Archive for January 2009
Taken
Object Lesson 1: Never let a 17 year old girl travel ALONE to Paris
Object Lesson 2: If you are traveling outside the country DO NOT give out too much information about your vulnerabilities.. Like, hey, we’re 17 and staying ALONE in Paris at this apartment that we brought you to by cab!
Object Lesson 3: Do not piss off an ex operative for the CIA played by Liam Neeson by taking his daughter. Death is soon to follow… A painful one at that.
EDIT: MY FAVORITE PART
Sheik holding daughter in front as a human shield: “We can make a”
Liam with 9mm: BLAM
Sheik: Falls dead from headshot
Ahhhh….
Fannie Mae Logic Bomb
A logic bomb allegedly planted by a former engineer at mortgage finance company Fannie Mae last fall would have decimated all 4,000 servers at the company, causing millions of dollars in damage and shutting down Fannie Mae for a least a week, prosecutors say. 
Unix engineer Rajendrasinh Babubha Makwana, 35, was indicted (.pdf) Tuesday in federal court in Maryland on a single count of computer sabotage for allegedly writing and planting the malicious code on Oct. 24, the day he was fired from his job. The malware had been set to detonate at 9:00 a.m. on Jan. 31, but was instead discovered by another engineer five days after it was planted, according to court records.
Makwana, an Indian national, was a consultant who worked full time on-site at Fannie Mae’s massive data center in Urbana, Maryland, for three years.
On the afternoon of Oct. 24, he was told he was being fired because of a scripting error he’d made earlier in the month, but he was allowed to work through the end of the day, according to an FBI affidavit (.pdf) in the case. “Despite Makwana’s termination, Makwana’s computer access was not immediately terminated,” wrote FBI agent Jessica Nye.
Five days later, another Unix engineer at the data center discovered the malicious code hidden inside a legitimate script that ran automatically every morning at 9:00 a.m. Had it not been found, the FBI says the code would have executed a series of other scripts designed to block the company’s monitoring system, disable access to the server on which it was running, then systematically wipe out all 4,000 Fannie Mae servers, overwriting all their data with zeros.
“This would also destroy the backup software of the servers making the restoration of data more difficult because new operating systems would have to be installed on all servers before any restoration could begin,” wrote Nye.
As a final measure, the logic bomb would have powered off the servers.
The trigger code was hidden at the end of the legitimate program, separated by a page of blank lines. Logs showed that Makwana had logged onto the server on which the logic bomb was created in his final hours on the job.
So wait wait, let me see here. This guy was being fired for some error he had made in a script earlier in the month? But he was capable enough to formulate a plan and a script hidden within another script to destroy (albeit locally) all their data? What’s wrong with this picture huh? Sure, they did find the script, I will give them that, and perhaps he did not hide it well enough but, wtf?
Here are the critical errors that Fannie Mae made… Other than being another fuck ass piggy corrupt company.
1) They fired this guy and let him work the rest of the day? This implies a couple things
A) They had NO IDEA what he had been up to
B) They have NO FUCKING CLUE on how to deal with terminations
When you term someone you freeze their accounts and walk them out. It’s nice to think that you can tell someone they are losing their job and let them finish the day, but you have to be seriously smoking crack to think that they will not even think of retaliation or theft on the way out. Dumbasses.
2) Their termination reason seems somewhat off. I don’t buy it really. I think that they were up to something else. Perhaps they had suspicions that he was up to no good. Or, maybe they just wanted to let him go and have a semi-reasonable cover story for doing so. In the end, yeah, they were right to do so, but oh so wrong on follow through.
3) Ok, he wasn’t so much a mental genius. Hiding the code after two pages of blank? Yeah, next time hide it elsewehere fella.
All in all, I have seen the inside of the likes of Fannie Mae and they tend to be the WORST when it comes to security. Especially where security policies and procedures come to play. I am willing to bet that they did not even have a policy on terminations that involved immediate lockouts and walking out of the building. If they indeed did, then they were probably not following policy and procedure on a regular basis.
Ass clowns.
Now, they had better give the IT guy who found the logic bomb some bonus love… Or else they could find themselves with another disgruntled employee… Who has access and means….
You feelin me Fannie?
AQIM Algeria: Yersinia Pestis Update
Now some analysts dismissed outright this story saying it was totally fallacious. But a few observations at this point give credibility to this story, even though one cannot be sure of the provenance of the plague. Consider the following:
1. Algerian authorities have been totally silent. Reliable sources usually willing to share information declined to comment on this report. As can be expected, Algerians authorities were not too pleased that the story was confirmed by American sources. Indeed the Washington Times confirmed through a senior U.S. intelligence official that an incident had taken place at an AQIM training camp that had to be shut down as a result.
