Category Archives: Cyber Intelligence

02/3/13

Offensive Cyber Capabilities

Companies Need Offensive Cyber Capabilities

gAtO hEaR - about banks seek U.S Help on Iran Cyberattack’s. We hear about cyber attacks in the financial sector, the oil and energy sectors, then Leon Panetta warned perpetrators to cease hacking the US while we have all kinds of sanctions against Iran -/ this is insanity. Your telling unknown hackers (we suspected Iran) to  just stop, or what. What can we do to prevent them from launching cyber attacks against America.

So Iran has only 3 NAT-access points and 1 submarine cable (Al-Faw, Iraq submarine cable)

 

Then you have all these security people putting up defenses without building a firewall so bad-ass that they cannot do business. If we keep building these defenses it will get to a point where it defeats the purpose of the Internet. So what is the logical next move, offensive cyber weapons and capabilities. We can find these attacks and pinpoint the IP of where they are coming from then all we need is offensive tools to find them and do a seal-team 6 extraction of something like that and get the word out that we will find you and hunt you down.

One little hacker can keep a bank tied up for days in the middle of the desert. They could go after our traffic system, our rail system we know that SCADA is so messed up and in some cases open with defaults passwords. So we beat our chest like some mad gorilla and hope to scare these hackers.

My friends we must take initiative and find ways to counter these attacks no more just defense and I don’t mean a Ddos attack that can be circumvented. We need to plant Bot-nets on these people’s machines and monitor them and if we have to go physical and bring them to justice. Forget about Iran and let’s just talk about Chinese hacker attacks of our intellectual property. They just denied it and go about planning the next attack. We seen Skynet were thousands of computers were given a disk wipe and the blue screen of death. Why don’t we do the same to these hackers going after our infrastructure.

We must change our tactics and be a little more aggressive and become real cyber warriors not just defenders but attacking them and destroying their machines, their servers and routers. How about we just monitor the 1 submarine cable and 3 access points in Iran that should lead us to some of these people. The US monitors our own people then we stand by and allow other hostile countries to go and hack us. This is cyber insanity - gAtO OuT

 

Share on TumblrSubmit to StumbleUponhttp://www.alliancedatacom.com/images/cw-world-map-large.gifDigg ThisSubmit to reddit
01/25/13

Is the TorProject protecting Pedos?

Update: 01-26-2013 – It seems that the TorProject.org is now threatening poor little gAtO because I voiced my opinions and disagree and question their practice of protecting pedophiles. So the TorProject that say’s they support “Freedom of Speech” now is trying to used it POWER to abuse people who disagree with them. This shows to me that I am very closed to the truth. Why would they be offended and why would they threaten a disable veteran that is only trying to help children by questioning it’s practice of supporting pedophiles in TOR.

This ABUSE of power upon the weak is what the TOR-Project claims it is trying to protect. This is the same tactics that corporations, governments that feel entitled think they can silence “Freedom of Speech” – Well Mr. Andrew Lewman of TorProject anytime, anyplace little boy. You are a coward to hide behind the Tor-Project and think you can get away with your abuse, your threats, your intimidation. gAtO is Ready- Fire at will.- hit me with your best shot.

  • I DO NOT FORGIVE
  • I DO NOT FORGET
  • YOU SHOULD OF EXPECTED gAtO

gAtO hAs his ClAw’s oUt psssss- I have been working on a project to fight pedo website in the Tor-onion network – (The Dark Web- the underweb) what ever you want to call it. We all know that Pedophiles as well as other criminals are hiding their websites inside -Tor-hidden service. So I contacted one of the torproject people – we will call him Andrew.

When I told them that I was working on getting rid of Pedo websites in Tor and I asked “why they just don’t delete these URL from the directory”, he told me:cyber_speech

“It’s so toxic, most law enforcement cannot touch it either. You should report these links to

http://missingkids.com/“>http://missingkids.com at a minimum. See

https://www.torproject.org/docs/faq-abuse.html.en#RemoveContent for the longer explanation.”

