Jump to content

Search the Community

Showing results for tags 'Security'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Site Related
    • News & Updates
    • Site / Forum Feedback
    • Member Introduction
  • News
    • General News
    • FileSharing News
    • Mobile News
    • Software News
    • Security & Privacy News
    • Technology News
  • Downloads
    • nsane.down
  • General Discussions & Support
    • Filesharing Chat
    • Security & Privacy Center
    • Software Chat
    • Mobile Mania
    • Technology Talk
    • Entertainment Exchange
    • Guides & Tutorials
  • Off-Topic Chat
    • The Chat Bar
    • Jokes & Funny Stuff
    • Polling Station

Categories

  • Drivers
  • Filesharing
    • BitTorrent
    • eDonkey & Direct Connect (DC)
    • NewsReaders (Usenet)
    • Other P2P Clients & Tools
  • Internet
    • Download Managers & FTP Clients
    • Messengers
    • Web Browsers
    • Other Internet Tools
  • Multimedia
    • Codecs & Converters
    • Image Viewers & Editors
    • Media Players
    • Other Multimedia Software
  • Security
    • Anti-Malware
    • Firewalls
    • Other Security Tools
  • System
    • Benchmarking & System Info
    • Customization
    • Defrag Tools
    • Disc & Registry Cleaners
    • Management Suites
    • Other System Tools
  • Other Apps
    • Burning & Imaging
    • Document Viewers & Editors
    • File Managers & Archivers
    • Miscellaneous Applications
  • Linux Distributions

Categories

  • General News
  • File Sharing News
  • Mobile News
  • Software News
  • Security & Privacy News
  • Technology News

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

  1. Read about five most popular and chosen by community as the most secure/trusted VPN Service Providers: Private Internet AccessTorGuardIPVanishDIYCyberGhostThere is a vote as well in order to determine the winner. Source
  2. Loaris Trojan Remover 1.2.9.9 Trojan Remover aids in the removal of Malware - Trojan Horses, Worms, Adware, Spyware - when standard anti-virus software either fails to detect them or fails to effectively eliminate them. Standard antivirus programs are good at detecting this Malware, but not always good at effectively removing it. The majority of Anti-Malware Scanners are well able to detect malicious software - Trojan Horses, Internet Worms, Adware/Spyware etc. - but are not always efficient in removing them once they have been triggered. Trojan Remover is designed specifically to disable/remove Malware without the user having to manually edit system files or the Registry. The program also removes the additional system modifications some Malware carries out which are ignored by some standard antivirus scanners. Trojan Remover scans ALL the files loaded at boot time for Adware, Spyware, Remote Access Trojans, Internet Worms and other malware. Two types are available. The Standard scan quickly scans the system with no need for further configuration of the scan parameters.The Custom scan… allows the user to select any of the folders for scan. Are you bombarded with popup ads, seeing new toolbars in your browser, is your home page changing to unwanted destinations or are you bombarded with irritating spam? Perhaps strange software loads on startup or your favorites have new entries that YOU DONT WANT. If So.. Your PC is most likely infected with adware, spyware, spybot, trojans or another internet parasite. These programs have the ability to track your browsing habits and even steal such personal information as bank account numbers and passwords. Spyware has the power to install more parasites on your computer without your consent. Everything you do and everything you type is being recorded right now! Companies know what your interests are! Hackers will access your PC and do anything they wish. They can even steal your Identity and You would never be the wiser! The Solution: Download the latest version of Loaris Trojan Remover right now. You will be able to completely clean your computer of all these invasive threats! Your computer will be clean and will run alot faster - Your Privacy will be Protected! Additional Tools: Reset Internet Explorer Home/Start/Search Page SettingsSome Malware programs make changes to the Internet Explorer Home, Start and Search Page settings in order to re-direct the web browser to different websites. This Utility will reset the Home/Start/Search pages to standard Defaults. You can then manually reset your Home Page to your website of choice (or leave it "blank", the default). Reset HOSTS fileThe Windows HOSTS file is a text file which stores website addresses. The file can be used to speed up access to websites you visit often - by equating the website name (e.g. microsoft.com) with its DNS address, the web browser can find the website more quickly as it does not have to query a DNS Name Server. Some Malware programs add entries to this file, to either deny access to websites (usually security-related or antivirus company websites), or to re-direct access to websites of their choosing. Reset Windows Update PoliciesSome Malware programs attempt to prevent Windows Update from running, and inhibit access to resetting Windows Update by blanking out the Windows Update options on the Update configuration screen. This Utility will check the current Windows Update settings and correct them where necessary. Software requirements Loaris Trojan Remover supports all 32-bit and 64-bit Windows families including XP, 2003, Vista, Windows 7 and Windows 8 (32-bit/64-bit)1 GB RAM60 MB free hard drive spaceMinimum 800 x 600 screen resulutionWebsite: http://loaris.com/ Language: English Tablet: Crack Size: 56,35 MB
  3. GridinSoft Trojan Killer 2.1.9.6 GridinSoft Trojan Killer - advanced program to clean your computer of all malicious threats! If you - a permanent internet user, you should take steps to protect your personal information against cyber-criminals. Trojan Killer can help you in this matter! The program quickly identify (recognize) and immediately remove dangerous malicious Trojans - spyware and adware, malware blocking and restricting the activities of tools, keyloggers, etc. before irreversible painful events will come in the form of stolen accounts, passwords, credit card numbers, personal, corporate and other information. Trojan Killer is designed specifically to disable / remove Malware without the user having to manually edit system files or reestr.Programma also removes the additional system modifications that are ignored by some standard antivirus scanners. Trojan Killer scans ALL the files loaded at boot time, Adware, Spyware, Remote Access Trojans, Internet Worms and other malware. Trojan Killer works in a security system for providing security in computer systems. The program will help you get rid of annoying adware, malware and other rough tools. It is very important to restore control over your computer, and do not let anyone use your data. Additional tools:Reset Home Internet Explorer / Start / Search Page Settings Some Malware programs make changes to the main page of Internet Explorer, Start and Search Page settings, in order to redirect the web browser to different websites. This utility will reset the Home / Start / Search pages to standard Defaults. You can then manually reset your Home Page to your website of choice (or leave it "blank", the default). Restore the HOSTS fileWindows HOSTS file is a text file which stores website addresses. The file can be used to speed up access to websites you visit often - by equating the website name to its address DNS, web browser can find the website more quickly as it does not have to query a DNS-name Server. Some Malware programs add entries to this file, to either deny access to websites (usually security-related Web sites or antivirus company), or re-direct access to websites of their choosing. Reset Windows Update, politicianSome Malware programs attempt to prevent Windows Update, from running, and inhibit access to resetting Windows Update, by blanking out the Windows Update options on the Configure Update. Website: http://www.gridinsoft.com OS: Windows XP / Vista / 7 / 8 Language: Ml Medicine: Patch Size: 56,16 Mb.
