Azerbaijan: Blowing Up in Their Facebook. This article by Global Voices’ Caucasus editor was originally published on 9 March 2011 by Transitions Online and is used by permission. When Adnan Hajizade and Emin Milli, two video-blogging youth activists in Azerbaijan, were detained on 8 July 2009 on what many believe were trumped-up charges, supporters and friends naturally used Facebook to campaign for their release. However, spreading networks wide in order to disseminate information and updates, there were obviously risks involved. Reports of the security services monitoring Facebook were coming out of neighboring Iran, and there was no reason to think it couldn’t happen in Azerbaijan. For the two young men’s supporters, however, that didn't matter. What was arguably more important was that Facebook was crucial in the campaign to free them. In Azerbaijan that is certainly proving to be the case.
As well he might have been. Meanwhile, the campaign against Facebook and Twitter has even made it into the broadcast media. HBGary Federal Document on Manipulating Social Media. The HBGary Federal breach conducted by the rogue movement Anonymous, and the subsequent release of tens-of-thousands of company emails, revealed multiple instances of ethically questionable proposals for covert operations.
HBGary Federal, Palantir Technologies and Berico Technologies were involved in developing WikiLeaks counter-operations strategies for Bank of America and proposed disinformation campaigns, cyber attacks against network systems, and strong-arming journalists. Other information released in the breach show the companies were engaged in developing strategies to infiltrate other civil activist groups, and plans to use social media for distributing government propaganda.
There was also evidence that HBGary Federal was involved in developing an undetectable, full command and control cyber offensive weapon called Magenta. Excerpts from the document speak for themselves: WiFi Interception System - Sun, 22 Nov 2009 17:25:26 +0000. RE: [Themis] Revisions to Palantir/Berico TA and proposals - Thu, 18 Nov 2010 14:18:57 -0800. Democrats call for an investigation of law firm, 3 tech companies. A group of House Democrats is calling on Republican leaders to investigate a prominent Washington law firm and three federal technology contractors, who have been shown in hacked e-mails discussing a "disinformation campaign" against foes of the U.S. Chamber of Commerce. In a letter to be released Tuesday, Rep. Hank Johnson (D-Ga.) and more than a dozen other lawmakers wrote that the e-mails appear "to reveal a conspiracy to use subversive techniques to target Chamber critics," including "possible illegal actions against citizens engaged in free speech.
" The lawmakers say it is "deeply troubling" that "tactics developed for use against terrorists may have been unleashed against American citizens. " The call for a congressional probe marks the latest development in the controversy over tens of thousands of e-mails stolen from HBGary Federal, whose computer system was attacked in early February by members of a loose collective of unidentified hackers known as Anonymous.
Help Anonymous stop Palantir. Do it now. Overview The following emails clearly establish Matthew Steckman's (Foward Deployed Engineer at Planatir) involvement in the creation of the leaked presentation/proposal entitled, "The Wikileaks Threat," including content allegedly considered unethical by the Internet security firm, Palantir, and possibly illegal under U.S. law. According to emails sent and received by Steckman, Matthew Steckman: Was the first to correspond with Bank of America's legal representation, Hunton & Williams regarding Wikileaks, a publisher allegedly holding leaked documents from Bank of America; Was aware that Hunton & Williams had been recommended to Bank of America by the U.S. Listed emails also detail correspondance between employees of the firms HBGary and Palantir (including Aaron Barr and Matthew Steckman) among others, concerning the internet movement called Anonymous, its alleged connections to Wikileaks, and Aaron's Barr's research on Anonymous, including its alleged connections to Wikileaks.
B. 67. Morgan Stanley hit by China-based hackers: report. NEW YORK (Reuters) - Morgan Stanley experienced a "very sensitive" break-in to its network by the same China-based hackers who attacked Google Inc's computers more than a year ago, Bloomberg reported, citing leaked emails from an Internet security company. The emails from the Sacramento, California-based computer security firm HBGary Inc said that Morgan Stanley -- the first financial institution identified in the series of attacks -- considered details of the intrusion a closely guarded secret, the report said. Bloomberg quoted Phil Wallisch, a senior security engineer at HBGary, as saying that he read an internal Morgan Stanley report detailing the so-called Aurora attacks.
The HBGary emails don't indicate what information may have been stolen from Morgan Stanley's databanks or which of the world's largest merger adviser's multinational operations were targeted, according to the report. Representatives for HBGary were not immediately available for comment. HBGary Emails. Cryptome. Who is Anonymous' Commander X? Not this guy.