\—The Missing Kids network cannot do anything about websites in the Tor-network –hidden service.—/

This made me sick from the TorProject site -We refuse to weaken Tor because it would harm efforts to combat child abuse and human trafficking in the physical world, while removing safe spaces for victims online. – SAY WHAT!!! – Here we are we know the URL of PedoBear and hundreds of Pedo site in the Dark Web and they keep the real directory of all sites in the 10 Authority servers – they could just go and delete these known Pedo websites and then they would have to generate another URL and re-advertise and get back the customer base.

“Hay Anonymous we need your help”

You ever wonder why everyone vilifies the dark web (Tor) this is the reason why, get a clue TorProject.

That is a lot of work for these monsters – We in the cyber security field know all this and if we can get together and help we could help these children and protect them from these cowards. No, No the Torproject is so arrogant and delusional that they make these statements on their website and – well that’s all I have to do. - gAtO don’t get it.

I respect the efforts of the TorProject and what they do to help “freedom of Speech in cyberspace” this is my core belief, but to claim to help child abuse by leaving these sick website online. – That is madness – I cannot believe that Roger and Jacob worked as hard as they did to build such a great tools that is saving lives but when it comes to children they turn a blind eye.

I hope they see this post and think of the millions of children that suffer because they choose to do nothing. I hope they sleep well at nights knowing that pedophiles are loving their Tor-hidden service where they can do whatever they want with children and get away with it.

Shame on you TorProject – all I can say is that gAtO will work hard to find and destroy these websites.

 - we have rules and pedophiles have no rules -not on my watch

I know behind the Tor-hidden service is just a basic website with the normal vulnerabilities and from my research some of these use old web apps that are vulnerable. So be warned gAtO  is a gray hat and I’m hunting you. I will find you and exposed you, I will expose your family,  I will shame you, I will send you to jail in what ever country your in, were I hope they treat you like you treated these helpless children.

TorProject I expected more from you, I expected you to have a heart and help these helpless children- gAtO oUT

 

Share on TumblrSubmit to StumbleUponhttp://uscyberlabs.com/blog/wp-content/uploads/2013/01/cyber_speech.jpgDigg ThisSubmit to reddit
01/19/13

Government Spying on everyone -Thanks Microsoft

gAtO lEaRnOn 01-01-213 we hear that Microsoft buys Skype and makes changes to allow Police surveillance. Then on 01-07-2013 we hear that a professor at the Warsaw University of Technology, Wojciech Mazurczyk, found a way to insert secret 70 bits of data and add secret information similar to steganography.spy-spy

Lawful Intercept is what it’s called and we just heard punch – counter-punch from the government. I just posted about corporations and governments using offensive cyber weapons to fight crime, but this looks like just plain old spying on citizens like China, Iraq and Syria does. Skype is owned by Microsoft and we know that Word and other products have back doors for them to snoop and governments to use in criminal cases. I guess they do it the proper way and get a real FISA document to monitor us it’s citizens.

mEoW 12-30-2012 our re-elected President Obama signs FISA Warrantless Wiretapping Program. STOP – SAY WHAT. mEoW – Forget about gun control how about the privacy of citizens, are we becoming like China, Iraq and Syria the more I find out about this the crazier it becomes. I hate Skypes but now finding this out NO WAY DUDE-

I did a little digging and I found a document from the Straford hack from the LutzBoat crew and this has been on the play board for a long time. More and more governments that play nice with the America and Microsoft will have to live with the fact that they are spying on us, the people. I voted for Obama but I’m pretty sure any president would want to be able to justify this abuse of power to monitor it’s citizens, what get’s me is we scream and yell when other countries do it but here we are doing to ourselves and nobody is talking about this- Hay press wake up. I have nothing to hide but if you do you have been warned – enjoy your government spying on you behind your back - gAtO oUt

Lab Notes:

IT security continues to be the greatest challenge facing government CIOs worldwide. Most experts agree that governments require stronger partnerships between the public and private sectors for both better protection of government IT systems from intruders and for greater visibility into operators’ network traffic to fight crime. However, government systems and intelligence activities constitute a very sensitive information environment. Governments must proceed with caution when forming technology partnerships for hardening their IT network security. Melissa E. Hathaway, who in February 2009 was named to be the Obama Administration’s top cyber security official, points out how

Lawful Intercept

Challenge

Criminals, predators and hackers now use chats, blogs, webmail and Internet applications such as online gaming and file-sharing sites to hide their communications.

