2015年1月24日 星期六

---Posted by chivalrous *Anonymous Legion (1) air strikes message ISIS / ISIL's [Military Airstrikes Continue Against #Syria and #Iraq:.! Http://www.centcom.mil/en/news/articles/jan.- 24-military-airstrikes-continue-against-isil-in-syria-and-iraq ...] -. (2) Army camouflage anonymous '' LulzSecMafia Pwns '' brought to light whereabouts on Twitter, be anonymous legion discover, expose its scandalous '' LulzSecMafia Pwns #Sweden '' - (3) Syrian Army electronic hacker Twitter account,, French newspaper Le Monde and Le Monde accused the Syrian government of supporting terrorism in France. - (4) Where the layout of the network between the US and China red => Iranian hackers are there blood on Iran's nuclear program as the United States continued destruction of the consequences. <= (5) .DDoS on the rise: the AK-47 of cybercrime [http://blog.phishlabs.com/ddos-on-the-rise-the-ak-47-of-cybercrime ...] - (6 ) .. Chinese cyber elements now hack Microsoft Outlook [http://securitygladiators.com/2015/01/20/chinese-hack-microsoft-outlook/] - (7) .CoinFire site and Twitter account hacked [http: // cointelegraph.com/news/113353/coinfire-site-and-twitter-account-hacked ...] - (8) .It's Windows "10" because it's 10 years behind #opensource ~ [Http://www.computerworlduk.com/blogs/open-ent] - ---由俠義匿名軍團發佈(1).在ISIS/ISIL的空襲消息![Military Airstrikes Continue Against #Syria and #Iraq: http://www.centcom.mil/en/news/articles/jan.-24-military-airstrikes-continue-against-isil-in-syria-and-iraq …]-(2).僞裝匿名軍團的''LulzSecMafia Pwns''在推特上敗露行蹤,被匿名軍團及時發現,揭露其醜行''LulzSecMafia Pwns #Sweden''-(3).敘利亞陸軍電子黑客Twitter賬戶法國世界報,,指責說世界報和法國政府的支持恐怖主義的敘利亞。-(4).凡繪製網絡紅線美國和中國之間=>伊朗的黑客都在那裡血液作為對伊朗核計劃美國持續的破壞後果 。 <=(5)在上升.DDoS:在AK-47網絡犯罪[http://blog.phishlabs.com/ddos-on-the-rise-the-ak-47-of-cybercrime...] - (6)..中國網絡元素現在破解的Microsoft Outlook[http://securitygladiators.com/2015/01/20/chinese-hack-microsoft-outlook/] - (7).CoinFire網站和Twitter賬戶黑客攻擊[HTTP:// cointelegraph.com/news/113353/coinfire-site-and-twitter-account-hacked...] - (8)。它的Windows的“10”,因為它的背後#opensource10年〜[HTTP:// WWW。 computerworlduk.com/blogs/open-ent] - **USA/UK/SEAOUL KOREAN/TW/MACAU(FDZ)/HKS/FR/JP/UKN/DE/FA/POL/VI/ESP`/CO/ARG/PY/MEX/MO/AUST./RU/HO/MAL/NW/CA/IT/PH/Swedis/Mongolian/TUR/Arabic/Latin/INDON./Greek/Dansk/THAI/......All the world lauguage**-

---Posted by chivalrous *Anonymous Legion (1) air strikes message ISIS / ISIL's [Military Airstrikes Continue Against #Syria and #Iraq:.! Http://www.centcom.mil/en/news/articles/jan.- 24-military-airstrikes-continue-against-isil-in-syria-and-iraq ...] -. (2) Army camouflage anonymous '' LulzSecMafia Pwns '' brought to light whereabouts on Twitter, be anonymous legion discover, expose its scandalous '' LulzSecMafia Pwns #Sweden '' - (3) Syrian Army electronic hacker Twitter account,, French newspaper Le Monde and Le Monde accused the Syrian government of supporting terrorism in France. - (4) Where the layout of the network between the US and China red => Iranian hackers are there blood on Iran's nuclear program as the United States continued destruction of the consequences. <= (5) .DDoS on the rise: the AK-47 of cybercrime [http://blog.phishlabs.com/ddos-on-the-rise-the-ak-47-of-cybercrime ...] - (6 ) .. Chinese cyber elements now hack Microsoft Outlook [http://securitygladiators.com/2015/01/20/chinese-hack-microsoft-outlook/] - (7) .CoinFire site and Twitter account hacked [http: // cointelegraph.com/news/113353/coinfire-site-and-twitter-account-hacked ...] - (8) .It's Windows Security Gladiators - Care to be Security Gladiator"10" because it's 10 years behind #opensource ~ [Http://www.computerworlduk.com/blogs/open-ent] -
CoinTelegraph.com---由俠義匿名軍團發佈(1).在
ISIS/ISIL的空襲消息![Military Airstrikes Continue Against  #Syria and #Iraq: http://www.centcom.mil/en/news/articles/jan.-24-military-airstrikes-continue-against-isil-in-syria-and-iraq …]-(2).僞裝匿名軍團的''LulzSecMafia Pwns''在推特上敗露行蹤,被匿名軍團及時發現,揭露其醜行''LulzSecMafia Pwns #Sweden''-(3).敘利亞陸軍電子黑客Twitter賬戶法國世界報,,指責說世界報和法國政府的支持恐怖主義的敘利亞。-(4).凡繪製網絡紅線美國和中國之間=>伊朗的黑客都在那裡血液作為對伊朗核計劃美國持續的破壞後果 。
<=(5)在上升.DDoS:在AK-47網絡犯罪[http://blog.phishlabs.com/ddos-on-the-rise-the-ak-47-of-cybercrime...] - (6)..中國網絡元素現在破解的Microsoft Outlook[http://securitygladiators.com/2015/01/20/chinese-hack-microsoft-outlook/] - (7).CoinFire網站和Twitter賬戶黑客攻擊[HTTP:// cointelegraph.com/news/113353/coinfire-site-and-twitter-account-hacked...] - (8)。它的Windows的“10”,因為它的背後#opensource10年〜[HTTP:// WWW。 computerworlduk.com/blogs/open-ent] -
**USA/UK/SEAOUL KOREAN/TW/MACAU(FDZ)/HKS/FR/JP/UKN/DE/FA/POL/VI/ESP`/CO/ARG/PY/MEX/MO/AUST./RU/HO/MAL/NW/CA/IT/PH/Swedis/Mongolian/TUR/Arabic/Latin/INDON./Greek/Dansk/THAI/......All the world lauguage**-




-**Please use the god home use Google translator to translate the language of your country or city Oh ^^-
-**請各位用家善用谷歌大神的翻譯器,來翻譯你們的國家或城市的語言喔^^-
-**국가 또는 도시 ^^ 언어를 번역하는the 하나님의 가정에서 사용하는 구글 번역기를 사용하십시오-
-**Se il vous plaît utiliser l'utilisation de la maison de Dieu traducteur de Google pour traduire la langue de votre pays ou ville Oh ^^-
-**あなたの国や都市ああ^^の言語を翻訳するために神の家庭用のGoogle翻訳を使用してください -
-**Будь ласка, використовуйте бог домашнього використання перекладач Google перевести мову вашої країни або міста Oh ^^-
-**Bitte benutzen Sie den Gott den Heimgebrauch Google Übersetzer, um die Sprache Ihres Landes oder Stadt Oh ^^ übersetzen-
-**Käytäthe jumala kotikäyttöön Googlen kääntäjä kääntääthe kieli maata tai kaupunkia Oh ^^-
-**Proszę używać korzystania bóg startowej Google Translator przetłumaczyć język kraju lub miasta Oh ^^-
-**Vui lòng s dng vic s dng thn ch Google phiên dch đ dch các ngôn ng ca đt nước, thành ph ca bn Oh ^^-
-**Utilice el uso dios casa traductor de Google para traducir el idioma de su país o ciudad Oh ^^-
-**Utere deo, domum usu translator Google Translate to the language of patriae, civitatem O ^^-
-**Пожалуйста, используйте бог домашнего использования переводчик Google перевести язык вашей страны или города Oh ^^ -
-**Gebruik de god thuisgebruik Google vertaler naar de taal van uw land of stad Oh ^^ vertalen-
-**Sila gunakan digunakan di rumah tuhan penterjemah Google untuk menterjemahkan bahasa negara atau bandar anda Oh ^^-
-**Bruk gud hjemmebruk Google oversetter til å oversette språket i landet eller byen Oh ^^-
-**Si prega di utilizzare l'uso dio Home page di Google traduttore per tradurre la lingua del proprio paese o città Oh ^^-
-**Mangyaring gamitin ang bahay diyos paggamit tagasalin ng Google upang i-translate ang wika ng iyong bansa o lungsod Oh ^^-
-**Använd guden hemmabruk Google översättare att översätta språket i ditt land eller stad Oh ^^-
-**الرجاء استخدام استخدام إله المنزل مترجم جوجل لترجمة لغة بلدك أو المدينة أوه ^^-
- **Utere deo, domum usu translator Google Translate to the language of patriae, civitatem O ^^-
-**Silahkan gunakan penggunaan dewa rumah Google translator untuk menerjemahkan bahasa negara atau kota Oh ^^-
-**Brug venligst gud hjemmebrug Google oversætter til at oversætte sproget i dit land eller by Oh ^^-
-**Παρακαλώ χρησιμοποιήστε το θεό οικιακή χρήση του Google μεταφραστή να μεταφράσει τη γλώσσα της χώρας ή της πόλης σας Ω ^^-
-**กรุณาใช้theใช้งานที่บ้านพระเจ้าของ Google แปลที่จะแปลภาษาของประเทศหรือเมืองของคุณโอ้ ^^the-
-**Bonvolu uzi la dio hejmo uzo Google tradukisto por traduki la lingvon de via lando aŭ urbo Ho ^^- ** 


 *Note: This sharing by Anonymous~
 (1) air strikes message ISIS / ISIL's [Military Airstrikes Continue Against #Syria and #Iraq:.! Http://www.centcom.mil/en/news/articles/jan.- 24-military-airstrikes-continue-against-isil-in-syria-and-iraq ...]
 Jan. 24: Military Airstrikes Continue Against ISIL in Syria and Iraq CJTF - Operation Inherent Resolve News Release.
 January 24, 2015

SOUTHWEST ASIA - On Jan. 23, U.S. and Coalition military forces continued to attack ISIL terrorists in Syria, using attack, bomber, fighter, and remotely piloted aircraft to conduct 13 airstrikes. Separately, U.S. and Coalition military forces conducted 13 airstrikes in Iraq, using attack, bomber, fighter, and remotely piloted aircraft against ISIL terrorists. All strikes took place between 8 a.m., Jan. 23, and 8 a.m., Jan. 24, local time.
The following is a summary of the strikes conducted since the last press release:
Syria
* Near Kobani, 12 airstrikes struck eight ISIL tactical units and a large ISIL unit and destroyed an ISIL vehicle, an ISIL building, and eight ISIL fighting positions.
* Near Al Hasakah, an airstrike destroyed an ISIL mobile oil drilling rig.
Iraq
* Near Al Qaim, an airstrike destroyed an ISIL weapons production facility.
* Near Mosul, five airstrikes struck two large ISIL units, an ISIL choke point, an ISIL culvert, and four ISIL roads, and destroyed an ISIL culvert and an ISIL vehicle.
* Near Ramadi, an airstrike destroyed an ISIL vehicle.
* Near Tal Afar, five airstrikes struck a large ISIL unit, two ISIL tactical units, an ISIL cantonment area, and an ISIL vehicle, and destroyed an ISIL building, six ISIL vehicles, an ISIL bunker, two ISIL shipping containers, and two ISIL checkpoints.
* Near Erbil, an airstrike destroyed an ISIL shipping container, two ISIL vehicles, and three ISIL earth moving vehicles.
Airstrike assessments are based on initial reports. All aircraft returned to base safely.
The strikes were conducted as part of Operation Inherent Resolve, the operation to eliminate the ISIL terrorist group and the threat they pose to Iraq, Syria, the region, and the wider international community. The destruction of ISIL targets in Syria and Iraq further limits the terrorist group's ability to project terror and conduct operations. Coalition nations conducting airstrikes in Iraq include the U.S., Australia, Belgium, Canada, Denmark, France, Netherlands, and the United Kingdom. Coalition nations conducting airstrikes in Syria include the U.S., Bahrain, Jordan, Saudi Arabia, and the United Arab Emirates.