February 16, 2011, 9:39 AM — Benjamin Spock de Vries would like the world to know he is not a cyber terrorist. But if you read some of the 40,000+ emails that were stolen from HBGary Federal by Anonymous and posted on Pirate Bay, you might think otherwise. It seems Aaron Barr -- the CEO of HBGary Federal who thought he’d make a big splash by outing the leadership of Anonymous and instead ended up getting ridden hard and put away wet by the very hackers he sought to expose -- decided de Vries is in fact the mysterious Commander X, alleged puppetmaster of the Anonymous collective.
So he said as much in some of the thousands of private email conversations the Anons just shared with the world. [ See also: That new Facebook friend might just be a spy ] This did not make de Vries happy. “I am not Anonymous,” de Vries told me during an agitated phone conversation last night. What attack? The reason Barr thought De Vries was the elusive X? Ipso facto, de Vries is Commander X. Anonymous and the global correction. The tendency to relate past events to what is possible in the present becomes more difficult as the scope of the geopolitical environment changes.
It is a useful thing, then, to ask every once in a while if the environment has recently undergone any particular severe changes, thereby expanding our options for the future. Terminology, let alone our means of exchanging information, has changed to such a degree that many essential discussions in today's "communications age" would be entirely incomprehensible to many two decades ago. As the social, political and technological environment has developed, some have already begun to explore new options, seizing new chances for digital activism - and more will soon join in.
It is time for the rest of the world to understand why. Service denied Already, such organisations are being established across Tunisia, just as they will be established elsewhere as the movement proceeds. The seeds of cyber revolution For great justice. Anonymous victim HBGary goes to ground. 16 February 2011Last updated at 18:33 HBGary's website was replaced with a logo and statement from Anonymous The computer security company hacked by members of activist group Anonymous has gone to ground as further revelations about its activities leak online.
HBGary has cancelled its appearances at public events, saying that members of staff had been threatened. It follows the release of internal documents which appear to show the firm offered to smear Wikileaks' supporters. HBGary officials said the online messages could have been altered prior to publication. The company's founder, Greg Hoglund had been scheduled to give a talk at the RSA Security conference in San Francisco this week, but pulled out at the last minute. The company also withdrew from an associated exhibition. "In an effort to protect our employees, customers and the RSA Conference community, HBGary has decided to remove our booth and cancel all talks," it said in a statement posted on its website. Government payload. Session Start: Mon Feb 07 03:17:59 2011 Session. Anonymous speaks: the inside story of the HBGary hack. It has been an embarrassing week for security firm HBGary and its HBGary Federal offshoot.
HBGary Federal CEO Aaron Barr thought he had unmasked the hacker hordes of Anonymous and was preparing to name and shame those responsible for co-ordinating the group's actions, including the denial-of-service attacks that hit MasterCard, Visa, and other perceived enemies of WikiLeaks late last year. When Barr told one of those he believed to be an Anonymous ringleader about his forthcoming exposé, the Anonymous response was swift and humiliating. HBGary's servers were broken into, its e-mails pillaged and published to the world, its data destroyed, and its website defaced. As an added bonus, a second site owned and operated by Greg Hoglund, owner of HBGary, was taken offline and the user registration database published.
Anonymous: more than kids HBGary and HBGary Federal position themselves as experts in computer security. Time for an injection. IMG/pdf/WikiLeaks_Response_v6.pdf. Software Firewalls: Made of Straw? Part 2 of 2 | Symantec Connect. By Israel G. Lugo, Don Parker In ">part one of this article series we looked at how a personal firewall actually works and where it taps into the network stack to do its filtering. In part two we look at how easily the firewall's operation can be circumvented by inserting a malicious Trojan into the network stack itself. Fooling the firewall: LSP Trojan over port 80 Let's look at one case where a personal firewall's functionality can be circumvented. By inserting a malicious LSP (Layered Service Provider) into the protocol stack, a malicious application could effectively become a part of the protocol stack itself, able to borrow valid connections made by valid processes and ride on top of them, altering outgoing or incoming data at will.
What a better way for an attacker to send commands to his Trojan, and receive its output, than simply opening a valid and legitimate connection to, say, a valid public HTTP server running on the target machine? Software Firewalls: Made of Straw? Part 1 of 2 | Symantec Connect. By Israel G. Lugo, Don Parker The concept of a firewall still brings to mind the picture of an impenetrable brick wall, the unsurpassable magic protector of all that is good.
The bold statements made by today's security vendors only emphasize this, with claims of complete and automatic security, with a wall able to block all perils dead in their tracks using logic that perhaps didn't exist two years ago. But what if in reality the wall of the firewall is made of straw? To answer this question, we need to go over a few basic concepts. What does this mean from a design point of view? The first is at the actual packet level (layers 3 and 4 of the OSI model). The other component of the firewall works at a higher level, dealing with individual processes -- checking whether process X should be allowed to initiate a connection to a given host on a given port, whether it should be allowed to listen for connections on a given range of ports, and so on.
How is this done? The packet filter.