  4. IObit Malware Fighter Pro 2.2.0.16 IObit Malware Fighter is an advanced malware & spyware removal utility that detects, removes the deepest infections, and protects your PC from various of potential spyware, adware, trojans, keyloggers, bots, worms, and hijackers. With the improved, unique "Dual-Core" engine and the heuristic malware detection, IObit Malware Fighter detects the most complex and deepest spyware and malware in a very fast and efficient way. Here are some key features of "IObit Malware Fighter": One-click Solution and Very Easy to Use: Traditional advantages of IObit products. We love simple and automatic styles.Complete PC Security Care: Anti-malware, anti-spyware, anti-adware, anti-trojan, anti-bots, and more. IObit Malware Fighter can assist your antivirus to defend any tricky and complex threats.Finds the Deepest Infections: Using DOG (Digital Original Gene), a novel heuristic malware detection method, while IObit Malware Fighter can find the most complex threats.Very Fast and Light Thanks to the improved, unique "Dual-Core" anti-malware engine, complicated analysis can be made faster now.Work with All Antivirus Products Everyone needs a qualified antivirus software, and IObit Malware Fighter will surely be the best mate for your current antivirus.Automated Working in the Background Just install it and forget it. This powerful utility works continuously, automatically and quietly in the background on your PC. You can set it as your schedule or just let it work automatically when your PC is idle.Automatic and Frequent Updates By the new-generation malware analysis system and our professional database team, IObit Malware Fighter catches the emerging dangerous malware in the Internet. Website: http://www.iobit.com OS: Windows XP / Vista / 7 / 8 Language: ML Medicine: Keygen / Key Size: 25,39 Mb.
  5. selesn777

    Zemana Antilogger 1.9.3.525

    Zemana Antilogger 1.9.3.525 Zemana Anti-Logger - developed to deal with different kinds of malware threats, protects your banking passwords, private emails & chat conversations from spying proactively without needing a signature-based algorithm and includes powerful, anti-action methods.AntiLogger prevents all known forms of malwares which intend to carry out information theft. As AntiLogger uses a proactive and a unique way to detect potentially harmful applications which have not already been recognized or identified by any anti-virus programs consequently, it protects your 'Information Security' from a range of threats.Modules: Anti-SSL Logger, Anti-WebCam Logger and Anti-ClipBoard Logger are the first security solutions developed in the world. Also, you will realize that these modules have the best features if compared to similar applications.Anti-KeyLogger Module provides a new powerful protection against keyloggers which have not been even caught by known, the most popular security softwares in the world. Here are some key features of "Zemana AntiLogger": Anti-SSL Logger Module that provides protection against SSL LoggerAnti-WebCam Logger that provides protection against WebCam LoggerAnti-Key Logger Module that provides protection against Key LoggerAnti-Screen Logger that provides protection against Screen LoggerAnti-Clipboard Logger that provides protection against ClipBoard LoggerSystem Defence Module that protects your systemKey Features: Website: http://www.zemana.com/ OS: Windows XP / Vista / 7 / 8 Language: Ml Medicine: Keygen Size: 29,33 Mb.
  6. selesn777

    Zemana Antilogger 1.9.3.524

    Zemana Antilogger 1.9.3.524 Zemana Anti-Logger - developed to deal with different kinds of malware threats, protects your banking passwords, private emails & chat conversations from spying proactively without needing a signature-based algorithm and includes powerful, anti-action methods.AntiLogger prevents all known forms of malwares which intend to carry out information theft. As AntiLogger uses a proactive and a unique way to detect potentially harmful applications which have not already been recognized or identified by any anti-virus programs consequently, it protects your 'Information Security' from a range of threats.Modules: Anti-SSL Logger, Anti-WebCam Logger and Anti-ClipBoard Logger are the first security solutions developed in the world. Also, you will realize that these modules have the best features if compared to similar applications.Anti-KeyLogger Module provides a new powerful protection against keyloggers which have not been even caught by known, the most popular security softwares in the world. Here are some key features of "Zemana AntiLogger": Anti-SSL Logger Module that provides protection against SSL LoggerAnti-WebCam Logger that provides protection against WebCam LoggerAnti-Key Logger Module that provides protection against Key LoggerAnti-Screen Logger that provides protection against Screen LoggerAnti-Clipboard Logger that provides protection against ClipBoard LoggerSystem Defence Module that protects your systemKey Features: Website: http://www.zemana.com/ OS: Windows XP / Vista / 7 / 8 Language: Ml Medicine: Keygen Size: 29,39 Mb.
  7. NETGATE Spy Emergency 12.0.805.0 ML + Keygen + Patch Spy Emergency - software that quickly and safely detects and removes spyware, adware and other malicious programs from your computer. Are you afraid of hackers or spyware, then install the program and make sure that you are protected from interference in your personal affairs associated with the computer. The program scans the system memory, registry, individual directories and files, cookies in the search for malware and spyware. Utility in real-time analyzes and protects the computer's memory. The program interface is unobtrusive and easy, and the functionality and performance program simply dazzling. There is a multilanguage support, including the Russian language. Features: Scan of your system memoryScan your entire registryScan your hard drive and system-wideBuilt-in anti-spam moduleScanning system foldersTracking and scanning CookiesScan the elements of hackingHeuristic malware detectionCommand line supportPreventive protection, which blocks the installation of malicious softwareBrowser security, including protection of the home (home page)Protecting CookiesAutomatic database updatesSimple and easy setupUser-friendly interfaceSupport for SkinsMulti-language, including Russian languageParticular attention is paid to developers compatible with other antivirus programs, such as: NOD32,Avast,BitDefender,Kaspersky,Avira, McAfee,DrWeb,Ad-Aware,Spybot Search Destroy,Spyware Doctor,Spy Sweeper,CounterSpy.Spy Emergency provides excellent functionality, performance, and high detection rates of malicious software has a simple and intuitive interface. Homepage: http://www.spy-emergency.com OS: Windows XP / Vista / 7 / 8 Language: Ml Medicine: Keygen / Patch Size: 22,52 Mb.
  8. selesn777

    Zemana Antilogger 1.9.3.506

    Zemana Antilogger 1.9.3.506 ML + Keygen Zemana Anti-Logger - developed to deal with different kinds of malware threats, protects your banking passwords, private emails & chat conversations from spying proactively without needing a signature-based algorithm and includes powerful, anti-action methods.AntiLogger prevents all known forms of malwares which intend to carry out information theft. As AntiLogger uses a proactive and a unique way to detect potentially harmful applications which have not already been recognized or identified by any anti-virus programs consequently, it protects your 'Information Security' from a range of threats.Modules: Anti-SSL Logger, Anti-WebCam Logger and Anti-ClipBoard Logger are the first security solutions developed in the world. Also, you will realize that these modules have the best features if compared to similar applications.Anti-KeyLogger Module provides a new powerful protection against keyloggers which have not been even caught by known, the most popular security softwares in the world. Here are some key features of "Zemana AntiLogger": Anti-SSL Logger Module that provides protection against SSL LoggerAnti-WebCam Logger that provides protection against WebCam LoggerAnti-Key Logger Module that provides protection against Key LoggerAnti-Screen Logger that provides protection against Screen LoggerAnti-Clipboard Logger that provides protection against ClipBoard LoggerSystem Defence Module that protects your systemKey Features: SSL Logger ProtectionPrevents theft of data exchanged via secure connections (HTTPS/SSL) Key Logger ProtectionPrevents all harmful applications from logging your keystrokes(thereby stealing your passwords and account info) Screen Logger ProtectionPrevents harmful applications from capturing your computer screen. WebCam Logger ProtectionPrevents any harmful applications from monitoring your Web Camera. ClipBoard Logger ProtectionPrevents harmful applications from taking snapshots of your clipboard. System DefenseTracks down Windows operating system activity in real-time to prevent detrimental actions from various malware and spyware programs. Website: http://www.zemana.com/ OS: Windows XP / Vista / 7 / 8 Language: Ml Medicine: Keygen Size: 21,99 Mb.