Solution

Qosmos provides law enforcement agencies with a powerful solution to identify a target using multiple virtual IDs and intercept all related IP- based communications. Any trigger, such as a “user login = target” initiates intercept of all IP traffic related to the “target.”

Example of recognized applications and protocols

VoIP Email (POP, SMTP)

Webmail (Gmail, Hotmail, Live Mail, SquirrelMail, Yahoo mail, etc.)

Instant Messaging (Aim, SNM, Skype, Yahoo, Google Talk, QQ, Maktoob, Paltalk, etc.)

Online games (World of Warcraft)

Online classified ads

Audio/Video (H.323, SIP, MGCP, RTP, RTCP, MMSE, RTSP, SHOUTcast, Yahoo Video,

MSN Video, SCCP, etc.)

Web applications (Dailymotion, Google, eBay, Google Earth, HTTP, MySpace, Wikipedia,

YouTube, etc.)

Example of information extracted

Caller, phone number, called party, duration of call

Webmail login, email address, sender, receiver, subject matter, attached documents

Instant messaging sender, receiver, contact lists and status

Forum login, IP address, MAC address, mobile ID (IMSI, IMEI)

Protocols identified even for unidirectional traffic (e.g. email by satellite).

http://www.huffingtonpost.com/2012/12/30/obama-fisa-warrantless-wiretapping_n_2385690.html

http://enterprise-call-recording.tmcnet.com/topics/enterprise-call-recording/articles/321789-sounds-silence-skype-hold-more-than-expected-thanks.htm

http://www.ronpaulforums.com/showthread.php?399961-Microsoft-Buys-Skype-Makes-Changes-to-Allow-Police-Surveillance

Share on TumblrSubmit to StumbleUponhttp://uscyberlabs.com/blog/wp-content/uploads/2013/01/spy-spy.jpgDigg ThisSubmit to reddit
01/17/13

PEDO’s gAtO is Hunting YOU!

gAtO hAs - been meeting some very good people that have the ugly dirty job of going after pedophiles and gATO is sicken that this problem is becoming so big. I like most people hear of these sick wackos and my skin crawls but I am guilty of not doing anything to stop this. In my research into the Tor’s Dark Web I found so much ugly Pedo stuff but I always said to myself this is some else job but it’s not.

All cyber security professionals should work together to find and go after these sick bastards that haunt our children nightmare. When I first saw the “Pedo Bear Wiki” in Tor’s I was in shock at how they do business in plain site thinking that they are safe. This is also a big black eye for everyone because this does not just happen in Tor’s Dark Web but in the clear web were we all do work, and talk to friends. Facebook, Twitter is full of them, you may of added them as friends. In the normal Internet these people thrive and then they go into Tor and people start saying Oh well in Tor it’s all about these perverts. They give Tor a bad name because it works so well to mask you.

Be on Notice pedo’s that gATO has found ways to find you in the Tor-onion network. I can find the IP of your hidden-service website, I can also find your clients if your not careful. I am launching some Tor tools that I am developing that may allow me to find your IP and then your -geo location. I am working on some other offensive cyber tools to go after these Pedo Sites in the clear web and especially in Tor. So the hunt begins pedophiles you have been warned this coming year we will find you and destroy you then give the police a chance to lock you up for life. Yeah your safe in Tor, keep thinking that – gATO hunts for RaTz like yOu.

Share on TumblrSubmit to StumbleUponSave on DeliciousDigg ThisSubmit to reddit
01/12/13

MtGox scam attempt

gAtO FoUnD a – Cyber Crooks – a user with the nick ‘torstatusnet’ dropped by today posting false claims that the MtGox is now on the .onion network.

