Operation Endeavour: The Tip of the Iceberg?

In mid January 2014, reports began emerging of a cybersex ring that had recently been under investigation in the Philippines. Crime agencies across the UK, USA, Australia and the Philippines themselves have been working together since 2012 on a case codenamed Operation Endeavour, and recently results have started to be published in the media.

To date, the operation has seen twenty-nine arrests across twelve countries, with fifteen children identified as targets. The case is still ongoing, and more arrests are expected in the coming weeks. In the midst of a series of recent stories about child abuse both on the internet and offline, including the arrest of Lostprophets’ lead singer Ian Watkins, it may seem reasonable to conclude that the sharing of indecent content depicting children is at an all-time high. But is this true? Have the international legal authorities been seeing more crimes against children than ever before? And what challenges do they face when investigating such cases?

Police get tool for patrolling social media

1. Criminals are not always the smartest people. Most don’t tip off the police by bragging about a bank robbery on YouTube, but criminals do use social media to communicate, and police are paying attention.
2. In a move that law enforcement officers might “like,” LexisNexis Risk Solutions’ Social Media Monitor will allow police to watch all social media channels to look for signs of criminal activity. As a new feature of the larger LexisNexis Accurint for Law Enforcement platform, Social Media Monitor lets law enforcement agencies discover risks and threats by leveraging social media. The system can target critical incidents such as gang violence, drug dealing, crimes against children and human trafficking.
3. The program is already being beta tested at several agencies and local police forces across the county.
4. According to LexisNexis, the impetus to create the program was a survey of 1,200 law enforcement officers that showed that four out of five of them research social media when pursuing cases. And when challenged, the use of social media sites as evidence for search warrants held up in court 87 percent of the time. But without a dedicated social media tool, officers are on their own when conducting investigations.
5. Social Media Monitor can alert officers to potential areas of concern and help them identify posts or tweets within specific geographic locations. By entering a few search terms, law enforcement personnel are provided with a social canvas within minutes, adding a virtual dimension to traditional public records data. In a recent demonstration, LexisNexis officials showed how monitoring the Twitter feeds of gang members could help them learn code words, drug drops, meeting locations and criminal trends within cities or even larger demographic areas.
6. Social Media Monitor is a Web-based platform with no software to install. It can work within specific geographical or jurisdictional areas and comes with a dashboard that allows officers to filter search results as needed.
7. The program looks to be an elegant way of searching the huge ocean of social media and could empower individual officers as well as whole groups and departments. I plan to follow-up with a full report on how the program is working once local officers have some more time with this fascinating piece of emerging technology. They may have a few success stories to share as well.
8. Read More at http://goo.gl/b1qTU4

Digital forensic tools dig up hidden evidence faster

nShare

Digital forensic tools dig up hidden evidence faster

• By GCN Staff ,Jan 15, 2014

Government investigators and law enforcement officials filtering and searching for forensic evidence on computers can be overwhelmed by the frequency and complexity of digital investigations.
AccessData, a developer of stand-alone and enterprise-class digital investigation tools, has added features to its Forensic Toolkit that offer greater visibility into digital elements and artifacts left on computers to help ensure evidence is not missed.
Forensic Toolkit (FTK) version 5.1 now includes native support for Microsoft’s Volume Shadow Copy (VSC), a technology that allows taking manual or automatic backup copies or snapshots of data at a specific point in time over regular intervals. 
Now investigators can “easily identify and quickly examine ‘digital artifacts’ across different points in time, while leveraging all of the advanced features of FTK,” said Brian Karney, AccessData’s COO and president.

Full article at http://goo.gl/P3xjUB

Cops: Stamford Man Busted with Over 500 Child Porn Images on Computer

1. Stamford Police announced late Thursday the arrest of a 43-year-old man on charges that he was in possession of more than 500 images of child pornography on his computer.  
2. According to Lt. Diedrich Hohn, the Stamford Police Department's Digital Forensics Unit (DFU), in collaboration with the States Attorney's Office, conducted an investigation into Efrain Martinez-Guiterrez after the DFU received information in October 2013 that hundreds of images of child pornography were being downloaded at his 31 Stephen Street address. 
3. On January 9, 2014, DFU executed a search warrant at the location and discovered numerous computers that could have been responsible for the downloads, Hohn said. The computers were seized, along with phones and thumb drives that belonged to multiple residents of a basement apartment there. It was then extensively analyzed, Hohn said. 
4. Hohn said it was determined the computer belonging to Martinez-Gutierrez contained over 500 images of child pornography on his hard drive. An arrest warrant was applied for and the suspect was located and arrested on January 16, 2014. 
5. Martinez-Gutierrez was charged with first-degree possession of child pornography, importing child pornography and obscenity. He was held in lieu of a $75,000 bond. 
6. Hohn acknowledged the work of Officers Kevin McKay and Mark Sinise for their "diligent work on this sensitive investigation."

details of more than 18,000 members of the ‘Verified' Eastern European cyber crime forum were leaked by a rival gang.