  9. Password Door v9 There are a lot of fine software installed on your computer, you know them well: MS-Office, WinZip, Windows Media Player, Real Player, AcdSee. Most of them have no password protection, so anyone who shares your workstation can launch one of these applications and use it to browse or modify your data that was created by it. You don't want to have to learn to use new software that have the password protection feature, but you do want the password protection feature for your existing software. Password Door can add password protection to any program on your computer. It will not modify the original programs, so it will never destroy the programs and you will never lose data. Features : Password protects programs on your computer Add passwords to programs on your computer.Users must enter passwords to use protected programs.Protect your privacy by adding passwords to Outlook, Word, WinZip, Media Player, AcdSee..Password Protect Programs You can password protect any of the programs on your computer with Password Door. When a user tries to use a password protected program, it asks for the password first. If the user can not provide the password, the program terminates and the user won't be able to use it. Protect Programs Anywhere Password Door provides strong protection and will always apply the protection to a protected program, the following actions will NOT bypass a protection: Move/Copy the protected program to another folder.Rename the protected program.Install and use second instance of the protected program.Delete & reinstall the protected program.With its unique exe identity technology, Password Door keeps protecting the target programs even those programs have been moved to other location, or renamed. Easy to Use It's easy-to-use and doesn't require special computer knowledge, Password Door has configured everything automatically after you installed it, the only thing you need to do is starting to protect programs. Don't want to protect a program all the time? Password Door supports schedule options, you can protect any program daily, weekly or monthly. Examples: Protect a program every day 8:00 AM - 5:00 PM.Protect a program every Sunday.Any combination for protecting a program daily, weekly or monthly.With schedule options, it is possible to protect a single program in different ways or with different passwords, by using multiple protection items. Password protecting is never the only option. Password Door supports different protection modes. In addition to "Password Protect", there are other protection modes can be used to protect programs. Password Protect - The target program asks for password first before anyone can use it.Deny - The target program is totally blocked, it terminates itself when anyone tries to use it.Allow - Allow the target program. It is for allowing a program under special condition while the program is blocked or password protected all other time, when use multiple protection items .Filter and filter logic. A filter can be specified for any protection item, to protect programs with the file name, class name, or window title. A filter can protect multiple programs in one single protection item. By using different filter logic, you also can deflate the protection range, or exclude special programs. A program can be protected by multiple protection items. With different settings and schedule options, multiple protection items can protect a program in different ways or with different passwords. Consider to control a program like this: allow the program directly every Sunday, and password protect it all other time, but you also want it to be fully blocked 9:00 PM - 8:00 AM every day. The task can be done by using multiple protection items for that single program. Password Door introduces matrix password. A new type of password, matrix password, has been designed for Password Door. The admin password or passwords for protected programs can be matrix passwords instead of the normal passwords. A matrix password is defined by the highlighted buttons and the order the buttons were clicked. Protect Password Door itself. Protection will be pointless if the software can be uninstalled easily, or the settings can be changed freely. Password Door protects itself with the admin password and other features. The admin password protects the main program of Password Door, and the uninstaller. Users will not be able to change the settings or uninstall Password Door without the admin password. It also has built-in features to avoid being removed by 3rd party uninstaller, and ensure that it will always be there to provide maximal protection until you uninstall it with admin password. Even more features: Recheck allowed programs when the system is idle.Recheck allowed programs when the schedule is in disabled hours.Limit use time of a program per day.Enhanced protection mode.Multiple languages.Color scheme, font.... Sceenshots : Main window Protect a Program Protection manager Protection item - Standard Protection item - Advanced Protection item - Schedule Password dialog box Software Info : Version: 9.0.1 Size: 594 KB Home page :http://www.toplang.com/passworddoor.htmDirect Download link :http://www.toplang.com/pdsetup.exe Platforms: Windows 2000, XP, 2003, Vista, 7Note : It should works on Windows 8 too but I haven't tested it yet ! :unsure: Download program + proper crack (by Me! :D ) http://rghost.net/49201029 VirusTotal :0/48 Norton : clean Kaspersky: clean Bitdefender : Gen:Variant.Kazy.116352 (don't worry it's a false positive ;) )
  10. When you browse the Web, changes occur to your computer system. Some of these might be harmful, like the unsolicited installation of malware. When you use Sandboxie to protect your browsing session, it catches all these changes just as the browser is about to apply them into your computer system. Sandboxie does record these changes on behalf of the browser, but it records them in a special isolated folder, called the sandbox. Thus, with Sandboxie, you can browse the Web securely while still keeping all your browser's functionality for active and dynamic content, such as javascript and ActiveX. All undesired side effects can be easily undone. Homepage: http://www.sandboxie.com OS supported :Windows XP SP 3 - Windows 8.1; 32-bit + 64-bit Forum Link for this beta version update: http://www.sandboxie.com/phpbb/viewforum.php?f=41 Download links: 32-bit http://www.sandboxie.com/SandboxieInstall32-407-02.exe 64-bit http://www.sandboxie.com/SandboxieInstall64-407-02.exe Change log will be updated here(in this post) once it is updated on Sandboxie's forum Important note from developer:
  11. Loaris Trojan Remover 1.2.9.8 Eng + Crack Trojan Remover aids in the removal of Malware - Trojan Horses, Worms, Adware, Spyware - when standard anti-virus software either fails to detect them or fails to effectively eliminate them. Standard antivirus programs are good at detecting this Malware, but not always good at effectively removing it. The majority of Anti-Malware Scanners are well able to detect malicious software - Trojan Horses, Internet Worms, Adware/Spyware etc. - but are not always efficient in removing them once they have been triggered. Trojan Remover is designed specifically to disable/remove Malware without the user having to manually edit system files or the Registry. The program also removes the additional system modifications some Malware carries out which are ignored by some standard antivirus scanners. Trojan Remover scans ALL the files loaded at boot time for Adware, Spyware, Remote Access Trojans, Internet Worms and other malware. Two types are available. The Standard scan quickly scans the system with no need for further configuration of the scan parameters.The Custom scan… allows the user to select any of the folders for scan. Are you bombarded with popup ads, seeing new toolbars in your browser, is your home page changing to unwanted destinations or are you bombarded with irritating spam? Perhaps strange software loads on startup or your