 ===============================================

 1月24日:軍事空襲繼續與ISIL在敘利亞和伊拉克
CJTF -操作固有解析新聞發布
 發布#2015024
即時發布
 西南亞- 1月23日,美國和聯軍部隊繼續攻擊ISIL恐怖分子在敘利亞,使用攻擊,轟炸機,戰鬥機和遙控飛機進行空襲13。 另外,美國和聯軍部隊在伊拉克進行空襲13,使用攻擊,轟炸機,戰鬥機和遙控飛機對ISIL恐怖分子。 所有的罷工8日上午,1月23日,早上8點,1月24日,當地時間之間發生。
以下是自上次新聞發布會進行了罷工的摘要:
敘利亞
*近Kobani,12空襲擊中8 ISIL戰術單位和大單位ISIL和銷毀的車輛ISIL,一個ISIL建設,8 ISIL陣地。
*近哈塞克,空襲摧毀了ISIL移動鑽井平台。
伊拉克
*近鋁凱姆,空襲摧毀了ISIL武器生產設施。
*在摩蘇爾附近,五空襲擊中兩個大ISIL台,同比ISIL瓶頸,一個ISIL涵,四ISIL道路,並摧毀了一個ISIL涵和ISIL車輛。
*拉馬迪附近,空襲摧毀了ISIL車輛。
*近了泰勒阿費爾,五空襲擊中一個大ISIL單元,2 ISIL戰術單位,一個ISIL駐紮區和ISIL車輛,並摧毀了一個ISIL建設,六ISIL輛,同比ISIL掩體,二ISIL集裝箱,以及兩個ISIL檢查站。
*埃爾比勒附近,空襲摧毀了ISIL海運集裝箱,二ISIL車,三ISIL推土車。
空襲評估是根據初步報告。 所有飛機返回安全基地。
罷工進行了由於操作固有解析部分,操作消除ISIL恐怖組織和它們對伊拉克,敘利亞,區域構成的威脅,以及更廣泛的國際社會。 在敘利亞和伊拉克ISIL目標的破壞進一步限制了恐怖組織的項目恐怖和行動能力。 聯盟國家在伊拉克進行空襲,包括美國,澳大利亞,比利時,加拿大,丹麥,法國,荷蘭和英國。 聯盟國家開展在敘利亞的空襲包括美國,巴林,約旦,沙特阿拉伯和阿聯酋。

 ========================================

LulzSecMafia Pwns Sweden for #Anonymous’ #SaveSweWolves

on  Spirit of the Wolf by Alice Popkorn on Flickr
 Spirit of the Wolf by Alice Popkorn on Flickr.
  LSM | #SaveSWEWolves @LulzSecMafia
Time for more Sweden Punishment.. We can't let @_Cryptosphere down now can we?

Gee, all we said was “Keep us in the loop.” Great, now we can never go to Stockholm.
The evocatively-named LulzSecMafia crew have indeed been hacking quite a swathe through the Swedish internet, and even a particular Swedish thermostat, located in the police HQ, as we reported yesterday. In the 24 hours since our article went live, the TANGODOWN count has swelled. We briefly interviewed the crew spokesperson via Twitter DM, and here’s what s/he had to say.
They first got our attention by @’ing us directly. “ Don’t recon you could add us to the article would ya?” they inquired modestly. “I think you’re already in it, aren’t you? turning down the heat was a lovely touch,” we replied.
They told us the crew is not Swedish, and they got involved in this issue because doing so was a moral imperative. “We fight for what’s right. And a massive wolf slaughter is far from it. We’re around because its about time someone came back to provide support for not only human rights but animals’ too.”
The list of hacks they claimed includes Swedish Visa (credit card), VF.se (NOT actually Swedish Vanity Fair), the Swedish Secret Police, The Swedish Ministry of Employment, Ministry of Justice, Ministry of Defence, Polisen.se (Swedish non-secret Police), the UN Report on Human Rights in Sweden, Ministry of Forests, and the Swedish Armed Forces. And, yes, the Royal Family’s website. They also released the administrator username and password for e-horizon.se, a Swedish mobile service provider.
Most, but not all, of the sites are back up at press time, and in between taking shots at Japan and other targets in support of OpKillingBay and OpSeaWorld, they’ve been firing at some more Swedish targets, like http://www.arbetslivsinstitutet.se/, a national research institute specializing in occupational issues.
Oh, and the government of Utah.

  LSM | #SaveSWEWolves @LulzSecMafia
Well that was easy. All http://utah.gov  domains are offline. http://check-host.net/check-report/5b738d 
 View image on Twitter
 Supporters tweeted links not simply to the downed targets, but also to web analysis site Check Host, to prove that they were the authentic sites, and the targets were indeed down; some tricksy “hackers” will simply tweet an artificial link they know does not work and claim a “tangodown” but it’s clear these were the real thing. “We always try to prove our work. Specially DDoS,” they told us. They call their DDoS botnet “The Jaberwocky.”

  cαηυѕ єℓυѕινυѕ @MaLrw3
And yes, we are aware theses are DDoS attacks which in the context of our goal serve a larger purpose

LulzSecMafia confirmed to us that the majority of attacks were simple DDoS attacks, more or less like having a mob come to the front door and block the way so other visitors can’t get in. Anonymous and other hacktivist groups have always asserted this is a legitimate exercise of free speech, most notably in the Paypal 14 case.
Governments and website owners tend to disagree.
It wasn’t all botnets and tangodowns, though. To immense applause (retweets, favorites, and the like serving in lieu of actual physicality) there were some straight-up hacks and even a prank.

  DⒶʀKᙡiNɢ #FreeBB @_Anonymous_swe_
@Swedbank by @LulzSecMafia In solidarity to -> creditnumbers -> https://pastee.org/gxnpu 

At first glance, leaking credit card numbers, card security numbers, and expiry date is a rather sweepingly abusive action; why victimize all those innocent Swedbank customers? But wait, can the card numbers be used without the actual names, which were deliberately and conspicuously omitted?
“Not really,” LulzSecMafia told us. “Which is why we only showed the card numbers. Even as black hats we still have some morals, lol.”
As for pranks, how’s this?
 View image on Twitter

  LSM | #SaveSWEWolves @LulzSecMafia
Weve taken over Swedens Secret Service's printer. For the next 2hrs, they will see is the victims of .

Gaming the printer to only print out dead Swedish wolves is psyops of the most elegant kind.
Looks like LulzSecMafia had some help, though.
 View image on Twitter
  Gator League @GatorLeague
The Royal Court of Sweden http://www.kungahuset.se  @MaLrw3
 GatorLeague is, like LulzSecMafia an Anonymous-allied (but not OF Anonymous) crew who have in the past claimed a particularly high-profile kill: the GCHQ website. In other words, the British Secret Police. So when they went after Swedish target in support of the Op, they weren’t going to go for the low-hanging fruit.
 View image on Twitter
  Gator League @GatorLeague
Official site of Sweden? We threw them on the ground!!! http://www.sweden.se  @LulzSecMafia @ChezisMe


  Gator League @GatorLeague
Enough DDOS attacks. Let's leak some shit! Fav for Swedish leaks! RT for France leaks! Decision made at 10 interactions!


At least they’re admirably social and interactive. Now that’s a 21st Century hacker crew!
  Gator League @GatorLeague
Swedish databases, we're coming... Everyone, keep your eyes peeled for tomorrow.


 ===========================================

LulzSecMafia Pwns瑞典#匿名'#SaveSweWolves

 狼的愛麗絲Popkorn Flickr上的精神
 狼的愛麗絲Popkorn Flickr上的精神

 時間更多瑞典的處罰。我們不能讓@_Cryptosphere下來,現在我們可以? #LulzSecMafia #SaveSweWolves
- #LulzSecMafia(@LulzSecMafia) 2015年1月22日

 嘖嘖,所有我們說的是“保持我們的循環。”太好了,現在我們永遠不能去斯德哥爾摩。
在喚起名為LulzSecMafia劇組確實被黑客通過瑞典互聯網相當裹,甚至一個特定的瑞典恆溫,位於警察總部 ,正如我們昨天報導。 在24小時內,因為我們的文章去住,該TANGODOWN數量已經增加。 我們簡單地採訪了通過Twitter DM船員代言人,而這裡就是他/她說的話。
他們首先得到了我們的注意通過@“荷蘭國際集團直接我們。 不要偵察,你可以加入我們的文章會吧?“他們問謙虛。 “我想你已經在這,不是嗎? 調低熱量是一個可愛的接觸,“我們說。
他們告訴我們的工作人員是不是瑞典,他們被捲入了這個問題,因為這樣做是一種道義上的當務之急。 “我們爭取什麼是正確的。 和一個巨大的狼屠殺卻遠非如此。 我們在身邊,因為其對一次有人回來,為不僅人權,而是動物的支持了。“
黑客聲稱,他們的名單包括瑞典簽證 (信用卡), VF.se (實際上不是瑞典名利場),在瑞典秘密警察就業的瑞典外交部司法部國防部Polisen.se (瑞典非-secret警察), 在瑞典的人權在聯合國的報告省森林和瑞典武裝部隊。 是的,皇室的網站。 他們還發布了管理員的用戶名和密碼e-horizon.se ,瑞典移動服務提供商。
大多數,但不是所有的網站都回到了截至記者發稿時,並採取在日本拍攝等目標,支持OpKillingBay和OpSeaWorld之間,他們已經在射擊多一些瑞典的目標,比如HTTP:// WWW .arbetslivsinstitutet.se / ,一個國家研究所專門從事職業的問題。
哦,還有政府猶他州
支持者啾啾鏈接不是簡單地被擊落的目標,而且要網絡分析現場檢查主機,以證明他們是真正的網站,而且目標確實是下跌; 一些調皮的“黑客”只會鳴叫他們知道不工作,並要求“tangodown”人工鏈接,但很明顯這些都是真實的東西。 “我們總是試圖證明我們的工作。 特別是DDoS攻擊,“他們告訴我們。 他們稱自己的DDoS殭屍網絡“的Jaberwocky。”
LulzSecMafia向我們證實,大多數攻擊是簡單的DDoS攻擊,或多或少就像有一個暴徒走到門口,阻撓方式,使其他旅客不能在匿名和其他黑客行動主義組織一直聲稱這是一種正當行使言論自由的,最主要的是在支付寶14的情況下。
各國政府和網站所有者往往不同意。
那是不是所有的殭屍網絡和tangodowns,雖然。 以巨大的掌聲(銳推,收藏夾等代替實際肉體的服務)有一些直線上升黑客甚至惡作劇。
乍一看,洩露信用卡號碼,卡的安全號碼和到期日是一個比較籠統虐待行為; 為什麼受害那些無辜的瑞典銀行的客戶? 但是別急,可以在不實際的名稱,這是故意省略突出使用的身份證號碼?
“不是真的,”LulzSecMafia告訴我們。 “這就是為什麼我們只顯示卡號。 即使是黑帽子,我們還是有一定的道德,笑。“
至於惡作劇,這個怎麼樣?
遊戲只打印出死瑞典狼打印機是最優雅的一種心理戰。
貌似LulzSecMafia有一些幫助,但。
GatorLeague是,像LulzSecMafia匿名結盟(但不是匿名的)乘務員誰在過去聲稱特別高調殺: 在GCHQ網站 換句話說,英國秘密警察。 所以,當他們支持運算瑞典目標後去了,他們不會去低掛水果。
至少他們是令人欽佩的社會和互動。 現在這是一個21世紀的黑客船員!

