Charge James Finch to Oklahoma City Police Department Chief William Citty, the bureau issued very specific guidelines.

“Information obtained through use of this equipment is for LEAD PURPOSES ONLY, and may not be used as primary evidence in any affidavits, hearings or trials. This equipment provides general location information about a cellular device, and your agency understands it is required to use additional and independent investigative means and methods, such as historical cellular analysis, that would be admissible at trial to corroborate information concerning the location of the target obtained through use of this equipment.”

The memo reflects the controversial practice known as parallel construction, in which a law enforcement agency collects evidence on a suspect without first bothering with a warrant, as that evidence likely wouldn’t be admissible as evidence in court. Armed with that information, agents or officers build a strong enough case with legally admissible evidence that they don’t need to ever tell the court about that earlier information.

A 2013 Reuters report on the practice, for example, found that the U.S. Drug Enforcement Agency routinely receives intelligence from various intelligence services, including the NSA, about where to find a suspected criminal, and that the DEA would then be expected to work backward from there. “You’d be told only, ‘Be at a certain truck stop at a certain time and look for a certain vehicle.’ And so we’d alert the state police to find an excuse to stop that vehicle, and then have a drug dog search it,” one DEA agent said.

“This is the first time I have seen language this explicitly calling for parallel construction to conceal evidence derived from Stingray use,” Nate Wessler, a staff attorney at the ACLU who specializes in stingray use, told Vocativ.

“[T]his goes the outrageous extra step of ordering police to actually engage in evidence laundering,” he said. “As a result, defendants are denied their right to challenge potentially unconstitutional surveillance and courts are deprived of an opportunity to curb law enforcement abuses.”

Though stingray use in the U.S. has largely existed without much public knowledge, that scenario is quickly changing. In March, an appellate court ruled for the first time that it’s illegal for police to use stingrays without first getting a warrant.

The FBI didn’t respond to request for comment.

www.policesearch.net

www.crimefiles.net

Hottest_Russian_728_90

Henry Sapiecha

This Algorithm & Robots Decides Crime Cases Almost As Well As A Judge

A Robotic computer program could help relieve the massive backlogs facing the world’s highest courts

justice-scales-gif image www.crimefiles.net

A computer algorithm took on the work of real human judges and did a pretty good job, predicting the decisions of one of Europe’s highest courts with 79 percent accuracy. The finding suggests artificial intelligence could help the world’s busiest courts work through their massive backlog of cases, even if an algorithm isn’t about to take up a digital gown and gavel and start actually deciding cases.

The AI analyzed cases tried before the European Court of Human Rights, which hears cases from people and groups who claim their civil or political rights have been violated in their home countries. An international team of computer scientists worked with a legal scholar to determine just how well AI could predict the court’s ultimate judgement based on how the written decision described the factual background of the case and the arguments of the parties involved. They found it agreed with the judges’ decision four of five times — and that the underlying facts of the case were by far the best predictor of the outcome of a case, rather than any of the more abstract legal arguments.

“The fact that we can get this accuracy, it means that there are some consistent patterns of violations that lead to overturning the [previous court’s] decision,” University of Pennsylvania computer scientist Daniel Preoţiuc-Pietro told Vocativ.

That suggests the court is typically less concerned with parsing philosophical questions of whether a specific instance is a human rights violation than it is determining how that situation fits into their already defined categories of violations. Preoţiuc-Pietro pointed to the example of people who allege mistreatment in prison as a situation that typically led to decisions in those people’s favor. “That’s definitely more likely for the court to actually accept that the state made a mistake and the people involved were actually justified,” he said.

More U.S. Military Wants Robots That Can Explain Themselves

The AI used what’s known as natural language processing to analyze the cases. This particular method involved looking at the text of a decision as a big bag of words, not worrying about any particular word order or grammar. Instead, the AI looked at what individual words and combinations of two, three, or four words appeared most frequently in the text, regardless of order. The AI then looked at all these combinations, known as N-grams, and clustered them into different overall topics.

The court’s decisions include lengthy sections recapping not only the factual background of the cases but also the original arguments made by the parties in the case. This gave the AI a broad sense of what each text was talking about and gave it the context necessary to predict the outcome of the case, which it did correctly in nearly four out of every five cases.

But that doesn’t mean the researchers are hoping to see AI judges anytime soon.

“We’re not advocating for automating any decisions,” said Preoţiuc-Pietro. “Decisions should still be made by the judges.” Where the AI can make a difference is in helping determining which cases make it to the judges in the first place.

More Artificial Intelligence Writes Extremely Bad Harry Potter Fan Fic

In 2015, the researchers found that nearly 85,000 petitions were submitted to the court, of which just 891 were actually decided upon. All the rest were thrown out as inadmissible, meaning the court couldn’t take them on and the previous decision by a lower court would have to stand. The European Court of Human Rights relies both on individual judges and committees to work through all these cases and figure out which are worth bringing to the actual court’s attention. Last year, that meant the entire court apparatus had to process more than 230 cases every single day, making it a huge challenge just to give each petition the human attention it deserves.

Artificial intelligence, by contrast, could zip through 85,000 petitions and decide which were most likely to be worth the court’s time, based on how similar each petition is to the court’s previous cases. Preoţiuc-Pietro suggested the algorithm could separate the cases into three groups based on the court’s prior history: those the court would likely rule on, those it likely would rule inadmissible, and those in a gray area. Committees could then devote more time to examining the cases already identified as being of uncertain status, rather than having them take valuable time doing all their own categorization.

“These committees are time-limited and beyond that very costly, so they can actually look at just the flagged cases which are more likely to be disputed and analyze them more thoroughly,” said Preoţiuc-Pietro, “while the others they can be sent for just individuals and they don’t need to be scrutinized by more people.”

The goal then wouldn’t be to take the human element out of the law, but instead the complete opposite: The European Court of Human Rights and other bodies like it would have more time to focus more time on its most difficult cases, while the AI would separate out the cases that would likely just get thrown out anyway.

www.crimefiles.net

Russian_Girl_1_728_90

hs-sig-red-on-white

Henry Sapiecha