favorites have new entries that YOU DONT WANT. If So.. Your PC is most likely infected with adware, spyware, spybot, trojans or another internet parasite. These programs have the ability to track your browsing habits and even steal such personal information as bank account numbers and passwords. Spyware has the power to install more parasites on your computer without your consent. Everything you do and everything you type is being recorded right now! Companies know what your interests are! Hackers will access your PC and do anything they wish. They can even steal your Identity and You would never be the wiser! The Solution: Download the latest version of Loaris Trojan Remover right now. You will be able to completely clean your computer of all these invasive threats! Your computer will be clean and will run alot faster - Your Privacy will be Protected! Additional Tools: Reset Internet Explorer Home/Start/Search Page SettingsSome Malware programs make changes to the Internet Explorer Home, Start and Search Page settings in order to re-direct the web browser to different websites. This Utility will reset the Home/Start/Search pages to standard Defaults. You can then manually reset your Home Page to your website of choice (or leave it "blank", the default). Reset HOSTS fileThe Windows HOSTS file is a text file which stores website addresses. The file can be used to speed up access to websites you visit often - by equating the website name (e.g. microsoft.com) with its DNS address, the web browser can find the website more quickly as it does not have to query a DNS Name Server. Some Malware programs add entries to this file, to either deny access to websites (usually security-related or antivirus company websites), or to re-direct access to websites of their choosing. Reset Windows Update PoliciesSome Malware programs attempt to prevent Windows Update from running, and inhibit access to resetting Windows Update by blanking out the Windows Update options on the Update configuration screen. This Utility will check the current Windows Update settings and correct them where necessary. Software requirements Loaris Trojan Remover supports all 32-bit and 64-bit Windows families including XP, 2003, Vista, Windows 7 and Windows 8 (32-bit/64-bit)1 GB RAM60 MB free hard drive spaceMinimum 800 x 600 screen resulutionWebsite: http://loaris.com/ Year: 2013 Language: English Tablet: Crack Size: 56,81 MB
  12. GridinSoft Trojan Killer 2.1.9.5 Ml + Patch GridinSoft Trojan Killer - advanced program to clean your computer of all malicious threats! If you - a permanent internet user, you should take steps to protect your personal information against cyber-criminals. Trojan Killer can help you in this matter! The program quickly identify (recognize) and immediately remove dangerous malicious Trojans - spyware and adware, malware blocking and restricting the activities of tools, keyloggers, etc. before irreversible painful events will come in the form of stolen accounts, passwords, credit card numbers, personal, corporate and other information. Trojan Killer is designed specifically to disable / remove Malware without the user having to manually edit system files or reestr.Programma also removes the additional system modifications that are ignored by some standard antivirus scanners. Trojan Killer scans ALL the files loaded at boot time, Adware, Spyware, Remote Access Trojans, Internet Worms and other malware. Trojan Killer works in a security system for providing security in computer systems. The program will help you get rid of annoying adware, malware and other rough tools. It is very important to restore control over your computer, and do not let anyone use your data. Additional tools:Reset Home Internet Explorer / Start / Search Page Settings Some Malware programs make changes to the main page of Internet Explorer, Start and Search Page settings, in order to redirect the web browser to different websites. This utility will reset the Home / Start / Search pages to standard Defaults. You can then manually reset your Home Page to your website of choice (or leave it "blank", the default). Restore the HOSTS fileWindows HOSTS file is a text file which stores website addresses. The file can be used to speed up access to websites you visit often - by equating the website name to its address DNS, web browser can find the website more quickly as it does not have to query a DNS-name Server. Some Malware programs add entries to this file, to either deny access to websites (usually security-related Web sites or antivirus company), or re-direct access to websites of their choosing. Reset Windows Update, politicianSome Malware programs attempt to prevent Windows Update, from running, and inhibit access to resetting Windows Update, by blanking out the Windows Update options on the Configure Update. Website: http://www.gridinsoft.com OS: Windows XP / Vista / 7 / 8 Language: Ml Medicine: Patch Size: 54,84 Mb.
  13. With the advent of mobile payments and more and more users storing sensitive information on their smartphones, security is becoming a greater concern. That is why the following story is so harrowing: a man’s son was able to reset his Android phone’s password, and all he needed was access to his phone. The following exploit doesn’t require any knowledge of a user’s Google account; all you would need is access to the person’s phone. A Reddit user recounts the process in detail: “I just discovered what seems to me a massive security loophole. Please someone tell me if the following makes any sense. My son was playing on my phone (Galaxy S3). He tried to purchase in app items on Subway Surfer but didn’t know the password. So, he followed the following steps to reset my password from my phone without having to enter any information about the account: Starting from the screen after you click “buy,” 1. Click the question mark next to the password box when asked to confirm password for a purchase.2. Click “forgot password.”3. Click “I don’t know.”4. Leave the selection on the page at “Confirm password reset on my Android Samsung SCH-I535 phone.”5. Click “Yes”6. Click “Allow Password Reset.7. Enter and confirm new Password. And that allowed someone with absolutely no knowledge about my Google account, and access only to my phone, to reset a new password for my entire Google account.”– karcirate (reddit)This exploit has been around for quite some time, however, now that users realize how easy it is, maybe Google should work on beefing up this loophole. What can you do to protect against this? Well, someone would need access to your phone in order to make purchases on it, or rest your password and gain access to your account. Putting a lock-code is probably your best bet against strangers. Hopefully the friends you’d allow access to your phone can be trusted enough to not rack up your cell phone bill or mess with your Google account. Source
  14. Passwords keep getting more annoying but thankfully there are lots of different apps to help you securely manage them without writing them all down on a slip of paper that you store somewhere deep in a desk drawer. One of the best password management apps is 1Password, which lets you store all your passwords on one application and activate them simply through typing in one master password. Basically, then, your one 1Password password serves as the only password you’ll ever need to remember once you store all your other passwords on the app. Unfortunately for Android users, the full version 1Password has only been available for iOS, Windows and Mac users… but that’s about to change. El Android Libre notes that AgileBits is about to release a fresh beta for 1Password for Android, which suggests that a final version of the app can’t be too far off. Although Android users can have been able to use the 1Password Reader from AgileBits, that app is mostly an extension of the desktop app and doesn’t come close to offering all the features that the iOS version of the app offers. We don’t know for sure when the full version of 1Password will make its way to Google Play but we can bet that it will be a hot seller once it arrives. Some of El Android Libre’s screenshots for 1Password for Android follow below. Source