 ==================================================

Syrian Electronic Army hacks twitter Account of French Newspaper Le Monde

0
- See more at: http://www.techworm.net/2015/01/syrian-electronic-army-hacks-twitter-account-french-newspaper-le-monde.html#sthash.SlJRE6Wp.dpuf
 Syrian Electronic Army hacks twitter Account of French Newspaper Le Monde0
By Abhishek Kumar Jha on January 21, 2015

Syrian Electronic Army hacks twitter Account of French Newspaper Le Monde

0
- See more at: http://www.techworm.net/2015/01/syrian-electronic-army-hacks-twitter-account-french-newspaper-le-monde.html#sthash.SlJRE6Wp.dpuf
 Syrian Electronic Army hacks twitter Account of French Newspaper Le Monde

 The Syrian Electronic Army hacks Twitter account of the French Newspaper Le Monde blaming that Le Monde and French government supported terrorism in Syria.

The pro- Bashar Al-Asad hackers Syrian Electronic Army earlier today hijacked the official Twitter account of French daily newspaper ‘Le Monde’ and posted several incriminating tweets blaming the Daily Newspaper of supporting terrorism in Syria alongside the french Government.

The hackers tweeted, the Syrian Electronic Army was here” #SEA #SYRIA, In French.

 Syrian Electronic Army hacks twitter Account of French Newspaper Le Monde
 followed by several tweets.
 Syrian Electronic Army hacks twitter Account of French Newspaper Le Monde
 View image on Twitter
 
View image on Twitter
.@lemondefr Twitter account apparently hacked by Syrian Electronic Army

 The Twitter Account was temporarily suspended after the hack attack. however it is back online now and the tweets posted by the Syrian Electronic Army were deleted.

After gaining back the control, Le Monde tweeted that- After hacking into our account, our teams have now taken the hand. We apologize for any fraudulent posts on our behalf. (Google Translation)
- See more at: http://www.techworm.net/2015/01/syrian-electronic-army-hacks-twitter-account-french-newspaper-le-monde.html#sthash.SlJRE6Wp.dpuf


  Le Monde         @lemondefr
Après le piratage de notre compte, nos équipes ont désormais repris la main. Nos excuses pour les messages frauduleux postés en notre nom.

 Syrian Electronic Army later tweeted from their official Twitter account that, We have successfully hacked Le Monde and we will never fail to deliver our message of peace and anti-terrorism. blaming the newspaper and french government for supporting the terrorism in Syria.

  SyrianElectronicArmy @Official_SEA16
The Syrian Electronic Army condemns terrorism in France, but @LeMondefr and French government supported terrorism in .


 ============================================
 Security Gladiators - Care to be Security Gladiator

Where to Draw Cyber Red Lines Between US and China

 Where To Draw Cyber Red Lines Between US And China
 Looking back at cyber threats in 2014 , pictures a landscape that is continually changing with cyber actors growing in sophistication and complexity. The volume of cyberattacks have increased significantly especially those targeting US companies and federal agencies. What probably never change is the list of cyber aggressors with China, Russia, US, Iran and North Korea topping the list of the most active cyber actors on this front.
Notably, US and China have locked horn severally in this past year, as both countries trade accusation of cyber espionage against each other. Sometimes it's difficult to tell who the victim is or the aggressor between these two cyber giants. Maybe china is too aggressive or Americans started a cyber-war that is bigger than them, by poking their noses in other people's cyberspace.
As a result, relations between Beijing and Washington have grown from worse to worst over the past 12 months. FBI director James Comey is on record saying China has crossed the Red line, which begs the question, are there set red lines on the Cyberspace? What would be the consequences of crossing these presumed red lines?
Well, unlike in physical world where crossing the territorial lines is outright act war, it is difficult to tell when or where these red lines are crossed on the cyber space. For instance, many considered the latest hack at Sony Inc. as an outright act against America but President Obama ruled out any military action against North Korea. NSA director Adm. Michael Rodgers has in the past said cyber-attacks from china could topple US power grids , aviation systems and satellites but we are yet to witness any decisive action from Whitehouse.
Experts and academicians believe US and China would not allow any cyber aggression to escalate to the extent of a physical war. Actually, these two cyber giants separated by the pacific have a lot of shared Economic interest that would supersede any provocation to war. “These countries will each have their own defenses, [but] we know where the bottom lines lie — we know things we would never try or never do,” said Guo Guangchang, chairman of the Chinese investment giant Fosun International.
Since physical war is not an option maybe it's time for these states to sit down and Iron out their differences, a sentiment echoed by experts in both Beijing and Washington. “We need to discuss these problems more and more. Chinese [people] are not monsters. They are not trying to launch a new world war,” says Guangchang.
“The US-China relationship is an incredibly broad one — it's deep, and it's complex, and there are going to be issues that we're not likely to see eye to eye on easily or very quickly ,but that doesn't mean we can't figure out ways to talk about them,” says a US official who sought of speak under anonymity.
More importantly, any cyber discussion between US and China would be useless without involving emerging cyber powers such as Iran and North Korea who have a significant impact on this conflict. Experts believe North Korean hackers are increasing routing cyber-attacks through china as a disguise. A recently released report by Hewlett-Packard confirmed that North Korea state cyberattack units conduct their “operations from within China” which only worsen the already frosty relationship between US and China.
The Recent hack on Sony Inc. is enough prove of North Korea's cyber capabilities. The FBI promised to “identify, pursue, and impose costs and consequences on individuals or nation states” involve while President Obama vaguely said White House would “respond proportionately”, something that never sat well with many Americans, who expected an immediate and swift response from Obama administration. All said and done, the incidence underscores the importance of involving North Korea when drawing the cyber space red lines.
Iran is the new kid on the block causing sleepless night to Americans, with many calling her the “new China,” more aggressive than Russia. A report by Cylance security firm indicate that Iranian state backed hackers targeted over 50 top notch companies and Agencies in US, UAE, South Korea, England, Germany and France in the last two years.
Notably, Iranian hackers are out there for blood as a consequence of US continuous sabotage of Iran's nuclear programs . As a result Iranian hacker now pose an eminent threat to US critical infrastructure including energy firms, power grids, Commercial airlines and weather systems, a factor that grants Iran a seat at the discussion table.
Only time will tell whether US, Russia China, Iran and North Korea will amicably agree to end the ongoing cyber aggression against each other and more importantly, agree on where to draw the cyber red lines. Notably, cyber peace will be found if these countries respect the outcomes of negotiations and so long as US learn to keep its cyber-curiosity in its pants.
 
Top/Featured Image: By Iecs / Wikipedia (http://commons.wikimedia.org/wiki/File:FlagUSA_FlagPRC_crash.svg)


 =============================
 

US Experts: Iranian Hackers Targeting Airlines and Energy Firms Says

 Iranian Hackers Targeting Airlines and Energy Firms
 Iranian state-backed hackers have been working on intelligence gathering campaign which targeted companies and Airlines from US and its Western Allies. A report by Cylance security firm indicate Iran's Cyber capabilities are growing at an alarming rate and could easily surpass traditional Cyber aggressors, Russia and China.
Iran has always ranked low in the pecking order when it comes to countries that poses a threat to global network infrastructure. The paradigm seems to have shifted with latest security heads up by Cylance security firm , indicating that Iranian state backed hackers could easily pull down global infrastructure including commercial airline and weather system in the coming days.
Cylance's report indicate that an Iranian based hackers' groups have targeted over 50 companies and government Agencies for the last two years. High priority targets include Commercial airlines, energy firms, telecommunication companies and Aerospace firms in Pakistan, UAE, South Korea, England, Germany and France.
The Silicon Valley security firm declined to reveal the identities of the breached companies, but sources privy to the matter reveals that Pakistan International Airport, Korean Air and Qatar Airlines have been hit hard by the breach. US power generation companies Calpine Corp and other state owns petroleum companies such Saudi Aramco and Petroleos Mexicanos (Pemex) were also not spared either.
The hackers also infiltrated the computer networks of private contractors such suppliers and other firms providing services such are airline maintenance, loading cargo and fueling. Apparently, the group's primary focus was gathering intelligence, stealing information such workers Passwords, Usernames and Passports which could be used to impersonate airport workers and grant hackers a higher security clearance at airports.
The report pictures Iran as country whose cyber capabilities are growing at an alarming rate, ready to assert its position as a leading cyber-powerhouse in the world. “If the operation is left to continue unabated, it is only a matter of time before they impact the world's physical safety,” the report said.
Predictably, the Iranian government have rubbished Cylance report terming it as “baseless and unfounded allegation fabricated to tarnish the Iranian government image, particularly aimed at hampering current nuclear talks,” said Hamid Babaei, spokesman for Iran's mission to the United Nations.
For a long time, US has been blaming Russia and China for targeting its key infrastructure but it's now clear there is a new kid on the block, who is more determined to crumble America's private computer networks. The Tehran based group allegedly on a revenge mission on US, was also linked to an attack on US Navy unclassified computer network in 2013.
“Russians are the most sophisticated and most capable outside the US The Chinese bring to bear staggering numbers of people and computers. Iran is probably between those two,” said retired Admiral William Fallon, head of the US Central Command until 2008. “They are pretty good and they are motivated.”
Iran has been in a long tussle with US and its western allies over Iran's intent to reinvigorate is nuclear programs. In 2010 Iranian nuclear plants were hit by lethal Stuxnet malware allegedly from a joint operation by US and Israel. US and its western Allies are opposed to Iran's nuclear programs, citing the need to DE-militarize world and promote global peace. Iran says it intends to use its nuclear plants only for generation of electricity and not for production of nuclear bombs as alleged by Washington.
Cylance researchers managed to hack into the group's computer networks and found massive private data such as passwords and usernames stolen from US private entities organizations including Aerospace companies, transportation, Energy companies and Universities. Cylance also found crucial digital footprints that link the Iranian group with a 2013 hack at US Navy's intranet (NMCI) which took almost a month to clean up. The FBI is currently investigating the matter.
The report by Cylance security affirms previous findings by another US security firm , FireEye , linking Iranian hackers to a string of security breached on US companies. Earlier in May, Isight Partners, also linked Iran to cyber-espionage campaigns on US and Israel government officials.
 