18,000 suspected cyber criminals 'shopped' by rival gang

18,000 suspected cyber criminals 'shopped' by rival gang

A major breakthrough in the fight against global cyber crime has come after details of more than 18,000 members of the ‘Verified' Eastern European cyber crime forum were leaked by a rival gang.

The information, held on a stolen database uploaded to Sendspace, includes the identities, passwords and IP addresses of 18,894 suspected criminals, as well as their private messages discussing crimes, which supposedly include online fraud attacks against British, American and Australian banks.

Experts say this is the first time such a goldmine of information has come into the hands of police and intelligence agencies, giving them the chance to catch some of the world's most notorious cyber criminals. It also could allow them to infiltrate other cyber crime forums by using shared passwords.

Read full report at http://www.scmagazineuk.com/18000-suspected-cyber-criminals-shopped-by-rival-gang/article/328803/

"In our high school, almost everyone in the 11th and 12th grade did it"

1. It's easy to tell which kids in this town have helped to make it a global center for criminal hacking and Internet scams.
2. They're the pupils who come to school wearing the best clothes and gold jewelry in a region of Romania where chickens are raised in yards and roads are full of potholes.
3. This is how the Romanians have expressed their hacking operations carried out of US firms.

read full story at http://goo.gl/mAlrHl

Craziest Linux Distributions

1. Ubuntu Satanic Edition: To be honest, this OS doesn’t really fit the name. Based on the Ubuntu 10.10 platform, this one seems more to be a dark themed distribution. But, it shows that there is at least one Ubuntu distro for everyone. You can download a live CD (called the ‘undead CD’) for this one if you want to try it. It was discouraged by many Linux users and many protested and complained against it.
2. Hannah Montana Linux: Sometimes go your own way results in an excessively pink desktop background. Based on popular children’s character Hannah Montana, this OS was created to attract young users. It is a derivative of the Kubuntu OS, which changes the KDE menu to the Hannah Montana Menu. In addition, it doesn’t have applications like GIMP, LibreOffice or KOffice, which many who downloaded this OS complained against.
3. Red Star OS: From Satanists and Hannah Montana fans to politicians. Red Star was the first ever politics themed Linux-based distribution created. It came up in North Korea back in 2002 in an effort made to replace Microsoft’s Windows as the primary OS of choice. It is available only in the Korean language and hosts a customised version of Mozilla Firefox, which is known as Naenara. It uses KDE 3.
4. Apartheid Linux: This is perhaps the most offensive Linux-based distribution ever created. As the name suggests, Apartheid Linux is a racially charged operating system. It is based on the PCLinuxOS and comes with wallpapers of the swastika etc. 

 Source http://goo.gl/Lbb6hj

World's first insured bitcoin vault opens in UK

1. The new bitcoin storage service offering insurance in UK, named Elliptic Vault, uses "deep cold storage" techniques to secure the digital currency.
2. bitcoin keys are encrypted and stored offline. There are multiple copies, protected by layers of cryptographic and physical security.
3. The copies are accessible only via a quorum of Elliptic's directors.

Cards Stolen in Target Breach Flood Underground Markets

Credit and debit card accounts stolen in a recent data breach at retail giant Target have been flooding underground black markets in recent weeks, selling in batches of one million cards and going for anywhere from $20 to more than $100 per card, KrebsOnSecurity has learned.

See more at http://goo.gl/AQX8mk

More Well-known US Retailers Victims of Cyber Attacks

Target Corp and Neiman Marcus are not the only U.S. retailers whose networks were breached over the holiday shopping season last year, according to sources familiar with attacks on other merchants that have yet to be publicly disclosed.

 

Smaller breaches on at least three other well-known U.S. retailers took place and were conducted using similar techniques as the one on Target, according to the people familiar with the attacks. Those breaches have yet to come to light. Also, similar breaches may have occurred earlier last year.

http://goo.gl/otwMQx

Spotting the latest email hoaxes may be easier than you think!

1. Spotting the latest email hoaxes may be easier than you think!
2. There are thousands of email hoaxes moving around the Internet at any given time. Some may be the latest email hoaxes around. Others may be mutated versions of hoax messages that have travelled the Internet for years. These email hoaxes cover a range of subject matter, including:

• Supposedly free giveaways in exchange for forwarding emails.
• Bogus virus alerts.
• False appeals to help sick children.
• Pointless petitions that lead nowhere and accomplish nothing.
• Dire, and completely fictional, warnings about products, companies, government policies or coming events.

