Thursday, August 28, 2014

Former Cyber Security Chief in Charge of Obamacare Site Going to Jail for Heinous Online Activities

A former acting director of cyber security with top clearance at the Department of Health and Human Services has been convicted of several child pornography charges, after a yearlong investigation by the FBI.
As reported by the New York Daily News:


Timothy DeFoggi, 56, was found guilty of engaging in a child exploitation enterprise, conspiracy to advertise and distribute child pornography and accessing a computer with intent to view child pornography. He was listed as an employee with top clearance at the HHS up until January 2014, though he was charged and held without bail in May 2013.

But DeFoggi wasn’t only looking at pornographic pictures. It’s far worse than that.

His activities on the site included accessing child pornography and expressing sexual fantasies — including raping and murdering children — in his communication with other site members. DeFoggi even suggested meeting one member in person to fulfill their mutual fantasies to violently rape and murder children,” the Department of Justice said of DeFoggi’s activities.
Read more here.

Tuesday, August 5, 2014

FinFisher spyware docs detail surveillance limitations

A parody Gamma International Twitter account is releasing secret documents that detail FinFisher spyware limitations, spying modules, mobile capabilities, price list and antivirus detection of the malware typically sold to governments.

“Phineas Fisher” aka @GammaGroupPR, a parody Twitter account of the Gamma Group that specializes in FinFisher spyware, certainly knows how to snag attention. Its very first tweet announced, “Here at Gamma International, we've run out of governments to sell to, so we're opening up sales to the general public!”

Then come the links to leaked FinFisher documents stored in Dropbox, including a product brochure featuring FinFisher’s selection of monitoring software and capabilities (pdf), user manual with troubleshooting tips for setting up a FinSpy server, price list, release notes for FinSpy Mobile 4.51, and another document that spells out how well the spyware does on Windows Mobile devices.
WikiLeaks Spy Files first released documents detailing FinFisher in 2011. Citizen Lab research from 2012 showed how the sneaky FinFisher surveillance had gone mobile. The leaked documents via @GammaGroupPR are the newest, with some dated April 2014.

Read more here.

Friday, August 1, 2014

Hackers Tap Into USB Devices, Evade All Known Security Protections

BOSTON (Reuters) - USB devices such as mice, keyboards and thumb-drives can be used to hack into personal computers in a potential new class of attacks that evade all known security protections, a top computer researcher revealed on Thursday.

Karsten Nohl, chief scientist with Berlin's SR Labs, noted that hackers could load malicious software onto tiny, low-cost computer chips that control functions of USB devices but which have no built-in shields against tampering with their code.

"You cannot tell where the virus came from. It is almost like a magic trick," said Nohl, whose research firm is known for uncovering major flaws in mobile phone technology.
The finding shows that bugs in software used to run tiny electronics components that are invisible to the average computer user can be extremely dangerous when hackers figure out how to exploit them. Security researchers have increasingly turned their attention to uncovering such flaws.