2. Coincidence or not: 60 terrorists from AQIM from Tizi Ouzou (the same region where the incident allegedly occurred) decided to surrender to the authorities. It is very rare that such a large number of AQIM operatives defect at the same time. That could mean that they possibly got really scared by what had taken place in the training camp and did not want to get involved in biological weapon experimentation that could likely result in their deaths.
3. Over a year ago, Pakistani terrorists came to train in AQIM training camps and may have one way or another contributed to the production of that biological agent. Interestingly, the Washington Times mentions an intercepted communication between AQIM leaders and AQ Central in Pakistan relating the mishap.
4. Al-Qaida operatives in Europe had tried to develop biological weapons in the recent past. In France, Menad Benchelalli, a terrorist specialized in poisons had produced small amounts of ricin and Botulinum toxin that he intended to release in France. He was arrested in 2002. Then in 2003, British authorities arrested seven individuals accused of also producing ricin.
5. AQIM was “hired” by AQ central mostly because of their extensive network in Europe that could allow them to strike Europe at some point. AQIM’s leadership has been under intense pressure to attack European targets in order to maintain its credibility. In fact, by not using a “conventional” weapon, AQIM would prove its value to AQ Central. If the group was indeed developing a biological weapon, it was surely destined for delivery in Europe, and most likely in France.
Interestingly, AQIM did not wait long to refute this story. On Jan. 21, in a communiqué the group accused “some hypocrites who quoted their masters at the Algerian intelligence agency” of being behind this false story. The group also noted that this story was planted to dry up the well of new AQIM recruits. If indeed that is the case, it might be a very smart strategy that maybe should be copied.
Another explanation for the alleged deaths of the AQIM operatives is very bad hygienic situation in the camps. Indeed, several former AQIM terrorists told the Algerian En-Nahar newspaper that living conditions are horrendous and that numerous deaths resulted from poor hygiene. They add that the AQIM emirs (chiefs) quarantine the sick right away, because the disease propagates itself very quickly.
Whatever the explanation, it seems that there have been unexplained deaths among AQIM operatives. At this point, the developments of this story and its possible implications need to be closely monitored. Indeed a nightmarish scenario could unfold if one of the infected individuals boarded a flight to Paris, London or New York. This person could become de-facto the means of “delivering” the weapon.
Since it’s all gone quiet, I suspect that the AQIM got their hands on some local YP (a body etc) or were storing some for a future mission and someone fucked up. Either way, I somehow doubt that it was all just an accidental infection that became aerosol… Possible, but given their history with CBRN play, I think its a safe bet.
Just how long will it be before AQ gets their hands on something a bit more “refined” one has to wonder. Their stated goal is to do so, and they are a patient bunch…
Thrift store MP3 player contains secret military files
(CNN) — A man walks into a thrift store.
It sounds like the opening line to a bad joke. And this case was a bad joke — for the Pentagon.
Chris Ogle of New Zealand was in Oklahoma about a year ago when he bought a used MP3 player from a thrift store for $9. A few weeks ago, he plugged it into his computer to download a song, and he instead discovered confidential U.S. military files.
“The more I look at it, the more I see, and the less I think I should be,” Ogle said with a nervous laugh in an interview with TVNZ.
The files included the home addresses, Social Security numbers and cell phone numbers of U.S. soldiers. The player also included what appeared to be mission briefings and lists of equipment deployed to hot spots in Afghanistan and Iraq. Most of the information appears to date to 2005.
The New Zealand journalist who first reported the story was able to contact at least one of the soldiers by dialing a phone number found in the files. He hung up once she explained why she was calling. 
Pentagon officials told CNN that they are aware of the MP3 player, but can’t talk about it until investigators confirm that the information came from the U.S. Department of Defense.
“The government isn’t doing a good job of protecting the information that it collects,” said Marc Rotenberg of the Electronic Privacy Information Center in Washington.
Despite government efforts to protect sensitive information, this is a growing problem, privacy experts say.
Two years ago, the Department of Veterans Affairs lost track of a laptop with the personal information of millions of soldiers. And computer hard drives with classified military information have been found for sale at street markets in Afghanistan.
“When you can identify American personnel, when you have their names, their home address, their cell phone numbers, you put people in a dangerous position,” Rotenberg said.
In this case, the personal information for several hundred soldiers landed in friendly hands. Ogle told CNN the MP3 player is being kept in a safe place and he will happily turn it over to U.S. military officials if they ask for it.
Yeah, just when will the military learn to disallow autorun AND to abolish the ability to use any USB drive on their systems?