  15. Windows 8.1 also adds more Trusted Platform Module support, and the company says its goal is to have all Windows devices require TPM 2.0 by January 2015 so that companies that let employees bring their own PCs to work can be confident they can work with their own corporate security set-up. Windows 8.1 can also be enabled to set up device encryption if the PC supports InstantGo. In addition, it adds Remote Data Removal, which will allow an IT administrator to remotely wipe a PC of all corporate data on an employee's personal PC, while keeping the employee's personal data intact. Microsoft will be launching a new version of its Windows Defender software with Windows 8.1. It states: Finally, Internet Explorer 11 in Windows 8.1 has security improvements on its own, including a new API that Microsoft says will let an anti-malware program "to make a security determination before a binary extension is loaded." Source: neowin | Image via Microsoft
  16. January 11th, 2014, 21:30 GMT · By Silviu Stahie The UK government now says that Ubuntu 12.04 is the safest operating system available, way ahead of Windows 8 and Mac OS X. The Communications-Electronics Security Group (CESG) is the UK National Technical Authority for information assurance and they’ve done a series of tests to find out what is the most secure operating system available for the governmental apparatus. The security assessment made by CESG included the following categories: VPN, Disk Encryption, Authentication, Secure Boot, Platform Integrity and Application Sandboxing, Application Whitelisting, Malicious Code Detection and Prevention, Security Policy Enforcement, External Interface Protection, Device Update Policy, Event Collection for Enterprise Analysis, and Incident Response. Ubuntu 12.04 (Precise Pangolin) has been the operating system that passed most of the test, way ahead of Windows 8 or Mac OS X. “All in all Ubuntu 12.04 LTS stacks up as the most secure of the current desktop and mobile operating systems. Supported by Canonical with free security updates for 5 years, and without malware problems, it’s hard to beat in official public sector applications. “ “We are working hard to close the gap and make Ubuntu clearly stand out as the most trustworthy operating system for the future and we hope to make excellent progress before our next LTS release in April 2014, 14.04 LTS, which will be even better," said Darryl Weaver, Canonical Sale Engineer http://news.softpedia.com/news/Ubuntu-12-04-Is-More-Secure-Than-Windows-8-and-Mac-OS-X-Says-UK-Goverment-416016.shtml Also See: The GESG Security Assessment: http://insights.ubuntu.com/resources/article/ubuntu-scores-highest-in-uk-gov-security-assessment Report PDF http://insights.ubuntu.com/wp-content/uploads/UK-Gov-Report-Summary.pdf GESG End User Devices Security Guidance: Ubuntu 12.04 https://www.gov.uk/government/publications/end-user-devices-security-guidance-ubuntu-1204/end-user-devices-security-guidance-ubuntu-1204
  17. At 10 AM Pacific time on Thursday, Microsoft will release an update to address the zero day vulnerability recently disclosed in all versions of Internet Explorer. The advance notification of the update lists Windows XP as among the affected platforms, indicating that it will be among the platforms patched, in spite of its support period ending weeks ago. Adrienne Hall, General Manager, Microsoft Trustworthy Computing stated "[T]he security of our products is something we take incredibly seriously. When we saw the first reports about this vulnerability we decided to fix it, fix it fast, and fix it for all our customers." Users with Automatic Updates enabled do not have to do anything, although running Windows Update will apply the fix immediately. In a blog entry, Hall explains Microsoft's approach, which mostly is to urge users to move on from Windows XP. The company decided to move quickly when they were made aware of this vulnerability and to patch Windows XP because of the proximity to its end of support period. Further information on the update may be found at KB2964358. Among the advice there, IE will crash if you install the update on a Windows 7 system whch does not have KB2929437 installed. If you use Windows Update these determinations and appropriate installations will be made automatically. Otherwise, follow the instructions in KB2964358. Source
  18. Google has decided to do more in the area of Internet security. To help combat this ever increasing problem, they're offering up Project Zero. Essentially, Google will begin hiring "the best practically-minded security researchers and contributing 100% of their time toward improving security across the Internet." Their work will not be limited to just Google products, but will instead be focused on "any software depended upon by large numbers of people." The idea is that researchers will find the threats, then inform only the software developer. Once the OEM has a patch ready, a public bug report will be filed in an external database accessible to anyone. The database will include information on the issue as well as time-to-fix data, discussion about exploitability, etc. The implications of this are huge considering how much money and resources Google has at is disposal. With a major player such as this throwing its hat in the ring, this really can be nothing but a positive to everyone who uses the Internet and has put sensitive information thereon. These days, that's pretty much all of us. Source
  19. http://www.softether.org/ What is SoftEther VPN SoftEther VPN ("SoftEther" means "Software Ethernet") is one of the world's most powerful and easy-to-use multi-protocol VPN software. It runs on Windows, Linux, Mac, FreeBSD and Solaris. SoftEther VPN is open source. You can use SoftEther for any personal or commercial use for free charge. SoftEther VPN is an optimum alternative to OpenVPN andMicrosoft's VPN servers. SoftEther VPN has a clone-function of OpenVPN Server. You can integrate from OpenVPN to SoftEther VPN smoothly. SoftEther VPN is faster than OpenVPN. SoftEther VPN also supports Microsoft SSTP VPN for Windows Vista / 7 / 8. No more need to pay expensive charges for Windows Server license for Remote-Access VPN function. SoftEther VPN can be used to realize BYOD (Bring your own device) on your business. If you have smartphones, tablets or laptop PCs, SoftEther VPN's L2TP/IPsec server function will help you to establish a remote-access VPN from your local network. SoftEther VPN's L2TP VPN Server has strong compatible with Windows, Mac, iOS and Android. SoftEther VPN is not only an alternative VPN server to existing VPN products (OpenVPN, IPsec and MS-SSTP). SoftEther VPN has also original strong SSL-VPN protocol to penetrate any kinds of firewalls. Ultra-optimized SSL-VPN Protocol of SoftEther VPN has very fast throughput, low latency and firewall resistance. SoftEther VPN has strong resistance against firewalls than ever.Built-in NAT-traversal penetrates your network admin's troublesome firewall for overprotection. You can setup your own VPN server behind the firewall or NAT in your company, and you can reach to that VPN server in the corporate private network from your home or mobile place, without any modification of firewall settings. Any deep-packet inspection firewalls cannot detect SoftEther VPN's transport packets as a VPN tunnel, because SoftEther VPN uses Ethernet over HTTPS for camouflage. Easy to imagine, design and implement your VPN topology with SoftEther VPN. It virtualizes Ethernet by software-enumeration. SoftEther VPN Client implementsVirtual Network Adapter, and SoftEther VPN Server implements Virtual Ethernet Switch. You can easily build both Remote-Access VPN and Site-to-Site VPN, as expansion of Ethernet-based L2 VPN. Of course, traditional IP-routing L3 based VPN can be built by SoftEther VPN.