Top/Featured Image: By Frank Bennett / Wikipedia (http://commons.wikimedia.org/wiki/File:Flag_of_Iran_in_map.svg)


 =============================
 

凡繪製網絡紅線美國和中國之間

 哪裡可以繪製網絡紅線美國與中國之間
 回顧網絡威脅在2014年 ,一個圖片的景觀,不斷與網絡行動者的複雜性和複雜 ​​性不斷增長的變化。 網絡攻擊的數量已經顯著尤其是針對美國公司和聯邦機構增加。 什麼可能永遠不會改變的是網絡侵略者與中國,俄羅斯,美國,伊朗和朝鮮摘心在這方面最活躍的網絡參與者的名單列表。
值得注意的是,美國和中國在這過去的一年鎖定喇叭個別,因為這兩個國家的貿易對對方網絡間諜活動的指控。 有時候,很難說誰是受害者還是這兩個網絡巨頭之間的侵略者。 也許中國是過於激進或美國人開始了網絡戰是大於他們,戳他們的鼻子在其他人的網絡空間。
這樣一來,北京和華盛頓之間的關係已經從差到最差的增長在過去的12個月。 聯邦調查局局長詹姆斯·科米的紀錄說,中國已經越過了紅線,這引出了一個問題,有沒有設置對網絡空間的紅線? 什麼是穿越這些假定紅線的後果是什麼?
好了,不像在物理世界裡,跨越地域線是徹頭徹尾的戰爭行為,這是很難說何時何地,這些紅色的線是交叉的網絡空間。 例如,許多人認為最新的破解索尼公司作為對美國的直接行動,但奧巴馬總統排除了對朝鮮的任何軍事行動。 國家安全局局長海軍上將邁克爾·羅傑斯在過去稱來自中國的網絡攻擊可能推翻美國的電網 ,航空系統和衛星,但我們還沒有看到來自白宮的任何決定性的行動。
專家和學者認為,美國和中國不會允許任何網絡的侵略升級到一個物理戰爭的程度。 事實上,由太平洋分隔這兩個網絡巨頭有很多共同的經濟利益,將取代任何挑釁的戰爭。 “這些國家將每個人都有自己的防禦,[但]我們知道那裡的底線所在 - 我們知道的事情,我們永遠不會嘗試或不會做,”郭廣昌,中國投資巨頭復星國際董事長說。
由於身體的戰爭是不是一種選擇,也許是時候讓這些國家坐下來化解他們之間的分歧,由專家在北京和華盛頓均呼應情緒。 “我們需要討論這些問題越來越多。 中國[人]不是怪物。 他們是不是要發動新的世界大戰,“廣昌說。
“美國,中國的關係是一個非常寬泛 - 它是很深,它的複雜,並有打算是,我們不太可能看到或容易很快眼對眼的問題,但是,這並不意味著我們想不通的方式來談論他們,“一位美國官員誰不願透露姓名下尋求可言。
更重要的是,美國和中國之間的任何網絡討論將是不涉及新興的網絡大國如伊朗和朝鮮誰擁有對這一衝突顯著影響沒用。 專家認為,朝鮮黑客正在通過增加路由中國網絡攻擊作為偽裝。 一個由惠普近日發布的報告證實,朝鮮國家的網絡攻擊單位開展“業務來自中國”,這只會惡化美國和中國之間已經冷若冰霜的關係。
索尼公司近期黑客就足以證明朝鮮的網絡戰能力。 聯邦調查局承諾“識別,追求,給個人或民族國家的成本和後果”,同時參與總統奧巴馬含糊說,白宮會“按比例作出回應”,一些從未有許多美國人坐好了,誰希望立即和迅速的反應從奧巴馬政府。 所有說,做,發病強調繪製網絡空間的紅線時,涉及到朝鮮的重要性。
伊朗是引起失眠的夜晚美國人塊新的孩子,有很多叫她的“新中國”,比俄羅斯更積極。 一個由Cylance安全公司的報告表明,伊朗國家支持的黑客有針對性的超過50頂尖的公司和機構在美國,阿聯酋,韓國,英國,德國和法國在過去的兩年。
值得注意的是,伊朗的黑客都在那裡血液作為對伊朗核計劃美國持續的破壞後果 其結果是伊朗黑客現在造成一位傑出的威脅,美國的關鍵基礎設施,包括能源企業,電網,商業航空公司和天氣系統,授予伊朗座位在討論表的一個因素。
只有時間才能告訴我們是否美,俄中國,伊朗和朝鮮將友好同意結束針對對方,更重要的是,持續的網絡攻擊,同意在哪裡畫的網絡紅線。 值得注意的是,網絡和平會發現,如果這些國家尊重談判的結果,因此,只要我們學會保持其網絡,在好奇心的褲子。
 
頂部/特色圖片:通過IECS /維基百科(http://commons.wikimedia.org/wiki/File:FlagUSA_FlagPRC_crash.svg)

 ====================================================
 PhishLabs

DDoS on the Rise, Spear-Phishing, Alleged Silk Road Operator Arrested and more | TWIC - January 23, 2015

Posted by Lindsey Havens
Jan 23, '15
 TWIC_brandingAK47
 AK-47’s have been around forever. The most popular and widely used assault rifles in the world. Not because they do anything advanced, but because they’re cheap, reliable, and are so easy to use that untrained fighters can wield them effectively. Much like the AK-47, DDoS attacks are not highly sophisticated, expensive, or the most “sexy” of cybercrime but they can be very effective. As 2014 came to a close, it was a record year for distributed-denial-of-service (DDoS) attacks, with increases in volume and sophistication level. Researchers anticipate the upwards trend of attacks will only continue in 2015, with many businesses still underprepared to fight back against an attack.

Year-over-year attack volume

According to Arbor Networks, whose ATLAS system monitors events from 300+ network operators around the world, 11 DDoS events over 100Gbps were tracked from Q1-Q3 in 2013; whereas, in the same period of 2014, the number increased to 133. There was also significant growth in smaller-scale attacks. ATLAS tracked one and a half times the total number of attacks over 20Gbps in 2013 in just the first quarter of 2014. Arbor Networks’ Nick Race forecasts that “attacks will likely continue to get larger and more frequent, and unfortunately many businesses are still unprepared for an attack.”

DDoS for hire

The recent, highly publicized DDoS attacks on popular online gaming platforms Sony PlayStation and Microsoft Xbox, outraged gamers during the holiday season as both were knocked offline for periods of time. As we continue to see the rise of Cybercrime-as-a-Service, it should not shock anyone that DDoS threat actors are eager to jump on the bandwagon. The “Lizard Squad” claimed responsibility for the online gaming DDoS attacks and later announced it was essentially a “commercial” for their new “booter” or “stresser” site — a service designed to help paying customers knock virtually any site or person offline for hours or days at a time. The cost of attacks range anywhere from $6 to $500; unlimited attacks can be launched for $500. All services are to be paid in the difficult-to-trace cryptocurrency, Bitcoin.

What can a DDoS attack cost you?

DDoS attacks are most often used to extort or damage businesses whose websites or online assets are a major source of revenue, are an indicator of brand value, or are critical to operations. According to Neustar’s 2014 DDoS annual report, 40 percent of companies targeted with a DDoS attack estimated losses of more than a million U.S. dollars per day.
DDoS_Data_Neustar_2014
Figure 1. Estimated DDoS attack costs per hour. Source: Neustar 2014 Report.
In addition to direct financial costs of an attack, other, less quantifiable losses include reputation damage, diminished brand value, public perception and compromised customer trust. Additionally, customer service is flooded with inquiries and IT resources are strained during an attack. This unfortunate Internet company went out of business in 2014 after a DDoS extortion attack.

Types of DDoS attacks

The basic “flood” method is the most common form of DDoS attacks; it is designed to use up all bandwidth, input/output (I/O), resources, rendering the website unavailable. Flooding involves sending a large number of packets to the targeted system using a variety of Internet protocols. These include, User Datagram Protocol (UDP), Internet Control Message Protocol (ICMP), and Transmission Control Protocol (TCP). A large number of distributed bots or compromised "zombie" computers are often used to flood targets. A tactic called amplification is also used, where the attacker sends a small bit of information to a system resulting in a response with much more data being sent to the target.
SYN floods are an example of these types of DDoS attacks. These abuse the TCP method initiating connections, and they still represent a common and relatively effective attack method because popular services that use TCP, such as web servers, must be exposed to public networks from which DDoS attacks might be launched. In an effort to evade layering controls against DDoS attacks, some modern network-layer attacks fragment or craft packets designed to crash network devices.
Modern tactics will also use protocols associated with Domain Name System (DNS) that translates a domain name to an IP address instead of the webserver, rendering the target unavailable without actually impacting the operation of the website. To an attacker, whether the webserver itself is offline or no one can find it because DNS has failed, the same objective of making it unavailable has been accomplished.
Other types of attacks include resource exhaustion where attackers entice the targeted system to perform operations that consume large amounts of processing power, memory, and storage as well as attacks designed to go slow in order to tie up the targeted system's attention such as requesting a file download and reading it very slowly.
Many types of attacks, including some common amplification attacks, use network services that allow the source IP address of the attack traffic to be spoofed. Some attackers use a large botnet with a vast number of zombie computers to launch attacks. In both cases, basic blocking is often ineffective and building a list of attack sources' IP addresses for such purposes isn't feasible given the number of sources and the typical durations of DDoS attacks.
DDoS and other network attacks are often generally categorized as either:
  • Low-layer, attacking the network itself
  • High-layer, attacking the services and applications that run on top of the network
This is because the types of security controls and plans of actions designed to mitigate DDoS attacks vary between these two general types of attacks.

Mitigating a DDoS attack

Unfortunately, there is no “silver bullet” to completely protect against DDoS attacks. However, best practices, modern controls, modern network service architectures, and well-planned incident response plans can effectively mitigate large-scale DDoS attacks.
As with cyber security in general, multiple defensive layers offer the best assurance for minimizing the impact of a DDoS attack. Any security layer has limitations to allow for legitimate activity.
DDoS_layered_Mitigation_Approach
Figure 2. Illustration of the common components of a layered DDoS mitigation approach.
Common protection practices include:
  • Robust distributed network infrastructure.
  • DDoS mitigation subscription services.
  • Investment in specialized anti-DDoS network security appliances.
As DDoS defense tactics evolve, cybercriminals will continue to find ways to skirt around defenses. Countermeasures against traditional and new architectures that are more resilient to DDoS attacks are critical when deploying mitigation strategies. Understanding the adversary's tactics, techniques, and procedures (TTP) will help establish a strong security posture and aid in planning an effective response.