Geez…
What you didn’t hear about in the news… At least I didn’t
Washington Regional Threat and Analysis Center
Daily Summary, #2009-036
Friday, 16 January 2009
UNCLASSIFIED //FOR OFFICIAL USE ONLY //LAW ENFORCEMENT SENSITIVE
FBI FIELD INTELLIGENCE GROUPS:
9 December 2008 Discovery of Radiological Dispersal DeviceComponents, Literature, and Radioactive Material at the Maine Residence of an Identified Deceased US Person
On 9 December 2008, radiological dispersal device components and literature, and radioactive materials, were
discovered at the Maine residence of an identified deceased USPER James Cummings. Cummings had possible
ties to white supremacist groups.
On 9 December 2008, four one-gallon containers of 35 percent hydrogen peroxide, lithium metal, thermite,
aluminum powder, beryllium, boron, black iron oxide, and magnesium ribbon were discovered at the
Cummings’ residence. (FBI comments: Literature on constructing ‘dirty bombs’; information referring to
cesium-137, strontium-90, and cobalt-60; and possible evidence linking James Cummings to white
supremacist groups were also discovered.)
(Source comments: Amber Cummings admitted to the shooting death of her husband James Cummings
citing years of mental, physical, and sexual abuse. Amber Cummings retained legal counsel upon being
questioned by law enforcement about any involvement with white supremacists. James Cummings was reported
to have inherited two million dollars and to have resided in multiple states prior to relocating to Maine.)
Amber Cummings indicated James was very upset with Barack Obama being elected President. She
indicated James had been in contact with ‘white supremacist group(s)’. Amber also indicated James mixed
chemicals in the kitchen sink at their residence and had mentioned ‘dirty bombs’. (Source comment: State
authorities detected radiation emissions in four small jars in the residence labeled ‘uranium metal’, as well as
one jar labeled ‘thorium.’ The four jars of uranium carried the label of an identified US company.)
FBI comment: Further preliminary analysis on 30 December 2008 indicated an unlabeled jar to be a second jar of
thorium. Each bottle of uranium contained depleted uranium 238. Analysis also indicated the two jars of
thorium held thorium 232.
An application for membership in the National Socialist Movement, which had been completed by James
Cummings was discovered.
FBI comments: Uranium, thorium, cesium-137, strontium-90, and cobalt-60 are radioactive isotopes. 35 percent hydrogen peroxide is a necessary precursor for the manufacture of peroxide-based explosives. Lithium metal, thermite, and aluminum are materials used to sensitize and amplify the effects of explosives. The identified US Company in this report sold the depleted uranium online.
Source: FBI IIR 4 218 1563 09
Found with Google while performing some Google hacking. Now, has anyone else heard about this in the media? I Googled some of the key names etc and did not come up with anything from any of the mainstream media.
Just thought you all might like to know…
Witches of Cornwall
Over the centuries, many in the British Isles have appealed to witches in times of need–to cure a toothache, concoct a love potion, or curse a neighbor. Witchcraft, the rituals of a number of pagan belief systems, was thought to offer control of the world through rites and incantations. Common as it has been over the past several centuries, the practice is secretive and there are few written records. It tends to be passed down through families and never revealed to outsiders. But archaeologist Jacqui Wood has unearthed evidence of more than 40 witchy rituals beneath her own front yard, bringing to light an unknown branch of witchcraft possibly still practiced today. 
Wood’s home is in the hamlet of Saveock Water in Cornwall, a county tucked in the far southwest corner of the country. For thousands of years people have raised crops and livestock in its fertile valleys, and its coastline of dramatic cliffs, secluded coves, and pounding surf was once a haunt for smugglers. Cornwall is a place time forgot; steeped in folklore, myth, and legend; and purported to be inhabited by pixies, fairies, and elves. So it should come as no surprise that it has also been home to the dark arts.
When I visit Saveock Water it is raining, which adds to its unearthly atmosphere. Wood, a warm lady with sparkling hazel eyes, greets me in her cozy white-washed barn while rain hammers on the roof. She moved to Saveock Water 15 years ago because it was an ideal location for her work in experimental archaeology, replicating ancient techniques, including those used in farming or metallurgy. Since then she has carried out her experiments, such as growing ancient crop varieties, unaware of what lay under her fields. In the late 1990s, Wood decided to do some metalwork research by re-creating an ancient kind of furnace. “I dug down into the ground to construct a shelter close to the furnace and I discovered a clay floor,” she says.
Full story at Archaeology Magazine
I found this story interested on many levels. One the one hand, the idea of myself living in Saveock someday is appealing. It seems quite a nice area of the UK and I would love someday to have a quiet cottage in a place like that. On the other hand, the whole archaeological process here is rather interesting. These “wells” or “holes” being actual ritual places and the process by which they have been determined to be so is fascinating. I also would love to and have thought about in the past, volunteering for a dig or two myself.