Finally MtGox network Tor! Dear friends MtGox site has finally an anonymous site on Tor network Now it is possible to make anonymous transactions in the world’s largest portfolio of bitcoins. I thought they would never join the Tor network, but announced on her website that the new site is in http://6xjgdqlmvesefnkp.onion/. It seems that the MtGox guarantee confidentiality, and I think that will become the major tool for exchanging bitcoins … Pass by there and check …

So here’s the thing (It’s clearly a scam), took 2 minutes to figure it out.
First of all there’s NO official info from MtGox that they have a onion url.
Second is the error message that shows when you enter any random data into the login.
It routes you to this error:

http://6xjgdqlmvesefnkp.onion.bd.to/login.php

The system has an error. Sorry for the inconvenience, we will try to fix it as soon as possible. Thank you.
If you look closely at the onion url it routes a clearnet domain.

The system has an error. Sorry for the inconvenience, we will try to fix it as soon as possible. Thank you.

<!-- Hosting24 Analytics Code -->
<script type="text/javascript" src="http://stats.hosting24.com/count.php"></script>
<!-- End Of Analytics Code -->

Also the clearnet domain contains the following:

http://6xjgdqlmvesefnkp.onion.bd.to/

Your website is up and running!

Share on TumblrSubmit to StumbleUponhttp://www.000webhost.com/images/index/php.gifDigg ThisSubmit to reddit
12/11/12

Tor Bot-Net – OLD news

gAtO bEeN- writing about Tor and the Bot-nets for a long time. I first saw this on the Tor Hacker boards in Mar of 2012. Some of the boys were asking about IRC Bots in Tor a natural fit. But come on a Zeus Bot-Net is easy as pie to setup in a hidden service. The fun thing is you don’t even need to run Tor on the zombie machine with a simple tor2web and we don’t need any stinking Tor Software to communicate with my C&C. https://otwxbdvje5ttplpv.tor2web.blutmagie.de check out my Tor site  “USCyberLabs.com in Tor” from a Tor2web service like http://torstatus.blutmagie.de

https://https://otwxbdvje5ttplpv.onion USCyberlabs in Tor -onion site

It’s such a big surprise but not really to anyone that plays in Tor like Pierluigi (http://securityaffairs.co/wordpress/  ) and myself but as cyber security people we understand that any technology like Tor will be used by bad actors. The issue I have is why don’t we White Hats use Tor in the same way.

If I have a critical DB for my customers why not send them to Tor to get the information. Why can’t regular business use Tor to do as the bad guys. Shield others from going after my BIG DATA. Store it in Tor and have people get it from Tor -// use Tor2Web // so no excuse that I have to run the Tor software on the client. Come on Business People think TOR and Cyber Security – It’s not that complicated and it’s proven crypto network technology — hide-scada-in-the-tor-network-hiding-in-plain-site

Now if you want to make it even more secure – A Secret Hidden Service in Tor – would make it impossible for anyone but my clients from even having access to my Website – You see with out the Secret Token – You can’t even see my Tor Server….

BitCoin Miners Bot-Nets are real HOT in Tor Land and why not–// I can run my Bitcoin Miner Server on my Tor Box so once again you have no way to find my Server and I can do all my Mining Free and anonymous  in Tor.

BitCoin Miners can even be done when you land on a web Page – YES I can have a Web Page on my site that when you go to it- You are Mining Bitcoins for me – No loading of Software to your computer and as long as you stay on my webPage your Mining for me. I can keep the miner hidden or I can tell you about it. It can be sued  like a Charity- a Bitcoin miner that mines Bitcoins for a cause –/can be setup. But criminals will use anything even Tor to make money.

gAtO will be setting up a WebPage on my site but I will let the users know that they are mining for me while they stay on that page and when they leave they are clean -// no Anti-Virus crap —// So I hope that you keep looking at Tor and solve Real world problems like business BIG DATA in Tor hidden service WebSite –safe and secure — what a concept -Safe and FREE and private legal business in Tor— gAtO OuT

Share on TumblrSubmit to StumbleUponSave on DeliciousDigg ThisSubmit to reddit
11/16/12

White Hat Bot-Nets

gAtO wAs - reading Bloomberg BusinessWeek “ The Hacker of Damascus” Karin a 31-year-old doctor had spent the previous months protesting against the government of Damascus, he refuse to give up his friends names.