Network architecture and controls

Network architecture is the first stop for protection against DDoS attacks; ensure that best practices and deployment controls have been implemented. To mitigate the effects of flood attacks and some amplification attacks, segment the network for proper placement to enable granular control configurations that enforce policies to allow or reject traffic as appropriate. Be sure to test and evaluate network layer controls such as firewall polices and routing configurations when under specific DDoS conditions such as SYN floods, UDP floods, ICMP backscatter and ping floods. Also evaluate the performance of network devices, applications and services while under DDoS payloads. Transactional integrity for databases and graceful degradation of applications should be part of design requirements.

DDoS countermeasures

Implementing DDoS countermeasures depends heavily on how much an organization relies on external providers for internetwork, data center capacity, hosting infrastructure or server co-location. As a result, organizations should discuss DDoS contingencies with service providers including those responsible for peering as well as upstream and downstream transit.

Basic countermeasures include:

  • Device controls – most routers and common switches incorporate basic access control (ACLs) and rate-limiting technologies. Some devices even offer anti-DDoS settings.
  • SYN cookies – network architectures should allow a “virtual” switch to be flipped to enable SYN cookies which are a chosen sequence of numbers in TCP packets that are checked by the server when establishing a connection. This will mitigate small to moderate SYN floods. Because of minor technical drawbacks, SYN cookies are generally enabled after an attack has been initiated.
  • TCP Cookie Transactions (TCPCT) – this mechanism is designed to combat SYN floods while avoiding the drawbacks of SYN cookies. What makes TCPCT less attractive is that it can break standard TCP networking implementations because both endpoints must support TCPCT.
  • TCP connection splicing – sometimes referred to as delayed binding, this can also help mitigate SYN flood attacks. Upstream service providers such as “cleaning centers” or “packet scrubbers” may provide proxy or in-the-cloud services that are effective in protecting against SYN flooding in conjunction with specialized network attack mitigation technologies.
  • At the application layer, replacing the webpages that rely on databases and other resources to generate dynamic, interactive content with static markup that limits the overhead associated with database queries and other types processing, albeit at the cost of temporarily reduced functionality.
  • While blocking based on individual attacks sources is often not the most effective mitigation tactic, temporarily blocking network traffic based on whole network allocations or large scale geolocation criteria such as country of origin (or even hemisphere) can be effective when it doesn't exclude typical users. A balance should struck between the number of legitimate users likely to be denied access versus the number of rogue bots attacking the site that will be rendered useless.

Advanced DDoS countermeasures include:

  • Bandwidth management solutions – methods are based on a variety of advanced protocols and algorithms for bandwidth shaping and reservation, rate limiting, scheduling and congestion avoidance. Some are based on quality-of-services (QoS) standards, and others of these offer proprietary protections such as behavioral anomaly detection, limiting based on transactional rates, and alleviating bottlenecks by intentionally introducing latency, for example. Some webservers have built-in rate limiting and filtering or modules available that implement anti-DDoS tactics.
  • Intrusion prevention systems (IPS) and web application firewalls (WAFs) offer protections from a number of types of attacks besides DDoS, but can be configured to drop or ignore network traffic when loaded with DDoS attack tool signatures. Threat intelligence and the ability to apply that intelligence if the form of a useful ruleset that is maintained and kept up-to-date is key to the effectiveness. These controls are often designed to "fail closed" and stop passing any network traffic in a precise attack to prevent exploitation and system intrusions, but they may be configured to "fail open" under denial-of-service conditions, so that they are not doing the attacker's job of making services unavailable to legitimate users themselves.
  • Technologies used by content delivery networks (CDNs) such as anycasting, a routing technology  which constrains DDoS attacks geographically, diluting the impact on service in a particular part of the world. This is used, for example, with caching web proxies that move copies of content closer to those requesting the webpages, so that only the copies closest to attack sources on the network are the most impacted by an attack. Private CDNs can be difficult to manage and costly to maintain so independent application of this technology is generally limited to large organizations, but there many providers that make these capabilities available to other organizations as a service.
  • Distributed DNS services – dispersion of DNS services that are essential in locating an organization’s key public network services such as websites and email gateways can help mitigate the global availability impact of attacks.
  • Proof-of-work, CAPTCHAs, and other anti-bot technology designed to ensure a webserver is being visited by a real human with an actual web browser rather than by an attacker with some automated attack tool.
With many of these technological controls, configurations that best mitigate DDoS attacks are not optimal for typical loads. Some may come with overhead that is otherwise unnecessary, placing undue load on networking and processing resources during normal use. Others offer reduced functionality, such as the static version of a website lacking the interactive features of a database-driven version. Some services offering CDN technologies, may cost more based on the amount of bandwidth reserved or the number of points-of-presence from which DNS servers respond.


Controls that allow settings to be grouped together in configuration profiles which can be easily switched on or off based on prevailing conditions are often more cost effective. The same is true of services that offer dynamic pricing and can be deployed on-demand and scaled back when attacks relent.
DDoS attacks can cripple an organization resulting in lost revenue, damage to the brand and compromised customer trust. With little hope of reprieve, business owners and stakeholders need to be aware of the consequences of DDoS attacks and build a robust incident response, crisis response, and business continuity plan that encompasses DDoS mitigation.
Read our Intelligent DDoS Protection whitepaper to learn how to detect and respond to DDoS attacks faster and more effectively.


 =============================

Take your DDoS protection to the next level.

This white paper reveals how DDoS Intelligence shortens the time it takes to detect and mitigate major DDoS attacks. It reviews phases of the DDoS attack process, illuminates key threat intelligence data and walks through the ways organizations use that data to rapidly and effectively mitigate attacks.
Read this white paper to understand:
  • Why investments in mitigation services and tools are not sufficient on their own
  • How to prepare for relevant DDoS threats without wasting resources
  • How to detect and respond to DDoS attacks faster and more effectively
Intelligent-DDoS-Protection-Thumb.jpg

=======================
Each week, the PhishLabs team posts The Week in Cybercrime (TWIC) to recap noteworthy cybercrime articles and reports (open source).


 ==================================
Security Gladiators - Care to be Security Gladiator 
 

Chinese cyber elements now hack Microsoft Outlook

 

Chinese cyber elements now hack Microsoft Outlook

Chinese hack Microsoft Outlook
The Chinese cyber installation over the weekend hacked Microsoft's Outlook e-mail network. The man-in-the-middle attack was targeted at gaining a way through which to read users e-mails using their passwords and log-in details. The news was broken by Greatfire, an organization that monitors activities of the Chinese government online.
The Chinese government has yet again been accused of attacking internet users by launching an attack aimed at violating the privacy of users online. The latest attack was on Microsoft's Outlook e-mail system . However, the attack was not one directed at Microsoft but one which sought to take advantage of the fact that users can use Outlook to log into other email addresses. The aim was to infiltrate Outlook and gain access to all emails that a user logs into using Microsoft Outlook.
The specific way in which the attack was carried out was by intercepting the connection between Outlook and the email service. This interruption would result in Outlook generating a warning that the user was proceeding to a risky place. Now, the user had the option to terminate the process of logging in or continue after the warning. As it was, many users chose to continue, thereby allowing the hacking of their emails. Reports online speculate that users might have attributed to bugs in their browsers.
Cyber security analysts looking into the issue said that there were three main aims that the Chinese most probably wanted to achieve with the hack. One of the aims was to test the capabilities of their cyber attack technologies. China has been accused of developing technology aimed at attacking other nations' cyber networks and the internet giants such as Google from the West. The attack therefore provided a way through which the Chinese could tell how far they were from a system capable of posing real danger to a nation with sophisticated defense of its cyber systems.
The second possible aim for such an attack is to discourage Chinese citizens from finding alternative ways to access e-mail from foreign email carriers like Google and Yahoo. China has been in the past known to block access to Gmail and yahoo mail from China in order to encourage its own email companies. The reason why the Chinese would rather have its citizens uses email services from Chinese providers is because it can pressurize the providers to leak emails when it needs to spy on its citizens. This is impossible with companies such as Google and Yahoo because they are not under the direct influence of the Chinese Communist regime.
The third reason why Chinese would launch such an attack is, so as to, find the response rate of the target group. By recording the response rate each time they launch an attack, the Chinese are able to develop a pattern of response and therefore gauge how keen the targeted group is. Greatfire was quoted saying “By keeping track of how many users ignore the certificate warnings, the authorities will be able to determine the effectiveness of this type of attack.”
The Chinese are not expected to stop the hacking. In fact, it is expected that they will only get more frequent and severe.

Top/Featured Image: By Shi Deru (aka Shawn Xiangyang Liu) – Licensed under CC BY-SA 3.0 via Wikipedia

 =================================================
 CoinTelegraph.com
 CoinFire
 CoinFire Site and Twitter Account Hacked
by Armand Tanzarian @ 2015-01-23 08:35 PM


 CoinFire’s executive editor announced just after 2 p.m. EST on Friday that the site’s domain “was stolen” and that the team was trying to get it back.

Shortly thereafter, Coin Fire’s Twitter handle also got hijacked. It’s clear that in the 13 minutes between the second and third tweet below that a different person had taken over writing:

 
 “Well, looks like the XPY supporters got what they wanted,” Mike from Coin Fire wrote at /r/bitcoin. He provided further details:

    “They logged in to our domain registrar account and had our domain taken away from us. We are working to resolve it but we aren't sure we are going to get it back. Just wanted to give everyone a heads up.”

He followed up in a comment below: “We've opened up a ticket with our registrar. So far the only response we have received is that the changes were authorized and verified.”

By 2:55 p.m. EST, the Twitter account had been deleted. Here is a screenshot of the last tweets:

 
 Around noon EST on Friday, I noticed a CoinFire.cf had turned into a parked domain. As of 2:45 p.m. EST, the site looks like this:



The follow-up tweets on CoinFire’s compromised account all referenced the site’s recent reporting that the SEC had begun an investigation into GAW Miners.
“The Securities and Exchange Commission (SEC) has opened an investigation of GAW Miners and its CEO Josh Garza, according to CoinFire, a Bitcoin news site, which on Tuesday cited ‘1,000 pages of a [leaked] investigation file,’" Ars Technica reported Tuesday.

“CoinFire did not publish the documents but described them to include a ‘bombshell draft of a potential enforcement litigation action against the company.’ It cited SEC draft language accusing GAW of being in violation of Section 17(a) of the Securities Act of 1933, an anti-fraud provision.”
This isn’t the first time CoinFire’s site has come under attack. Its editor also reported a “massive DDOS attack” back in September.