Source of information thanks to hoax slayer.read more at http://goo.gl/eDNIWZ

Introduction to Penetration Testing

1. What is penetration testing? Penetration testing, often called “pentesting”,“pen testing”, or “security testing”, is the practice of attacking your own or your clients’ IT systems in the same way a hacker would to identify security holes. Of course, you do this without actually harming the network. The person carrying out a penetration test is called a penetration tester or pentester.
2. You can become a penetration tester at home by testing your own server and later make a career out of it.

https://community.rapid7.com/docs/DOC-2248

Ten torrents sites to be aware of

01. extratorrent.com

02. bitenova.nl

03. fenopy.com

04. torrentat.org

05. fulldls.com

06. spynova.org

07. 2torrents.com

08. scrapetorrent.com

09. litebay.org

10. torrents.to

Cyber Psycho-analysis: A new buzz word

Soft-skills might become more important in the cyber war as criminals are expected to employ new strategies focusing not solely on the technology but on the user and his or her psychology. The tactics may include more convincing phishing emails and leveraging pop culture to trick the users.

'Syrian Electronic Army' hacks Skype's accounts in social networks

1. Hackers from the so-called “Syrian Electronic Army” have got access to the blog and the official accounts in social networks that are hosted by Skype. The intruders used the hacked facilities for placing messages criticizing NSA's programs of mass surveillance, the TechCrunch edition writes.
2.  One of the messages that the hackers placed in Twitter calls on Web users not to use post services run by Microsoft, such as Hotmail or Outlook. The hackers are claiming that these services are surveying their clients' accounts and selling information to the governments.
3.  At present, the hackers' messages at the Skype's blog and page in Facebook have already been removed, while the messages in Skype's microblog in Twitter are still there.
4. Read more: http://voiceofrussia.com/news/2014_01_08/Sweden-fell-victim-of-foreign-hackers-intelligence-0261/

 

Sweden fell victim of foreign hackers - intelligence

1. Hacking attacks last yer targeting a number of Swedish state institutions, companies and colleges were masterminded by foreign intelligence services, the country: Local news agency has cited a source in Swedish intelligence.
   Read more: http://voiceofrussia.com/news/2014_01_08/Sweden-fell-victim-of-foreign-hackers-intelligence-0261/

 

Digital Forensics Framework

1. DFF (Digital Forensics Framework) is a free and Open Source computer forensics software built on top of a dedicated Application Programming Interface (API).
2. It can be used both by professional and non-expert people in order to quickly and easily collect, preserve and reveal digital evidences without compromising systems and data.
3.   

   Preserve digital chain of custody

   Software write blocker, cryptographic hash calculation
   

   Access to local and remote devices

   Disk drives, removable devices, remote file systems
   

   Read standard digital forensics file formats

   Raw, Encase EWF, AFF 3 file formats
   

   Virtual machine disk reconstruction

   VmWare (VMDK) compatible
   

   Windows and Linux OS forensics

   Registry, Mailboxes, NTFS, EXTFS 2/3/4, FAT 12/16/32 file systems
   

   Quickly triage and search for (meta-)data

   Regular expressions, dictionaries, content search, tags, time-line
   

   Recover hidden and deleted artifacts

   Deleted files / folders, unallocated spaces, carving
   

   Volatile memory forensics

   Processes, local files, binary extraction, network connections
4. Read more at http://goo.gl/XIyxiq

FireEye Buys Mandiant for Nearly $1 Billion to Stamp Out Cyber Attacks

CHECK OUT MORE AT

http://www.computerworld.in/news/fireeye-buys-mandiant-for-nearly-$1-billion-to-stamp-out-cyber-attacks

FireEye Buys Mandiant for Nearly $1 Billion to Stamp Out Cyber Attacks - See more at: http://www.computerworld.in/news/fireeye-buys-mandiant-for-nearly-$1-billion-to-stamp-out-cyber-attacks#sthash.rV1pmBBK.dpuf

ireEye, a major enterprise security company, is hoping to better shield its customers from cyberattacks through its acquisition of privately held Mandiant for nearly US$1 billion. - See more at: http://www.computerworld.in/news/fireeye-buys-mandiant-for-nearly-$1-billion-to-stamp-out-cyber-attacks#sthash.rV1pmBBK.dpufireEye, a major enterprise security company, is hoping to better shield its customers from cyberattacks through its acquisition of privately held Mandiant for nearly US$1 billion. - See more at: http://www.computerworld.in/news/fireeye-buys-mandiant-for-nearly-$1-billion-to-stamp-out-cyber-attacks#sthash.rV1pmBBK.dpuf

Now Bitcoin Malwares Target Personal Computers

New Delhi: Bitcoin craze is turning into a fertile ground for cyber fraudsters as thousands of computers, including in India, are being infected with malwares related to the virtual currency. The findings of a survey, that has pegged the count of computers infected with bitcoin related malware at least 12,000, comes at a time when regulators worldwide have flagged money laundering concerns about this popular virtual currency.


Chech more at http://goo.gl/Sxj3vv