Before the arrest-/ before the torture/- they found a simple vulnerability thru Skypes they also got into his hard drive and as Karin said they arrested his computers data first them him. So now we see the black hats, spammer, cyber criminal tricks against people from their own governments. Is this the way it’s going to happen, we see the news today about 2 ladies and their General boy toys and WOW -mEoW.

In Georgia detains ministry for using malware to access opposition leaders computers – This is just another example of governments using criminal cyber tactics to gain intelligence from it’s own people.

 

The Hacker of Damascus – http://www.businessweek.com/articles/2012-11-15/the-hackers-of-damascus  

Georgia detains Dozen Interior Ministry “Cyber Spies” http://www.brecorder.com/world/europe/91030-georgia-detains-dozen-interior-ministry-cyber-spies.html 

The other side of the cyber struggles in Syria is Anonymous and their role in all this: On the other side, the hacktivist group Anonymous has infiltrated at least 12 Syrian government websites, including that of the Ministry of Defense, and released millions of stolen e-mails.  

Cyberspace and it’s tools (weapons) like Facebook, Twitter – can be used by both sides  in this evolving landscape of digital warriors. That is why gATo is sadden by how basic normal Internet tools can become killers and liberators. I guess I see the fog of cyberwar thru gATO eYe’S we have only seen defensive cyber tools so far Suxnet and others are only the beginning and the new economies that had no choice but a digital path into their infrastructure need to look at their own security a wee bit more close. DId Huawei (China’s Telecom Giant accused of having backdoor ) sell you those Network infrastructure pieces at a very cheap price -(lowest bidder (or a no-bid)contract) -well guess who is watching you…

SCADA cyber controls security SUCKs = infrastructure things (energy/transportation/communication/water/air) = fix them NOW

Since no Cyber Bill has gone before congress -President Obama after a major election went and signed  a-

US secret CYber Law singed by Pres. Obama -Nov 15, 2012

Rather, the directive establishes principles and processes for the use of cyber operations so that cyber tools are integrated with the fully array of national security tools we have at our disposal. It provides a whole-of-government approach consistent with the values that we promote domestically and internationally as we have previously articulated in the International Strategy for Cyberspace.

This directive will establish principles and processes that can enable more effective planning, development, and use of our capabilities. It enables us to be flexible, while also exercising restraint in dealing with the threats we face. It continues to be our policy that we shall undertake the least action necessary to mitigate threats and that we will prioritize network defense and law enforcement as the preferred courses of action. The procedures outlined in this directive are consistent with the U.S. Constitution, including the President’s role as commander in chief, and other applicable law and policies. http://killerapps.foreignpolicy.com/posts/2012/11/14/the_white_houses_secret_cyber_order

So now even 31-year-old doctors need to worry what they do and who they talk to and WHAT they talk about -/ also- in Facebook, Skype or any other web-App-  By the way —>These basic vulnerabilities can be found and exploited in any web-app – So this person may of worked at the water plant – or the electric plant what could these White Hat Bots have obtained?? These little White Hat BotNets may go rouge or may be captured this is about virtual digital world with a click of a mouse I GOT YOU!!! -PWN

Will this become the standard? The good and bad guy’s do it NOW- plant a virus suck up your disk / then check it out – BUT “if you got nothing to hide” well it’s OK then — right - gAtO oUt

Share on TumblrSubmit to StumbleUponhttp://uscyberlabs.com/blog/wp-content/uploads/2012/11/black_bots_-300x168.jpgDigg ThisSubmit to reddit
11/13/12

CYber Investigation over General Patraeus

CYber Investigation over General Patraeus

gAtO rEaD – NO CRIME committed- that the investigation for the top CIA general was because someone sent an eMail that said” I saw you touching the Generals leg at Dinner -Stop It” Yeah so one lady said to another lady – STOP MESSING WITH MY MAN – Pow – ZAP they get a court order to go thru someones eMail.