Did you enjoy this article? You may also be interested in reading these ones:


 =============================================
 

China beefs up Great Firewall, snips off VPN access

Censorship tools get a boost as users scramble for workarounds

14
Shaun Nichols
China's notorious "Great Firewall" is being blamed for widespread reports of virtual private network (VPN) outages in the country.
China's Global Times – an English-language subsidiary of the state-run People's Dailyreports that customers of several prominent VPN services based outside the Middle Kingdom have complained that they have been unable to access the services from the mainland.
"We are currently working diligently to find a resolution with certain servers not working in China," VPN firm StrongVPN said in a statement. "We would like to remind our users, during this period there may be exceptionally high wait times in our Live Chat system."
According to the Global Times, the outages are the result of "upgrade work" being done with the country's massive internet censorship platform. With the new measures in place, access to many VPN services from within China has now been blocked.
The state news agency goes on to quote Chinese security experts as stating that the blocks were important for maintaining "cyberspace sovereignty".
"For instance, a shortcut has to be blocked since it could be used for some ulterior purposes although it might affect others who use it in a right way," Qin An of the China Institute for Innovation and Development Strategy, a government policy think tank, told Global Times.
Overseas VPNs are one way to work around the Great Firewall's strict bans on content. Many Chinese use the services to connect with popular – but locally censored – sites such as Facebook and Twitter. While the government does allow limited VPN use, however, VPN services that wish to operate within China are required to register with the Ministry of Industry and Information Technology for permission.
This isn't the first time China has moved to crack down use of unauthorized VPNs. Back in 2012, a similar measure was taken by authorities to prevent users from connecting to foreign-run services. That time, VPN companies and their customers were able to adapt to the Great Firewall changes with varying degrees of success. ®

 =============================
 http://www.theregister.co.uk/2015/01/22/windows_10_good_bad_news/

Free Windows 10 could mean DOOM for Microsoft, and the PC biz

Satya Nadella's great price-slash gamble

management regulation7
G+
Reg comments
185
Analysis First the good news: Windows 10 will be free – for one year.
Microsoft announced upgrades to its next-planned client operating system during an outpouring of PR love and vision on Wednesday.
We won't claim the credit for Microsoft's decision to give its next version of Windows as a free upgrade for 12 months to those on Windows 7 and 8.x.
Yet we did say this week that Microsoft couldn't risk re-imposing charges on Windows 8.1 that it had started giving away for free – on small-screen tablets.
Also on Wednesday, Microsoft's vice president of operating systems Terry Myerson said once a Windows device is upgraded to Windows 10, Microsoft will continue to keep it current for the supported lifetime of the device “at no cost”.
It's difficult to tell what Myerson actually means. Updates to Windows were already free under Microsoft's product-support lifecycles. It's not clear what Myerson means when he talked of “the device” as if Microsoft is changing the current two-year Windows delivery cycles for future versions of Windows.
Let's focus on the tangibles – those free upgrades for 12 months.
Why has Microsoft U-turned on its chief operating officer's pledge of “no more free Windows”? Why has a company that makes a third of its money on selling licenses to PCs and tablets running Windows drastically extended its recent policy of Windows 8 for free – but only on devices with a screen of nine inches or less?
Because it had to.
Windows 10 is Microsoft's make-or-break operating system and Microsoft needs to do everything it can to kick-start adoption and move PC customers on. If Windows 10 goes wrong and people don't upgrade, that'll be two Windows busts in succession. That would be terrible for business and for Microsoft.
Consumers and businesses both flatly rejected Windows 8.x, with the latter picking Windows 7 as their post Windows XP PC platform of choice.
Windows 7 is now six years old with its end-of-support date penciled in for 2020. If Windows 10 also doesn't hit, and assuming Microsoft takes another two years to release the next version of Windows – its typical roadmap – then it'll be 2017 before the world's largest software company gets another crack at trying to persuade potential customers it's in their interests to upgrade.
And that's a real problem. No upgrades mean no new Windows license revenue and Windows licenses account for $18bn of annual revenue for Microsoft. Moreover, no upgrades from Windows 7 kills a key component of Microsoft's cloud and device strategy: the app store.
Windows 7 doesn't work with Microsoft app-store apps. With hardly any use of Windows 8.x, Microsoft's app store's addressable market is vastly reduced. Adhering to Windows 7 means Microsoft slips even further behind Google and Apple in terms of feeding downloads to compatible devices. Of course, all this assumes Windows 10 will be any good and users will want it and see a need to upgrade from Windows 8.1 and Windows 7 in the first place.

Now the bad news

Windows 10 is going to be free – for a while. That's really bad news for PC makers and channel partners, and will prolong the industry's recovery from its nose spin.
New versions of Windows and sales of new PCs go hand in hand, as the new operating system is either too fat or uses features missing in existing hardware. The best recent example was the sour reception to Windows 8 in Christmas 2012, which was blamed for the worst sales figures since records began in the 1990s.
Microsoft hasn't said what PC hardware you'll need to run Windows 10 but with its free upgrade, Microsoft obviously reckons PCs running Windows 7 and Windows 8.x have already got what they need to make Windows 10 work.
PC hardware refresh has been a major hurdle in recent tech history: a reason companies have been slow to dump Windows XP has been finance directors unwillingness to pay for the new PCs that can run Windows 7. Putting Windows 10 on the same PCs as Windows 7 helps Microsoft navigate that hurdle; getting Windows 10 becomes a simple matter of download and corporate IT strategy.
Microsoft is gambling: it is trading short-term PC sales and putting PC partners on hold in the interests of long-term adoption of Windows 10.
As we've written here before, offering free products in today's climate of low-price but fully functioning devices is the way to grow market share.
Microsoft needs market share for two reasons: to make decent money from Windows 10 licenses at some point in the future and get more Windows 10 devices in the field that let people swallow subscription cloud services, like Office 365.
It's a risky play that won't just put a hole in Microsoft's short-term earnings but will put PC partners further out in the cold and delay the PC industry's recovery. Microsoft is gambling on the fact that most businesses now on Windows 7 will want Windows 10 in the next 12 months.
Yet most IT upgrade cycles take about three years, and most have just about completed a round of upgrades to take on Windows 7 and move off of Windows XP.
No wonder Microsoft tried to distract the headline writers with talk of holograms instead. ®


 =====================================
 http://www.wired.com/2015/01/microsoft-acquires-open-source-data-science-company-revolution-analytics/

Microsoft Continues Its March Toward Open Source With Latest Acquisition

 http://www.wired.com/wp-content/uploads/2015/01/microsoft-10-cortana.jpg
Microsoft has agreed to acquire open-source software company Revolution Analytics, heavily embracing the R programming language, a data analysis tool widely used by both academics and corporate data scientists.
The software giant announced the deal on Friday, but did not disclose the terms.
Revolution Analytics is best known for offering developer tools for use with the R language, and though Microsoft already works with R, this represents a new bet on the language, reflecting the company’s wider interest in data science.
Just as IBM’s Netezza appliance, SAP’s HANA database, Oracle’s Big Data appliance are designed for use with R, so too is Microsoft’s Azure ML cloud service, a service for building machine learning applications. And Microsoft uses R for its own projects. “We have a data science community inside Microsoft that uses R to analyze business data across a variety of things, and even build models for quite a few applications,” says Microsoft vice president for machine learning Joseph Sirosh.
In this sense, the company is not unusual. Inside the corporate world, R has become a de facto means of analyzing data, and it’s often used in the data science competitions run by startup Kaggle, competitions that have become a popular way for companies to tap independent data scientists for help with particularly thorny problems.
Revolution was founded in 2007 by Yale University computer scientists to create a suite of tools for working with R, and it hired CEO Norman H. Nie, the co-creator of SPSS—one of R’s main competitors—in 2009. In addition to contributing to the continued development of the R programming language, the company develops both a free, open source community version of its Revolution R suite of developer tools, as well as paid commercial versions of the software.
Most importantly, Revolution Analytics has created tools that help extend the abilities of the open source version of the R language, Sirosh says. “There are seriously limitations to how it can be used with big data, because all of the data has to be loaded in memory.”
By bringing Revolution into the fold, Sirosh says, Microsoft will gain access to all of that technology and be able to make it available to all of its own customers on all of its development platforms. He emphasizes that Microsoft will continue to support Revolution’s existing products and customers.
The move deepens Microsoft’s investments in open source as well. Last fall Microsoft open sourced its .NET development platform, and the company has helped support a range of open source development, big data and analytics tools in recent years, including Node.js, Hadoop, and MongoDB. Traditionally, the company did not play so nicely with open source. But times have changed, with open source coming to dominate the software world.



================================= 
 http://www.wired.com/2015/01/microsoft-hands-on/

Microsoft’s Holographic Goggles


It’s the end of October, when the days have already grown short in Redmond, Washington, and gray sheets of rain are just beginning to let up. In several months, Microsoft will unveil its most ambitious undertaking in years, a head-mounted holographic computer called Project HoloLens. But at this point, even most people at Microsoft have never heard of it. I walk through the large atrium of Microsoft’s Studio C to meet its chief inventor, Alex Kipman.
Alex Kipman.
Alex Kipman. Andrew Hetherington
The headset is still a prototype being developed under the codename Project Baraboo, or sometimes just “B.” Kipman, with shoulder-length hair and severely cropped bangs, is a nervous inventor, shifting from one red Converse All-Star to the other. Nervous, because he’s been working on this pair of holographic goggles for five years. No, even longer. Seven years, if you go back to the idea he first pitched to Microsoft, which became Kinect. When the motion-sensing Xbox accessory was released, just in time for the 2010 holidays, it became the fastest-selling consumer gaming device of all time.
Right from the start, he makes it clear that Baraboo will make Kinect seem minor league. Kipman leads me into a briefing room with a drop-down screen, plush couches, and a corner bar stocked with wine and soda (we abstain). He sits beside me, then stands, paces a bit, then sits down again. His wind-up is long. He gives me an abbreviated history of computing, speaking in complete paragraphs, with bushy, expressive eyebrows and saucer eyes that expand as he talks. The next era of computing, he explains, won’t be about that original digital universe. “It’s about the analog universe,” he says. “And the analog universe has a fundamentally different rule set.”
Translation: you used to compute on a screen, entering commands on a keyboard. Cyberspace was somewhere else. Computers responded to programs that detailed explicit commands. In the very near future, you’ll compute in the physical world, using voice and gesture to summon data and layer it atop physical objects. Computer programs will be able to digest so much data that they’ll be able to handle far more complex and nuanced situations. Cyberspace will be all around you.
What will this look like? Well, holograms.