  20. By Zach Epstein on Jan 20, 2014 at 11:26 AM The rabbit hole that is the Internet goes much deeper than most people know. In fact, the World Wide Web as we know it represents just 4% of networked web pages the remaining 96% of pages make up what many refer to as the Invisible Internet, Invisible Web or Deep Web. This massive subsection of the Internet is 500 times bigger than the visible Web and is not indexed by search engines like Google. Finding sites on this invisible network of webpages isnt easy as a result, so its often home to nefarious services like Silk Road. Theres plenty more to the Deep Web than that, however, and an infographic posted recently by WhoIsHostingThis the same group that recently taught us how to disappear online does a good job of detailing the basics, including how to access this mysterious network of hidden sites with a special Web browser like Tor. The full infographic follows below. http://bgr.com/2014/01/20/how-to-access-tor-silk-road-deep-web
  21. By Manish Singh on February 11, 2014 - 07:18PM Internet, much like the real world, has bad people too. And while the digital security of the entire planet seems to be a train-wreck, things are even worse in India. According to Microsoft’s third annual Computing Safety Index (MCSI)​ report, 20% Indians are the victims of online phishing attacks. The victims in this case lose around Rs. 7500 ($120 USD) on average. “About 12 per cent Indian respondents said they suffered identity theft at an average cost them Rs 7,500," the MSCI states. Whereas the annual worldwide impact of phishing and identity theft is around $5 billion, while fixing peoples’ online reputation could go as high as $6 million. “The annual worldwide impact of phishing and other various forms of identity theft could be as high as $5 billion, with the cost of repairing the damage to peoples' online reputation being higher yet at nearly $6 billion or an estimated average of $632 (Rs 39,000) per loss," the MSCI mentioned. The survey which was released today on Safer Internet Day, used the data gathered from testing around 10,500 users from across 20 nations. According to the report, only 34% of them care to prevent strangers from seeing their updates on social media. Whereas, 38% of people actually tweak some settings to set control over who sees what. Furthermore, only 35% of the users employed a PIN protection to keep their devices secure. "Internet users can prevent intrusions and thefts by using a unique four-digit PIN for mobile devices and strong passwords for online accounts," Microsoft India National Technology Officer Prakash Kumar said. It is high time we became aware of online attacks and started using simple preventive measures which can save us a whole lot of trouble. “The Internet touches our lives every day, whether we are communicating with loved ones, for work, shopping, and paying bills. But how cautious are we about monitoring our online presence, and taking note of our own vulnerabilities? There are many things you can do to stay safer online," Kumar added. http://www.winbeta.org/news/phishing-attacks-20-percent-indians-are-victims-says-microsoft
  22. By Dan Goodin - Feb 11 2014, 8:33am AEST Attackers used phishing and zero-days to infect Windows, Mac, and Linux users. Mask victims by IP address. Calling it the most sophisticated malware-driven espionage campaign ever discovered, researchers said they have uncovered an attack dating back to at least 2007 that infected computers running the Windows, OS X, and Linux operating systems of 380 victims in 31 countries. The "Mask" campaign, which gets its name from a string of text found in one of the malware samples, includes a variety of components used to siphon encryption keys, key strokes, Skype conversations, and other types of sensitive data off infected computers. There is also evidence that the Spanish-speaking attackers had malware that ran on devices running both Apple's iOS and Google's Android mobile operating systems. Victims include government agencies, embassies, research institutions, private equity firms, activists, energy companies, and companies in other industries. The sophistication of Mask makes it likely that the campaign is the work of attackers sponsored by a well-resourced nation-state, said researchers from Kaspersky Lab, the Moscow-based security company that discovered it. Mask—or "Careto" as its Spanish slang translation appears in source code analyzed by Kaspersky—joins a pantheon of other state-sponsored malware campaigns with names including Stuxnet, Flame, Duqu, Red October, Icefog, and Gauss. Unlike more opportunistic crimeware campaigns that generate revenue by targeting anyone with an Internet-connected computer, these "advanced persistent threats" (APTs) are much more determined. They're tailored threats that are aimed as specific people or organizations who possess unique data or capabilities with strategic national or business value. "With Careto, we describe yet another sophisticated cyberespionage operation that has been going on undiscovered for more than five years," Kaspersky Lab researchers wrote in a detailed analysis published Monday. "In terms of sophisticated, we put Careto above Duqu, Gauss, RedOctober, or Icefog, making it one of the most complex APTs we observed." The attackers relied on highly targeted spear phishing e-mails to lure targeted individuals to malicious websites. In some cases, attackers impersonated well-known websites, such as those operated by The Guardian and The Washington Post. One of the exploits recently used by the attackers targeted CVE-2012-0773, a highly critical vulnerability in Adobe's Flash Player that made it possible to bypass the sandbox security protection Google Chrome and other browsers rely on to prevent websites from executing malicious code on end-user computers. "What makes 'The Mask' special is the complexity of the toolset used by the attackers," the Kaspersky analysis stated. "This includes an extremely sophisticated malware, a rootkit, a bootkit, 32- and 64-bit Windows versions, Mac OS X and Linux versions, and possibly versions of Android and iPad/iPhone (Apple iOS)." Kaspersky researchers first stumbled onto Mask after noticing that it exploited a vulnerability in older versions of Kaspersky antivirus products to hide itself. The vulnerability has been patched for an unspecified amount of time, but attackers were exploiting the vulnerability on machines that continued to run older versions of the Kaspersky software. Like Stuxnet and many other pieces of malware used in the last five years, Mask code was digitally signed, in this case with a valid certificate issued to a fake company called TecSystem Ltd. Such digital credentials are designed to bypass warnings delivered by Windows and other operating systems before executing programs that haven't been vouched for by credentials issued by a recognized certificate authority. The malware uses encrypted HTTP or HTTPS channels when communicating with command and control servers. Researchers were able to take control of some of the domain names or IP addresses hosting the control servers that Mask-infected computers reported to. In all, the researchers observed 1,000 separate IP addresses in 31 countries connect. They also found traces of 380 different victim identifiers designated by the Mask naming convention. The Mask campaign was abruptly shut down last week within hours of being revealed in a short blog post. "For Careto, we observed a very high degree of professionalism in the operational procedures of the group behind this attack, including monitoring of their infrastructure, shutdown of the operation, avoiding curious eyes through access rules, using wiping instead of deletion for log files and so on," the Kaspersky analysis noted. "This is not very common in APT operations, putting the Mask into the 'elite' APT groups section." Post updated to add "slang" to the third paragraph. http://arstechnica.com/security/2014/02/meet-mask-posssibly-the-most-sophisticated-malware-campaign-ever-seen
