QinetiQ , a UK-based defense contractor, has its fingers all over some of the US Defense Department’s most sensitive systems. The company’s subsidiaries provide robots, diagnostic systems, intelligence systems for satellites, drones, and even “cyber-security” to the US Department of Defense. The parent company, which was created as a privatized spinoff of the British Defense Evaluation and Research Agency—what was the UK’s equivalent of the US Defense Advanced Research Projects Agency—is often cited as the inspiration for James Bond’s “Q.” But for at least three years, QinetiQ was apparently unintentionally supplying its expertise to another customer: China. In multiple operations, hackers tied to the People’s Liberation Army have had the run of QinetiQ’s networks, stealing sensitive data from them and even using them to launch attacks on the systems of government agencies and other defense contractors. E mails uncovered by the hack of security firm HBGary revealed that Chinese hackers had the run of the company’s networks starting in 2007. Bloomberg’s Michael Riley and Ben Elgin report that in one effort that lasted for over three years, “Comment Crew”—the group tied to the recent hacking of the New York Times and other news organizations, plus a host of attacks on other defense contractors and technology businesses—managed to gain access to “most if not all of the company’s research.” The company was notified on multiple occasions by government agencies of ongoing breaches, starting with a report from the Naval Criminal Investigative Service in December of 2007 that “a large quantity of sensitive information” was being stolen from two computers at the company’s US subsidiary, QinetiQ North America (QNA). A month later, NASA informed QNA that one of the company’s computers was being used in a cyberattack on its network. Read 1 remaining paragraphs | Comments
Tag: style-details
Why Apple added debt to its $145 billion cash hoard
Anton TwAng Apple is making headlines with rumors of a record-sized bond sale. According to reports, Cupertino is likely taking advantage of historically dirt-cheap interest rates on corporate debt by raising about $17 billion from a series of six types of bond papers. It’s not the largest non-bank bond sale in history, but it does rank near the top. Automaker General Motors raised $17.5 billion in bond financing a decade ago, for example. Then again, GM’s financing arm, then known as GMAC, sort of made a bank out of the car builder. Pharma giants Abbott Laboratories and Roche Holdings also issued $14.7 billion and $16 billion in bond debt fairly recently. Record-level or not, Apple’s sale certainly ranks right up there with the big boys. Read 13 remaining paragraphs | Comments
Read this article:
Why Apple added debt to its $145 billion cash hoard
Opera claims former employee gave stolen trade secrets to Mozilla
Opera has been busy repositioning itself as a middleware player for the mobile Web recently, but that isn’t stopping the company from defending its investment in browser technology. The company has filed a 20 million Kronor ($3.4 million) lawsuit against a former employee and consultant, claiming that he stole company secrets and incorporated them into a mobile browser for Mozilla. According to a report by Norwegian IT site Digi.no , Opera has filed suit against Trond Werner Hansen, a Norwegian musician and designer who worked for Opera from 1999 to 2006 as a user interface designer and developer before leaving to pursue his music career . Hansen also worked for Opera as an outside consultant from 2009 to 2010. Last year, Hansen was involved with the development of the Mozilla prototype “Junior” browser for Apple iOS . Hansen and Alex Limi —former Firefox UI head and now manager of Mozilla’s product design strategy—demonstrated the browser prototype in a video on Air Mozilla last June. Hansen said in the video, “I spent almost seven years trying to simplify Opera and didn’t really succeed. Simplification of something that already exists is really hard. That’s way beyond product design issues—it’s company issues. I feel like we failed in making something really easy.” Limi credited Hansen with the invention of a number of Mozilla UI features, including the browser search—”the source of all our revenue,” Limi said—and the “speed dial” feature that allows users to pick frequently visited pages from a new browser tab. “Pretty much everything he’s invented, they’re now in all browsers,” Limi continued. Read 1 remaining paragraphs | Comments
See more here:
Opera claims former employee gave stolen trade secrets to Mozilla
Man accused of placing GPS device on victim’s car before burglarizing her home
A burglary suspect currently on trial in Johnson County, Kansas allegedly put a GPS tracking device on a victim’s car to determine whether anyone was home. The victim, an unnamed Overland Park woman, told her story to the Kansas City Star on Friday. Overland Park police, Leawood police, and Johnson County prosecutors declined to comment on the GPS allegation to the newspaper. According to the Star , the suspect, Steven Alva Glaze, allegedly burglarized the woman’s home on March 25. The victim owns a jewelry business in the Kansas City suburb. Glaze is now on trial for 14 counts of criminal damage to property, theft, attempted burglary, and burglary for the alleged crimes. The use of GPS tracking devices surreptitiously installed on cars recalls the famous Jones v. United States case, in which the Supreme Court unanimously ruled in 2012 that law enforcement does not have the authority to warrantlessly place a device on a criminal suspect’s vehicle. However, the use of GPS by criminal suspects to track victims still seems to be quite rare. Read 4 remaining paragraphs | Comments
View post:
Man accused of placing GPS device on victim’s car before burglarizing her home
FBI denied permission to spy on hacker through his webcam
Sorry FBI, you can’t randomly hijack someone’s webcam. Stefano Maffei A federal magistrate judge has denied (PDF) a request from the FBI to install sophisticated surveillance software to track someone suspected of attempting to conduct a “sizeable wire transfer from [John Doe’s] local bank [in Texas] to a foreign bank account.” Back in March 2013, the FBI asked the judge to grant a month-long “ Rule 41 search and seizure warrant ” of a suspect’s computer “at premises unknown” as a way to find out more about this possible violations of “federal bank fraud, identity theft and computer security laws.” In an unusually-public order published this week , Judge Stephen Smith slapped down the FBI on the grounds that the warrant request was overbroad and too invasive. In it, he gives a unique insight as to the government’s capabilities for sophisticated digital surveillance on potential targets. According to the judge’s description of the spyware, it sounds very similar to the RAT software that many miscreants use to spy on other Internet users without their knowledge. (Ars editor Nate Anderson detailed the practice last month.) Read 10 remaining paragraphs | Comments
View article:
FBI denied permission to spy on hacker through his webcam
Senate advances “online sales tax” by 74-20 vote
Your tax-free days of online shopping are numbered. If S743 , also known as the Marketplace Fairness Act, becomes law, the millions of Americans who have been able to avoid sales tax online will have to start paying it. Given the broad support shown by today’s US Senate vote, some version of it is likely to come to fruition. The bill will compel companies having annual online sales of more than $1 million to collect sales tax on those purchases. Interstate sales have long been exempted from sales tax, but brick-and-mortar businesses have just as long complained about the edge that online businesses have since they avoid collecting taxes. A key opponent of online taxation, retail giant Amazon, recently switched sides after losing some key legal and political battles over taxation. Amazon already collects taxes on sales in nine states , including California, New York, and Texas. Technically this wouldn’t be a new tax, since California residents who make purchases from an online company are responsible for paying those taxes. But there’s never been an efficient way to collect such taxes so it rarely happens. Read 5 remaining paragraphs | Comments
Original post:
Senate advances “online sales tax” by 74-20 vote
Japanese police ask ISPs to start blocking Tor
Erich Ferdinand Authorities in Japan are so worried about their inability to tackle cybercrime that they are asking the country’s ISPs to block the use of Tor . According to The Mainichi , the National Police Agency (NPA, a bit like the Japanese FBI) is going to urge ISPs to block customers if they are found to have “abused” Tor online. Since Tor anonymizes traffic, that can be read as a presumption of guilt on anyone who anonymizes their Web activity. The Japanese police have had a torrid time of late when it comes to cybercrime. Late last year a hacker by the name of Demon Killer began posting death threats on public message boards after remotely taking control of computers across the country. The police arrested the four people whose IP addresses had been used and reportedly “extracted” a confession, but they were forced into a humiliating apology when the hacker kept posting messages while the suspects were in custody. Read 9 remaining paragraphs | Comments