First Impressions

That’s when I get my first look at Baraboo. Kipman cues a concept video in which a young woman wearing the slate gray headset moves through a series of scenarios, from collaborating with coworkers on a conference call to soaring, Oculus-style, over the Golden Gate Bridge. I watch the video, while Kipman watches me watch the video, while Microsoft’s public relations executives watch Kipman watch me watch the video. And the video is cool, but I’ve seen too much sci-fi for any of it to feel believable yet. I want to get my hands on the actual device. So Kipman pulls a box onto the couch. Gingerly, he lifts out a headset. “First toy of the day to show you,” he says, passing it to me to hold. “This is the actual industrial design.”
Oh Baraboo! It’s bigger and more substantial than Google Glass, but far less boxy than the Oculus Rift. If I were a betting woman, I’d say it probably looks something like the goggles made by Magic Leap, the mysterious Google-backed augmented reality startup that has $592 million in funding. But Magic Leap is not yet ready to unveil its device. Microsoft, on the other hand, plans to get Project HoloLens into the hands of developers by the spring. (For more about Microsoft and CEO Satya Nadella’s plans for Project HoloLens, read WIRED’s February cover story.)
Kipman’s prototype is amazing. It amplifies the special powers that Kinect introduced, using a small fraction of the energy. The depth camera has a field of vision that spans 120 by 120 degrees—far more than the original Kinect—so it can sense what your hands are doing even when they are nearly outstretched. Sensors flood the device with terabytes of data every second, all managed with an onboard CPU, GPU and first-of-its-kind HPU (holographic processing unit). Yet, Kipman points out, the computer doesn’t grow hot on your head, because the warm air is vented out through the sides. On the right side, buttons allow you to adjust the volume and to control the contrast of the hologram.
Microsoft's Lorraine Bardeen demonstrates HoloLens at the Windows 10 event at the company's headquarters in Redmond, Washington on Wednesday, Jan. 21, 2015.
Microsoft’s Lorraine Bardeen demonstrates HoloLens at the Windows 10 event at the company’s headquarters in Redmond, Washington on Wednesday, Jan. 21, 2015. Elaine Thompson/AP

Tricking Your Brain

Project HoloLens’ key achievement—realistic holograms—works by tricking your brain into seeing light as matter. “Ultimately, you know, you perceive the world because of light,” Kipman explains. “If I could magically turn the debugger on, we’d see photons bouncing throughout this world. Eventually they hit the back of your eyes, and through that, you reason about what the world is. You essentially hallucinate the world, or you see what your mind wants you to see.”
To create Project HoloLens’ images, light particles bounce around millions of times in the so-called light engine of the device. Then the photons enter the goggles’ two lenses, where they ricochet between layers of blue, green and red glass before they reach the back of your eye. “When you get the light to be at the exact angle,” Kipman tells me, “that’s where all the magic comes in.”
Thirty minutes later, after we’ve looked at another prototype and some more concept videos and talked about the importance of developers (you always have to talk about the importance of developers when launching a new product these days), I get to sample that magic. Kipman walks me across a courtyard and through the side door of a building that houses a secret basement lab. Each of the rooms has been outfitted as a scenario to test Project HoloLens.

A Quick Trip to Mars

The first is deceptively simple. I enter a makeshift living room, where wires jut from a hole in the wall where there should be a lightswitch. Tools are strewn on the West Elm sideboard just below it. Kipman hands me a HoloLens prototype and tells me to install the switch. After I put on the headset, an electrician pops up on a screen that floats directly in front of me. With a quick hand gesture I’m able to anchor the screen just to the left of the wires. The electrician is able to see exactly what I’m seeing. He draws a holographic circle around the voltage tester on the sideboard and instructs me to use it to check whether the wires are live. Once we establish that they aren’t, he walks me through the process of installing the switch, coaching me by sketching holographic arrows and diagrams on the wall in front of me. Five minutes later, I flip a switch, and the living room light turns on.
Another scenario lands me on a virtual Mars-scape. Kipman developed it in close collaboration with NASA rocket scientist Jeff Norris, who spent much of the first half of 2014 flying back and forth between Seattle and his Southern California home to help develop the scenario. With a quick upward gesture, I toggle from computer screens that monitor the Curiosity rover’s progress across the planet’s surface to the virtual experience of being on the planet. The ground is a parched, dusty sandstone, and so realistic that as I take a step, my legs begin to quiver. They don’t trust what my eyes are showing them. Behind me, the rover towers seven feet tall, its metal arm reaching out from its body like a tentacle. The sun shines brightly over the rover, creating short black shadows on the ground beneath its legs.
jpeg-3-full
Microsoft
Norris joins me virtually, appearing as a three-dimensional human-shaped golden orb in the Mars-scape. (In reality, he’s in the room next door.) A dotted line extends from his eyes toward what he is looking at. “Check that out,” he says, and I squat down to see a rock shard up close. With an upward right-hand gesture, I bring up a series of controls. I choose the middle of three options, which drops a flag there, theoretically a signal to the rover to collect sediment.
After exploring Mars, I don’t want to remove the headset, which has provided a glimpse of a combination of computing tools that make the unimaginable feel real. NASA felt the same way. Norris will roll out Project HoloLens this summer so that agency scientists can use it to collaborate on a mission.

A Long Way Yet

Kipman’s voice eventually brings me back to Redmond. As I remove the goggles, he reminds me that it’s still early days for the project. This isn’t the kind of thing that will be, say, a holiday best seller. It’s a new interface, controlled by voice and gesture, and the controls have to work flawlessly before it will be commercially viable. I get that. I love voice controls, and I talk to Siri all the time. But half the time, she doesn’t give me a good answer and I have to pull up my keyboard to find what I’m looking for more quickly. Project HoloLens won’t have a keyboard. If the voice and gesture controls don’t work perfectly the first time, consumers will write it off. Quickly.
That said, there are no misfires during three other demos. I play a game in which a character jumps around a real room, collecting coins sprinkled atop a sofa and bouncing off springs placed on the floor. I sculpt a virtual toy (a fluorescent green snowman) that I can then produce with a 3-D printer. And I collaborate with a motorcycle designer Skyping in from Spain to paint a three-dimensional fender atop a physical prototype.
As I make my way through each, Kipman seems less nervous than when we began, but no less focused. It has been three hours since we met. In each scenario, he watches a screen that shows him what I am seeing, and he watches me trying to use his device for the first time. His eyebrows draw down in deep concentration as he checks to see if every calculation is perfect—noting the touch of my thumb and forefinger as I make an upward gesture, the words I reach for instinctively to instruct the computer. Seven years in, he is trying to see Project HoloLens as if for the first time. To see it through the eyes of a 30-something female New Yorker. But that is one thing his magical head-mounted holographic computer cannot do. At least not yet.



==============================
 http://blog.strongvpn.com/update-on-connection-issues-from-china/

Update on connection issues from China.


UPDATED 1/23/15:
Notice to StrongVPN users, we are currently working diligently to find a resolution with certain servers not working in China.  We would like to remind our users, during this period there may be exceptionally high wait times in our Live Chat system.
For those users in China, we do recommend coming to our Live Chat during non-peak hours which would be considered 5pm – 12am local time. Further, we have noticed both our New York and Miami server locations are still very accessible from China.
We ask that customers try those server locations before coming to our Live Chat. If you’re not currently a StrongVPN customer and would like to subscribe to protect your online security, personal privacy, and help promote Internet freedom, sign up for Strong today!


 ============================================


 从上周五(五月六日)开始,深圳电信的网络就出现了一系列的怪现象,企业上网用户会发现,访问国外的任何网站都变得非常不稳定,有时可以访问,有时又不能访问。但个人ADSL用户却没有类似问题。
  整个变化是从上周五开始的,现象是在公司上网,会发现国外大部分网站间歇性无法访问,比较突出的问题是实时联机的MSN上不去,但过一段时间又可以连接MSN,情况非常怪异。
  一开始我还以为是我网络问题的个案,上网搜索了一下,原来是个普遍问题,很多用户都出现MSN访问异常的情况,但是,并不是所有用户都无法访问MSN,有些用户又可以访问MSN,这让问题变得非常复杂。
中国电信屏蔽国外网站
晚上回家之后使用家里的电信ADSL上网,却又没有任何问题,访问国外网站又是正常的。
  周一回到公司后,发现上周五的情况还在继续,MSN无法登录使用,间歇性发现几乎所有的国外网站都无法访问。
中国电信屏蔽国外网站
经过我的测试,深圳电信无法访问国外网站的原因是有几个节点路由器存在问题,trace到了一些电信骨干节点就不通了,通过 tracert www.yahoo.com 命令查询,发现到了119.145.47.102 等节点之后就无法访问了,因此怀疑这些路由器屏蔽了国外网站。
中国电信屏蔽国外网站
通过这些天的观察发现,关于电信屏蔽国外网站的情况,似乎只对企业有效,个人ADSL用户无效,我猜测,可能是在电信某个路由器上有个计数器,当某个地 址访问国外网络很多的时候,就对其屏蔽一段时间,因此企业用户比个人用户更容易超标。电信用这种方法人为阻止用户大量访问国外网站。
  这种情况也很特殊,因为我家里的ADSL不存在这种问题,因此我还无法投诉电信的这种网络故障。
  电信这么做的原因,我估计,有可能电信的出口网络在调整,也有可能是在测试某种设备,也可能是想降低电信的国际流量费用,还有一个不靠谱的原因,可能是深圳在办大运会,想要净化网络环境。
  我想,等电信把出口网络调整好,我们伟大的局域网就建的差不多了吧。
  相关新闻报道
  南方医科大学:关于近期出现国外数据库访问困难现象的说明
   近日我们发现访问国外数据库和其他国外网站时,出现连接速度缓慢或者不能连接的现象。经与网络中心沟通获悉,这是因为中国电信对我校租用的IP地址在同 一时间连接国外网站的用户数量做了限制,而我校目前每个电信IP一般是由几栋楼的用户共用,由此导致我校用户访问国外网站时出现上述问题。
浙江大学:关于国际互联网出口故障的紧急通知
  各校网用户:从今日(5月6日)上午开始,网络用户反映通过VPN访问很多国外网站不通,经反复检查,发现问题出在各个运营商的国际互联网出口上,信息中心已经紧急联系相关运营商,要求尽快查明原因,解决故障。请各用户相互告知。
环球时报:Theories abound for overseas web access troubles
Fang Binxing, president of Beijing University of Posts and Telecommunications, attributed the interruptions to Internet service providers' economic concerns.
"Service providers have to pay the bill of the international Internet flow for their users. So there is incentive for the companies to discourage users to visit foreign websites," he said.
北邮方校长称,从五月六日开始的海外网站断网问题的原因是电信运营商自身的经济问题,用户访问国外网站,电信运营商都需要支付费用,因此电信运营商想以此方法来降低运营商的国际流量费用。


  除非注明,月光博客文章均为原创,转载请以链接形式标明本文地址

  本文地址:http://www.williamlong.info/archives/2653.html


 =======================================================


國外VPN服務在中國無法使用

曹思琪來源:環球時報發布時間:2015年1月23日0時23分01秒

長城防火牆已經升級為網絡空間的主權:源


曹思琪
週四網絡安全分析師捍衛中國的互聯網管理的海外VPN(虛擬專用網絡)公司週三宣布後,一些在中國的用戶已經無法使用該服務,因為長城防火牆,中國的互聯網基礎設施的升級。

網絡服務應當遵守國家安全的網絡問政,分析師呼籲。

Astrill權利週三公告,今年以來,在iOS設備上,包括IPSec,L2TP / IPSec和PPTP VPN使用的協議,而無法訪問在中國幾乎實時的。

一位不願透露姓名的服務支持員工週四表示,只有iOS設備受到影響,而其他設備如的MacBook,因為他們使用不同的協議工作正常。

“這是偉大的防火牆升級,因為,不幸的是,我們不能告訴你確切的時間[如何它會持續多久]”之稱的員工,並稱公司有其他的解決方案。

許多iPhone用戶都震驚地發現,他們無法登錄到他們的Facebook和Twitter賬戶,儘管他們已經購買了Astrill的VPN服務。

是否阻止VPN服務,以及如何阻止他們密切相關的國家的網絡管理能力,秦廣,在中國研究院的創新與發展戰略的網絡安全專家告訴環球時報週四。

“當局,因為他們影響到我們的網絡空間主權。例如,一個快捷方式已被阻止,因為它可以用於一些不可告人的目的,雖然它可能會影響到其他人誰在正確的方式使用它顯然不能忽視這些服務,”秦剛說。