  23. By Stephanie Mlot February 14, 2014 08:00am EST Fifty-four percent of U.S. adults send or receive intimate content, according to McAfee. It's fine to document your steamy Valentine's Day with your new fling, but think twice if you're planning to snap a few risqué photos or record a video. According to McAfee's 2014 Love, Relationships, and Technology survey, 54 percent of U.S. adults send or receive intimate content. Which is OK, except for those 46 percent of respondents who also share their passwords with another individual—basically handing someone the key to their private vault. "With all the stories we've heard about intimate photos being leaked, it's hard to believe people are still sharing their passwords," Gary Davis, vice president of McAfee consumer business, said in a statement. "Ultimately, they're increasing the risks of these photos becoming public and possibly jeopardizing their identity and reputation." To Davis's point, the study reported a whopping 70 percent of 18-24 year olds receiving sexually suggestive content—the largest percentage of all age groups. And as nearly half of respondents admit to storing intimate content they receive, there's no telling where those racy photos you sent as a cheeky birthday gift could end up. Especially in the case of the 96 percent of American adults who trust their significant other with private information like passwords. According to McAfee's results, a quarter of respondents have taken their partner's mobile device to check on other content, like messages and photos. Perhaps they are just looking for holiday gift suggestions or a mutual friend's phone number. No matter, the security firm suggests you don't share passwords or mobile codes with others, in an effort to secure personal data. Also avoid using weak, easily identifiable passwords like birthdays, numbers in a row, or repeating numbers. And, like 73 percent of people surveyed, remember to change your password after a breakup, just in case the other party is even a little bit vindictive. People are distributing more than sexual texts, though: 47 percent share email accounts, and 43 percent give away bank details like Valentine's Day Sweetheart candies. For more details on how people share personal information in romantic relationships, check out McAfee's full infographic below. http://www.pcmag.com/article2/0,2817,2453376,00.asp
  24. By DAVID E. SANGER and THOM SHANKERJAN. 14, 2014 The headquarters of the National Security Agency at Fort Meade, Md. We do not use foreign intelligence capabilities to steal the trade secrets of foreign companies, an N.S.A. official said. Jim Lo Scalzo/European Pressphoto Agency WASHINGTON The National Security Agency has implanted software in nearly 100,000 computers around the world that allows the United States to conduct surveillance on those machines and can also create a digital highway for launching cyberattacks. While most of the software is inserted by gaining access to computer networks, the N.S.A. has increasingly made use of a secret technology that enables it to enter and alter data in computers even if they are not connected to the Internet, according to N.S.A. documents, computer experts and American officials. The technology, which the agency has used since at least 2008, relies on a covert channel of radio waves that can be transmitted from tiny circuit boards and USB cards inserted surreptitiously into the computers. In some cases, they are sent to a briefcase-size relay station that intelligence agencies can set up miles away from the target. President Obama spoke to reporters before a cabinet meeting at the White House on Tuesday morning. Mr. Obamas speech on spying guidelines is scheduled for Friday. The radio frequency technology has helped solve one of the biggest problems facing American intelligence agencies for years: getting into computers that adversaries, and some American partners, have tried to make impervious to spying or cyberattack. In most cases, the radio frequency hardware must be physically inserted by a spy, a manufacturer or an unwitting user. The N.S.A. calls its efforts more an act of active defense against foreign cyberattacks than a tool to go on the offensive. But when Chinese attackers place similar software on the computer systems of American companies or government agencies, American officials have protested, often at the presidential level. Among the most frequent targets of the N.S.A. and its Pentagon partner, United States Cyber Command, have been units of the Chinese Army, which the United States has accused of launching regular digital probes and attacks on American industrial and military targets, usually to steal secrets or intellectual property. But the program, code-named Quantum, has also been successful in inserting software into Russian military networks and systems used by the Mexican police and drug cartels, trade institutions inside the European Union, and sometime partners against terrorism like Saudi Arabia, India and Pakistan, according to officials and an N.S.A. map that indicates sites of what the agency calls computer network exploitation. Whats new here is the scale and the sophistication of the intelligence agencys ability to get into computers and networks to which no one has ever had access before, said James Andrew Lewis, the cybersecurity expert at the Center for Strategic and International Studies in Washington. Some of these capabilities have been around for a while, but the combination of learning how to penetrate systems to insert software and learning how to do that using radio frequencies has given the U.S. a window its never had before. No Domestic Use Seen There is no evidence that the N.S.A. has implanted its software or used its radio frequency technology inside the United States. While refusing to comment on the scope of the Quantum program, the N.S.A. said its actions were not comparable to Chinas. N.S.A.s activities are focused and specifically deployed against and only against valid foreign intelligence targets in response to intelligence requirements, Vanee Vines, an agency spokeswoman, said in a statement. We do not use foreign intelligence capabilities to steal the trade secrets of foreign companies on behalf of or give intelligence we collect to U.S. companies to enhance their international competitiveness or increase their bottom line. Over the past two months, parts of the program have been disclosed in documents from the trove leaked by Edward J. Snowden, the former N.S.A. contractor. A Dutch newspaper published the map of areas where the United States has inserted spy software, sometimes in cooperation with local authorities, often covertly. Der Spiegel, a German newsmagazine, published the N.S.A.s catalog of hardware products that can secretly transmit and receive digital signals from computers, a program called ANT. The New York Times withheld some of those details, at the request of American intelligence officials, when it reported, in the summer of 2012, on American cyberattacks on Iran. President Obama is scheduled to announce on Friday what recommendations he is accepting from an advisory panel on changing N.S.A. practices. The panel agreed with Silicon Valley executives that some of the techniques developed by the agency to find flaws in computer systems undermine global confidence in a range of American-made information products like laptop computers and cloud services. Embracing Silicon Valleys critique of the N.S.A., the panel has recommended banning, except in extreme cases, the N.S.A. practice of exploiting flaws in common software to aid in American surveillance and cyberattacks. It also called for an end to government efforts to weaken publicly available encryption systems, and said the government should never develop secret ways into computer systems to exploit them, which sometimes include software implants. Richard A. Clarke, an official in the Clinton and Bush administrations who served as one of the five members of the advisory panel, explained the groups reasoning in an email last week, saying that it is more important that we defend ourselves than that we attack others. Holes in encryption software would be more of a risk to us than a benefit, he said, adding: If we can find the vulnerability, so can others. Its more important that we protect our power grid than that we get into Chinas. From the earliest days of the Internet, the N.S.A. had little trouble monitoring traffic because a vast majority of messages and searches were moved through servers on American soil. As the Internet expanded, so did the N.S.A.s efforts to understand its geography. A program named Treasure Map tried to identify nearly every node and corner of the web, so that any computer or mobile device that touched it could be located. A 2008 map, part of the Snowden trove, notes 20 programs to gain access to big fiber-optic cables it calls them covert, clandestine or cooperative large accesses not only in the United States but also in places like Hong Kong, Indonesia and the Middle East. The same map indicates that the United States had already conducted more than 50,000 worldwide implants, and a more recent budget document said that by the end of last year that figure would rise to about 85,000. A senior official, who spoke on the condition of anonymity, said the actual figure was most likely closer to 100,000. That map suggests how the United States was able to speed ahead with implanting malicious software on the computers around the world that it most wanted to monitor or disable before they could be used to launch a cyberattack. A Focus on Defense In interviews, officials and experts said that a vast majority of such implants are intended only for surveillance and serve as an early warning system for cyberattacks directed at the United States. How do you ensure that Cyber Command people are able to look at those that are attacking us? a senior official, who compared it to submarine warfare, asked in an