So if we take this premise that Judges will sign -COURT ORDERS to search your emails and any other emails that link it because of a jealous lover. It looks to gAtO that they have to much POWER – or the FBI is gonna search everyones emails now – legally. Court Ordered

This should send shock waves thru our industry – everyone is now warned that anyone’s email can be open to LE anytime and just about for any reason. I trusted the system, I trusted the Judges but lack of a crime should of not happened. There was NO CRIME committed the investigation turned out. But it has now taken down the reputation of 2 generals. NO CRIME

Now these are 2 famous generals what chance do mere mortals have that our eMails are going to be court order to investigate why simply because they can now. This shows to me the lack of justice or the erosion of justice that is coming down the cyber pipelines. If this is now a wake up call for security professionals to wake up and smell the coffee. Your email will be next unless we support less government control of our digital rights.

Freedom of Speech in cyberspace is a right not a privilege -gAtO oUt

http://www.cbsnews.com/8301-18563_162-57548694/fbi-role-in-petraeus-investigation-questioned/

mEoW

Share on TumblrSubmit to StumbleUponSave on DeliciousDigg ThisSubmit to reddit
11/6/12

Dutch government to give law enforcement authorities the power to hack into computers. This also means hidden servers on tor

gAtO ThInK - It’s time to fight back and tighten the security!

The Dutch government wants to give law enforcement authorities the power to hack into computers, including those located in other countries, for the purpose of discovering and gathering evidence during cybercrime investigations.

The Dutch government wants to give law enforcement authorities the power to hack into computers, including those located in other countries, for the purpose of discovering and gathering evidence during cybercrime investigations.

In a letter that was sent to the lower house of the Dutch parliament on Monday, the Dutch Minister of Security and Justice Ivo Opstelten outlined the government’s plan to draft a bill in upcoming months that would provide law enforcement authorities with new investigative powers on the Internet.

According to the letter, the new legislation would allow cybercrime investigators to remotely infiltrate computers in order to install monitoring software or to search them for evidence. Investigators would also be allowed to destroy illegal content, like child pornography, found during such searches.

These investigative powers would not only cover computers located in the Netherlands, but also computers located in other countries, if the location of those computers cannot be determined.

However, if the investigators can establish that a computer of interest is located in a foreign country, they will have to ask for assistance from the authorities in that country.

In his proposal, Opstelten used a case in which investigators from the Dutch National Police infiltrated “hidden” Tor websites that hosted child pornography, as an example of a situation in which the geographical location of the computers couldn’t be determined.

The Tor network allows its users to set up so-called “hidden services” that are only accessible from within the network using special addresses. When accessing such a service, a user’s connection is routed through several random Tor nodes, which prevents him from determining the real Internet Protocol (IP) address of the server hosting the service.

The Dutch police investigation referenced by Opstelten in his letter took place in August 2011 and two of the infiltrated Tor websites were hosted on servers located in the U.S.

The new legislation will provide strict safeguards for the proposed investigative powers, Opstelten said. Law enforcement authorities will only be able to exercise such powers when investigating offenses that carry a maximum prison sentence of four years or more and only after obtaining authorization from a judge, he said. Furthermore, all such actions will be automatically logged and the logs will be accessible for later review.

Cybercrime is a serious problem that needs to be tackled, but the proposed measures are not the right ones and they pose a serious risk to cybersecurity, Ot van Daalen, the director of Dutch digital rights organization Bits of Freedom, said Friday.

First of all, allowing police investigators to hack computers in other countries might encourage other governments to introduce similar legislation, but not necessarily with the same limitations, van Daalen said. “This could escalate into a digital arms race.”

The proposed legislation would create an incentive for governments to keep software vulnerabilities secret because they would need to exploit those vulnerabilities to attack systems used by cybercriminals, van Daalen said.

There are already security companies and independent researchers that sell zero-day exploits — exploits for unpatched vulnerabilities — to governments instead of reporting the vulnerabilities to vendors. In addition, some governments have openly admitted to developing military cyberoffensive capabilities.