The last piece of the puzzle is that they carbon dated the sites and they spanned from pre-history to the 1950’s. Quite interesting in a “Wicker Man” sense!
Mac OS X research warns of stealthier attacks
Mac OS X research warns of stealthier attacks
, The Register 2009-01-22
A computer security researcher has discovered a new way to inject hostile code directly into the memory of machines running Apple’s OS X operating system, a technique that makes it significantly harder for investigators to detect Mac attacks using today’s forensics practices. 
The technique, which Italian researcher Vincenzo Iozzo plans to detail at the Black Hat security conference in Washington next month, makes it possible to carry out stealthy Mac attacks that until now have not been possible. The in-memory injection approach allows unauthorized software to be installed on a Mac without leaving traces of the attack code or other tell-tale signs that the machine has been compromised.
It just goes to show that even in a well designed system where the memory is randomized, there still is one memory spot that “needed” to be static. It was that static bit that brought down the security of that system’s design intent. I would also add that all those mac heads out there who think Mac OSX is invincible.. Think again…
The Obama Administrations Mandate on CyberSec
Did you ever have a dream Neo that seemed so real?
From the whitehouse.gov site
“We are here to do the work that ensures no other family members have to lose a loved one to a terrorist who turns a plane into a missile, a terrorist who straps a bomb around her waist and climbs aboard a bus, a terrorist who figures out how to set off a dirty bomb in one of our cities. This is why we are here: to make our country safer and make sure the nearly 3,000 who were taken from us did not die in vain; that their legacy will be a more safe and secure Nation.”
— Barack Obama, Speech in the U.S. Senate, March 6, 2007
The first responsibility of any president is to protect the American people. President Barack Obama will provide the leadership and strategies to strengthen our security at home.
Barack Obama and Joe Biden’s strategy for securing the homeland against 21st century threats is focused on preventing terrorist attacks on our homeland, preparing and planning for emergencies and investing in strong response and recovery capabilities. Obama and Biden will strengthen our homeland against all hazards -– including natural or accidental disasters and terrorist threats — and ensure that the federal government works with states, localities, and the private sector as a true partner in prevention, mitigation, and response.
- Strengthen Federal Leadership on Cyber Security: Declare the cyber infrastructure a strategic asset and establish the position of national cyber advisor who will report directly to the president and will be responsible for coordinating federal agency efforts and development of national cyber policy.
- Initiate a Safe Computing R&D Effort and Harden our Nation’s Cyber Infrastructure: Support an initiative to develop next-generation secure computers and networking for national security applications. Work with industry and academia to develop and deploy a new generation of secure hardware and software for our critical cyber infrastructure.
- Protect the IT Infrastructure That Keeps America’s Economy Safe: Work with the private sector to establish tough new standards for cyber security and physical resilience.
- Prevent Corporate Cyber-Espionage: Work with industry to develop the systems necessary to protect our nation’s trade secrets and our research and development. Innovations in software, engineering, pharmaceuticals and other fields are being stolen online from U.S. businesses at an alarming rate.
- Develop a Cyber Crime Strategy to Minimize the Opportunities for Criminal Profit: Shut down the mechanisms used to transmit criminal profits by shutting down untraceable Internet payment schemes. Initiate a grant and training program to provide federal, state, and local law enforcement agencies the tools they need to detect and prosecute cyber crime.
- Mandate Standards for Securing Personal Data and Require Companies to Disclose Personal Information Data Breaches: Partner with industry and our citizens to secure personal data stored on government and private systems. Institute a common standard for securing such data across industries and protect the rights of individuals in the information age.
Protect Our Information Networks
Barack Obama and Joe Biden — working with private industry, the research community and our citizens — will lead an effort to build a trustworthy and accountable cyber infrastructure that is resilient, protects America’s competitive advantage, and advances our national and homeland security. They will:
I hope that this can be made reality. There is a lot of work to do to get the assclowns in the private as well as the public sectors to make a change. It remains to be seen whether he can enforce these things… But, if we don’t take a stand, you had better start learning Chinese.
Loose Nukes
Exclusive: How Secure are Nukes in the U.S.?
- “War is a deception. A war is actually won through artfulness and wise and judicious actions. If one side has more weapons and means than the other side, but does not know the tricks of war and the ways of entrapping the enemy, it will lose the war despite its material superiority”.
- “Personal qualities required for fighters on the Islamic front. PATIENCE. The first quality that has been stressed is that of patience, without which no struggle can be waged for any cause”.
Krypt3ia 