interview several months ago. That is what the submarines do all the time, said the official, speaking on the condition of anonymity to describe policy. They track the adversary submarines. In cyberspace, he said, the United States tries to silently track the adversaries while theyre trying to silently track you. If tracking subs was a Cold War cat-and-mouse game with the Soviets, tracking malware is a pursuit played most aggressively with the Chinese. The United States has targeted Unit 61398, the Shanghai-based Chinese Army unit believed to be responsible for many of the biggest cyberattacks on the United States, in an effort to see attacks being prepared. With Australias help, one N.S.A. document suggests, the United States has also focused on another specific Chinese Army unit. Documents obtained by Mr. Snowden indicate that the United States has set up two data centers in China perhaps through front companies from which it can insert malware into computers. When the Chinese place surveillance software on American computer systems and they have, on systems like those at the Pentagon and at The Times the United States usually regards it as a potentially hostile act, a possible prelude to an attack. Mr. Obama laid out Americas complaints about those practices to President Xi Jinping of China in a long session at a summit meeting in California last June. At that session, Mr. Obama tried to differentiate between conducting surveillance for national security which the United States argues is legitimate and conducting it to steal intellectual property. The argument is not working, said Peter W. Singer of the Brookings Institution, a co-author of a new book called Cybersecurity and Cyberwar. To the Chinese, gaining economic advantage is part of national security. And the Snowden revelations have taken a lot of the pressure off the Chinese. Still, the United States has banned the sale of computer servers from a major Chinese manufacturer, Huawei, for fear that they could contain technology to penetrate American networks. An Old Technology The N.S.A.s efforts to reach computers unconnected to a network have relied on a century-old technology updated for modern times: radio transmissions. In a catalog produced by the agency that was part of the Snowden documents released in Europe, there are page after page of devices using technology that would have brought a smile to Q, James Bonds technology supplier. One, called Cottonmouth I, looks like a normal USB plug but has a tiny transceiver buried in it. According to the catalog, it transmits information swept from the computer through a covert channel that allows data infiltration and exfiltration. Another variant of the technology involves tiny circuit boards that can be inserted in a laptop computer either in the field or when they are shipped from manufacturers so that the computer is broadcasting to the N.S.A. even while the computers user enjoys the false confidence that being walled off from the Internet constitutes real protection. The relay station it communicates with, called Nightstand, fits in an oversize briefcase, and the system can attack a computer from as far away as eight miles under ideal environmental conditions. It can also insert packets of data in milliseconds, meaning that a false message or piece of programming can outrace a real one to a target computer. Similar stations create a link between the target computers and the N.S.A., even if the machines are isolated from the Internet. Computers are not the only targets. Dropoutjeep attacks iPhones. Other hardware and software are designed to infect large network servers, including those made by the Chinese. Most of those code names and products are now at least five years old, and they have been updated, some experts say, to make the United States less dependent on physically getting hardware into adversaries computer systems. The N.S.A. refused to talk about the documents that contained these descriptions, even after they were published in Europe. Continuous and selective publication of specific techniques and tools used by N.S.A. to pursue legitimate foreign intelligence targets is detrimental to the security of the United States and our allies, Ms. Vines, the N.S.A. spokeswoman, said. But the Iranians and others discovered some of those techniques years ago. The hardware in the N.S.A.s catalog was crucial in the cyberattacks on Irans nuclear facilities, code-named Olympic Games, that began around 2008 and proceeded through the summer of 2010, when a technical error revealed the attack software, later called Stuxnet. That was the first major test of the technology. One feature of the Stuxnet attack was that the technology the United States slipped into Irans nuclear enrichment plant at Natanz was able to map how it operated, then phone home the details. Later, that equipment was used to insert malware that blew up nearly 1,000 centrifuges, and temporarily set back Irans program. But the Stuxnet strike does not appear to be the last time the technology was used in Iran. In 2012, a unit of the Islamic Revolutionary Guards Corps moved a rock near the countrys underground Fordo nuclear enrichment plant. The rock exploded and spewed broken circuit boards that the Iranian news media described as the remains of a device capable of intercepting data from computers at the plant. The origins of that device have never been determined. On Sunday, according to the semiofficial Fars news agency, Irans Oil Ministry issued another warning about possible cyberattacks, describing a series of defenses it was erecting and making no mention of what are suspected of being its own attacks on Saudi Arabias largest oil producer. http://www.nytimes.com/2014/01/15/us/nsa-effort-pries-open-computers-not-connected-to-internet.html?partner=rss&emc=rss&smid=tw-nytimesworld
  25. Thirty-four nuclear missile launch officers have been implicated in a cheating scandal and have been stripped of their certification, and three others have been implicated in a drug probe, in what the Air Force believes is the largest such breach of integrity in the nuclear force, Air Force Secretary Deborah Lee James said Wednesday. The officers apparently texted to each other the answers to a monthly test on their knowledge of how to operate the missiles. The number includes who did the cheating as well as those who may have known about it but did not report it. The cheating, which was discovered during a drug investigation that included two of the 34 officers, is the latest controversy involving the service members who maintain and operate the nation's 450 nuclear missiles. In all, the drug scandal encompassed 11 Air Force officers across six bases in the U.S. and England. Of the three missile launch officers involved in the drug scandal, two were at Malmstrom Air Force Base in Montana and one was at F.E. Warren Air Force Base, Wyo. The two at Malmstrom were among those implicated in the cheating scandal. James told a Pentagon news conference that 600 missile crew members across the Air Force were retaking the test, including nearly 200 at Malmstrom. She said that the missile force needs attention and that while immediate corrective action is being taken, Air Force leaders are planning to address some longer-term initiatives. The Air Force said the alleged cheating took place late last summer. "Earlier today, Secretary of the Air Force Deborah Lee James briefed Secretary of Defense Chuck Hagel on allegations that several dozen ICBM officers cheated on their proficiency tests," Pentagon press secretary Rear Admiral John Kirby said in a statement. "Secretary Hagel was deeply troubled to learn of these allegations, and he strongly supports the aggressive steps the Air Force is taking in response to them." Last week the Pentagon disclosed the original drug probe of a total of 10 officers — nine lieutenants and one captain — at six bases. It provided few other details beyond saying the officers were suspected of possessing "recreational drugs." That has now expanded to 11 officers. The matter is being probed by the Air Force Office of Special Investigations. The Associated Press has reported that the Air Force's nuclear arm has been weighed down by a series of problems involving security lapses and morale-related issues, leading one officer to complain of "rot" in the force. The original disclosure of a drug investigation said the officers alleged to be involved were at Edwards Air Force Base, Calif.; Schriever Air Force Base, Colo.; Royal Air Force base Lakenheath in England; Vandenberg Air Force Base, Calif., and two bases that operate intercontinental ballistic missiles — F.E. Warren and Malmstrom. First word of the investigation came last Thursday moments before Defense Secretary Chuck Hagel appeared at F.E. Warren to deliver a pep talk to members of the 90th Missile Wing, which operates 150 ICBMs. Hagel did not mention the drug probe but praised the missile force for its dedication and professionalism. Source
×
×
  • Create New...