一個網絡安全分析師先前指出,在中國運行的VPN業務的公司必須在註冊工業部和信息化 ,和未註冊的VPN服務提供商不受中國法律保護。

免費VPN提供商fqrouter還表示,在其官方Twitter賬戶上的1月8日的fqrouter的服務已經正式關閉。

另外,VPN技術RUNO 1月5日宣布,它的許多IP地址和用戶與L2TP協議的一些地方並沒有因為12月31日在中國訪問。

“偉大的防火牆阻止了VPN在協議的水平。這意味著防火牆不需要確定每個VPN提供商,阻斷其IP地址,而是可以在運輸過程中發現VPN流量,阻止它”的創始人之一海外網站負責監測中國互聯網的通過電子郵件告訴環球時報週四。

近年來,越來越多的中國網絡用戶都在尋求替代品使用的鏡像網站或VPN的衝浪長城防火牆之外的互聯網。

由環球時報採訪週四一些Astrill VPN用戶說,防火牆更新,也導致了VPN服務價格上漲。 一個週四表示,另一個VPN服務,他買了一個多星期前60億元(9.6)提高其價格週三每年240元。
 發表在: 社會

 =========================================
 http://www.theregister.co.uk/2014/12/29/gmail_blocked_in_china/

Gmail的跌倒在打“中國防火長城'後 - 報告

中國的客戶? 更好的選擇其他的webmail

中國的美好未來
G +
註冊評論
13
據報導,大量的谷歌的Gmail網絡地址被擋在中國上週末。
中斷根據GreatFire.org,語音組的中國為基礎的自由發生在星期五。
昨天在Twitter上一個Gmail的用戶抱怨說,國內的供應商無法發送電子郵件到Gmail帳戶,並描述了塊“的方式太苛刻,” 根據谷歌翻譯。
“我認為政府只是試圖進一步消除谷歌公司在中國乃至海外削弱其市場,”GreatFire.org的成員告訴路透社新聞服務。
“試想一下,如果Gmail用戶可能無法打通中國客戶,中國以外的許多人可能會被迫從Gmail中切換出來。”
根據谷歌的透明度報告,交通鼻子潛入週四。
中國外交部發言人華春瑩告訴路透社記者,她不知道的Gmail已被封鎖。
“中國一直有對外國投資者在這裡做合法經營的歡迎和支持的態度​​,”她說。 “我們將一如既往地為外國企業在中國的公開,透明和良好的環境。”
但大多數谷歌的服務已經在中國今年6月以來中斷,當月標誌著天安門起義25週年。
中國是報有近期或正在進行的中斷為谷歌服務五個地區之一。 其餘的是伊朗,伊拉克,巴基斯坦和土耳其。 ®


 ========================================================

免費的Windows 10意味著DOOM微軟和PC BIZ

薩帝亞·納德拉的偉大價格斜線賭博

管理regulation7
嘰嘰喳喳
Facebook的
0
G +
註冊評論
185
分析一好消息:10的Windows將是免費的 -一年。
微軟的公關愛和遠見在週三的流露期間宣布升級其下一個計劃的客戶端操作系統。
我們不會邀功微軟決定放棄的Windows的下一個版本的免費升級為12個月,以那些在Windows 7和8.x中
然而,我們做了這個星期說,微軟是不會冒險在Windows 8.1,它已經開始贈送免費重新設收費 - 在小屏幕平板電腦。
同樣在週三,操作系統微軟的副總裁特里·梅爾森說,一旦Windows設備升級到Windows 10,微軟將繼續保持當前的設備的支持生命週期“不花錢”。
這是很難說什麼邁爾森實際上意味著。 更新到Windows已經在微軟的產品支持生命週期免費的。 目前還不清楚是什麼意思邁爾森時,他談到“設備”,就好像微軟改變目前兩年的Windows交付週期為未來的Windows版本。
讓我們專注於有形資產 - 這些免費升級為12個月。
為什麼微軟U-開啟其首席運營官的承諾的“沒有更多的免費的Windows”? 為什麼一個公司,使得其資金上的銷售許可證PC和運行Windows平板電腦第三次大幅擴展了其最新的Windows 8的政策,自由 - 但只有在與九英寸或更小屏幕的設備?
因為它必須。
的Windows 10是微軟的化妝或斷操作系統和微軟需要盡一切可能來啟動應用和移動PC客戶。 如果Windows 10出現問題,人們不升級,那將是兩個Windows蕭條連續。 這將是可怕的商務和微軟。
消費者和企業雙方斷然拒絕的Windows 8.x中,選擇後者採​​摘Windows 7作為其後期的Windows XP PC平台。
Windows 7的是現在六歲與最終支持它的鉛筆日期為2020年如果Windows 10也沒有命中,並假設微軟另需兩年發布Windows的下一個版本 - 其典型的路線圖 - 那麼它“會成為2017年全球最大的軟件公司獲得另一個打擊試圖說服潛在客戶是在他們的利益升級之前。
而這是一個真正的問題。 不升級等於沒有新的Windows許可證收入和Windows許可證佔180億美元的年收入為微軟的。 此外,沒有從Windows 7升級殺死了微軟的雲和設備戰略的一個關鍵組成部分:應用程序商店。
Windows 7中沒有與微軟的應用程序商店應用程序的工作。 幾乎沒有任何使用的Windows 8.x中,微軟的應用商店的目標市場是大大減少。 堅持到Windows 7表示微軟甚至進一步滑落落後於谷歌和蘋果在餵養下載至兼容的設備方面。 當然,這一切假設的Windows 10會得到什麼好處,用戶將希望它並認為有必要從Windows 8.1和Windows 7在第一時間升級。

現在的壞消息

窗10將是自由 - 一會兒。 這對PC廠商和渠道合作夥伴真正的壞消息,並會延長從它的鼻子旋行業的復甦。
新版本的Windows和銷售的新PC齊頭並進,為新的操作系統是太胖或使用功能,在現有的硬件缺失。 近期最好的例子是酸味的接收到Windows 8在聖誕節2012年,這被指責為最壞的銷售數據有記錄以來的20世紀90年代。
微軟沒有說什麼PC硬件,你需要運行Windows 10,但憑藉其免費升級,微軟顯然估計運行Windows 7和Windows 8.x中已經得到了他們需要使Windows 10的工作電腦。
PC硬件更新已經在最近的歷史上的高科技的一個主要障礙:一個原因公司一直緩慢傾倒的Windows XP一直是財務主管不願意支付可以運行Windows 7的PC機一樣的將Windows 10與Windows 7的新PC幫助微軟瀏覽這一關; 獲得的Windows 10變成下載和企業IT戰略的一個簡單的事情。
微軟賭:這是交易的短期PC銷售,並把PC合作夥伴保持長期採用的Windows 10的利益。
正如我們在這裡寫之前,提供免費產品的低價格,今天的氣候,但功能齊全的設備,是擴大市場份額的方式。
微軟需要的市場份額,原因有二:使體面的錢從Windows 10的許可證在將來的某個時候,獲得了讓人下嚥訂閱的雲服務,如Office 365在場上更多的Windows 10的設備。
這是一個危險的遊戲,不會只是把在微軟的短期盈利,但孔將把PC合作夥伴進一步冷落,延緩了PC行業的復甦。 微軟正在賭博的事實是,現在在Windows 7上,大多數企業都希望在未來12個月的Windows 10。
然而,大多數IT升級週期需要三年左右的時間,而且大多數都只是完成了一輪升級要在Windows 7和移動過的Windows XP。
難怪微軟試圖分散標題作家與談話的全息圖來代替。 ®

 #########################
 
 *Note: This sharing by Anonymous~
 http://melody-free-shaing.blogspot.com/2015/01/posted-by-chivalrous-anonymous-legion-1.html

 ==============================================================

 ---Posted by chivalrous *Anonymous Legion (1) air strikes message ISIS / ISIL's [Military Airstrikes Continue Against #Syria and #Iraq:.! Http://www.centcom.mil/en/news/articles/jan.- 24-military-airstrikes-continue-against-isil-in-syria-and-iraq ...] -. (2) Army camouflage anonymous '' LulzSecMafia Pwns '' brought to light whereabouts on Twitter, be anonymous legion discover, expose its scandalous '' LulzSecMafia Pwns #Sweden '' - (3) Syrian Army electronic hacker Twitter account,, French newspaper Le Monde and Le Monde accused the Syrian government of supporting terrorism in France. - (4) Where the layout of the network between the US and China red => Iranian hackers are there blood on Iran's nuclear program as the United States continued destruction of the consequences. <= (5) .DDoS on the rise: the AK-47 of cybercrime [http://blog.phishlabs.com/ddos-on-the-rise-the-ak-47-of-cybercrime ...] - (6 ) .. Chinese cyber elements now hack Microsoft Outlook [http://securitygladiators.com/2015/01/20/chinese-hack-microsoft-outlook/] - (7) .CoinFire site and Twitter account hacked [http: // cointelegraph.com/news/113353/coinfire-site-and-twitter-account-hacked ...] - (8) .It's Windows "10" because it's 10 years behind #opensource ~ [Http://www.computerworlduk.com/blogs/open-ent] - ---由俠義匿名軍團發佈(1).在ISIS/ISIL的空襲消息![Military Airstrikes Continue Against  #Syria and #Iraq: http://www.centcom.mil/en/news/articles/jan.-24-military-airstrikes-continue-against-isil-in-syria-and-iraq …]-(2).僞裝匿名軍團的''LulzSecMafia Pwns''在推特上敗露行蹤,被匿名軍團及時發現,揭露其醜行''LulzSecMafia Pwns #Sweden''-(3).敘利亞陸軍電子黑客Twitter賬戶法國世界報,,指責說世界報和法國政府的支持恐怖主義的敘利亞。-(4).凡繪製網絡紅線美國和中國之間=>伊朗的黑客都在那裡血液作為對伊朗核計劃美國持續的破壞後果 。 <=(5)在上升.DDoS:在AK-47網絡犯罪[http://blog.phishlabs.com/ddos-on-the-rise-the-ak-47-of-cybercrime...] - (6)..中國網絡元素現在破解的Microsoft Outlook[http://securitygladiators.com/2015/01/20/chinese-hack-microsoft-outlook/] - (7).CoinFire網站和Twitter賬戶黑客攻擊[HTTP:// cointelegraph.com/news/113353/coinfire-site-and-twitter-account-hacked...] - (8)。它的Windows的“10”,因為它的背後#opensource10年〜[HTTP:// WWW。 computerworlduk.com/blogs/open-ent] -  **USA/UK/SEAOUL KOREAN/TW/MACAU(FDZ)/HKS/FR/JP/UKN/DE/FA/POL/VI/ESP`/CO/ARG/PY/MEX/MO/AUST./RU/HO/MAL/NW/CA/IT/PH/Swedis/Mongolian/TUR/Arabic/Latin/INDON./Greek/Dansk/THAI/......All the world lauguage**-
 http://melody-free-shaing.blogspot.com/2015/01/posted-by-chivalrous-anonymous-legion-1.html
 ===Melody.Blog===FOLLOW===>/

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!


沒有留言:

張貼留言

window.___gcfg = {
lang: 'zh-CN',
parsetags: 'onload'
};