Visit site:
Japanese police ask ISPs to start blocking Tor
Former Hostgator employee arrested, charged with rooting 2,700 servers
Aurich Lawson A former employee of Hostgator has been arrested and charged with installing a backdoor that gave him almost unfettered control over more than 2,700 servers belonging to the widely used Web hosting provider. Eric Gunnar Gisse, 29, of San Antonio, Texas, was charged with felony breach of computer security by the district attorney’s office of Harris County in Texas, according to court documents. He worked as a medium-level administrator from September 2011 until he was terminated on February 15, 2012, according to prosecutors and a company executive. A day after his dismissal, Hostgator officials discovered a backdoor application that allowed Gisse to log in to servers from remote locations, including a computer located at the Hetzner Data Center in Nuremberg, Germany. He took pains to disguise his malware as a widely used Unix administration tool to prevent his superiors from discovering the backdoor process, prosecutors said. “The process was named ‘pcre’, a common system file, in order to disguise the true purpose of the process which would grant an attacker unauthorized access into Hostgator’s computer network,” a Houston Police Department investigator and the document’s “affiant,” Gordon M. Garrett, wrote in an affidavit. “Complainant told affiant he searched Hostgator’s computer network and found the unauthorized ‘pcre’ process installed on 2723 different Hostgator servers within the computer network.” Read 7 remaining paragraphs | Comments
Link:
Former Hostgator employee arrested, charged with rooting 2,700 servers
Google to acquire Provo, Utah’s fiber, transform it into Google Fiber
Less than 10 days after announcing that Austin will be Google Fiber’s second city (Kansas City, KS and MO, and surrounding small towns qualified as Google’s first), the company announced suddenly that Provo, Utah will become the “third Google Fiber City.” Interestingly, Google isn’t laying its own fiber this time, but rather purchasing an existing network. “In order to bring Fiber to Provo, we’ve signed an agreement to purchase iProvo, an existing fiber-optic network owned by the city,” the company wrote in a blog post . “As a part of the acquisition, we would commit to upgrade the network to gigabit technology and finish network construction so that every home along the existing iProvo network would have the opportunity to connect to Google Fiber. Our agreement with Provo isn’t approved yet—it’s pending a vote by the City Council scheduled for next Tuesday, April 23. We intend to begin the network upgrades as soon as the closing conditions are satisfied and the deal is closed.” Read 2 remaining paragraphs | Comments
Follow this link:
Google to acquire Provo, Utah’s fiber, transform it into Google Fiber
ColdFusion hack used to steal hosting provider’s customer data
A vulnerability in the ColdFusion Web server platform, reported by Adobe less than a week ago, has apparently been in the wild for almost a month and has allowed the hacking of at least one company website, exposing customer data. Yesterday, it was revealed that the virtual server hosting company Linode had been the victim of a multi-day breach that allowed hackers to gain access to customer records. The breach was made possible by a vulnerability in Adobe’s ColdFusion server platform that could, according to Adobe, “be exploited to impersonate an authenticated user.” A patch had been issued for the vulnerability on April 9 and was rated as priority “2” and “important.” Those ratings placed it at a step down from the most critical, indicating that there were no known exploits at the time the patch was issued but that data was at risk. Adobe credited “an anonymous security researcher,” with discovering the vulnerability. But according to IRC conversation including one of the alleged hackers of the site, Linode’s site had been compromised for weeks before its discovery. That revelation leaves open the possibility that other ColdFusion sites have been compromised as hackers sought out targets to use the exploit on. Read 5 remaining paragraphs | Comments
Read the original post:
ColdFusion hack used to steal hosting provider’s customer data