Van Daalen believes that expanding the potential use of such exploits by law enforcement agencies will help the zero-day exploit market grow, which in turn will result in fewer vulnerabilities being reported and patched.

Governments could also pressure vendors to delay fixing vulnerabilities, van Daalen said. An example of this was when the Dutch government convinced Microsoft to delay the blacklisting of the DigiNotar digital certificates on Windows computers in the Netherlands for a few days in order to allow the government to take measures, despite the fact that the issue represented a security risk for all Windows users in the country, he said.

“There’s no doubt that there’s already a growing (and disquieting) market in the for-fee disclosure and exploitation of vulnerabilities, and this proposal could certainly further legitimize it: the possible advantages in terms of action against criminals (leaving aside ethical objections) have to be balanced against the likely, deleterious effects on the community of Internet users as a whole,” said David Harley, a senior research fellow at antivirus vendor ESET, via email on Friday.

Harley agrees with van Daalen that the proposed legislation could have a global impact. “It’s not possible to guarantee that the effects of these measures will be restricted to criminal elements: if the proposal succeeds in its present form, collateral damage in terms of the application of monitoring and attack technologies could be worldwide,” he said.

“Is it really feasible to take this approach effectively without breaching the sovereignty of other states? Even if agreement could be reached with other states on international legislation, does this proposal take into account the quid pro quo of giving foreign agencies such sweeping rights of access to the systems of its own citizens?,” Harley asked. “It seems to me that there’s a parallel here with the fact that many in the U.S. seem quite happy with alleged cyberespionage and sabotage against Iran yet show surprise and discontent that those claims have been used as justification for similar action by other nations.” - gATO OuT

 

Share on TumblrSubmit to StumbleUponSave on DeliciousDigg ThisSubmit to reddit
11/4/12

FBI and Cyber-Security oxymoron

gAto rEaD -The FBI is planning to have a geek squad to look for the coders of Botnets -WRONG they should go after the Bot’s and c&c already online—

Kevin Mitnick discounted the FBI’s plans to build a “cadre of specially trained computer scientists able to extract hackers’ digital signatures from mountains of malicious code.” – Kevin knows that hackers trade code and pick / slice and dice functions and code in hacker sites.

gAtOmAlO sAy’s

Some sites train n00bs – newbies bot-masters to send them out-/ they get caught and the commercial ones the ones that learned and survived share the knowledge.

“The signal goes everywhere and so do I” -gAtOmAlO -

We can’t stop the knowledge and we can’t stop the coders new ones come and go everyday – new ones quit and new ones start. Code is a function and the same function can be written in so many different ways.

Crunch away FBI scientist while new FUD mask the next wave of Bot-nets with a simple variant of Zeus or SpyEye and you got a new Bank attempt. They are all free in the wild so anyone that wants the code get’s it Free…. check YouTube guy’s “How 2 Zeus”

If you want to go after the Bot-nets you work with the front lines ISP and system admins – If the FBI would only tap into the FREE information that is available from some of the best minds. Just ask us and we will help. I hear Penetta Scream “Cyber 9/11” come on –If we need cyber security people  just go on LinkedIn and pick and ASK US we will help in ways that you have no idea.

Crowd source problems into the web and see who comes up with a solution to a problems- we have so many new ways to use the masses of people in cyberspace and social media to help and protect not just our country but we can help any other country as we learn more about cyber security. We are your biggest problem and your biggest solution to the cyber security problem…

Sorry gATO’s dealing with the FBI and the lack of respect they give people that help them, makes me sick. But keep on- keeping on FBI -and the rest of the White Hats – don’t you see, open your eyes…where here to help -gATO OuT 

FBI cybersecurity shift draws skepticism from experts

Kevin Mitnick, the former hacker turned security consultant, is one who doubts focusing on criminals rather than attacks would slow them

http://www.csoonline.com/article/720331/fbi-cybersecurity-shift-draws-skepticism-from-experts

Share on TumblrSubmit to StumbleUponhttp://uscyberlabs.com/blog/wp-content/uploads/2011/07/security_gato_05.pngDigg ThisSubmit to reddit