Hacker Herald: July 2011

Wednesday, July 13, 2011

Meet the Hackers with a Cause - PCWorld

Hacker groups that attack or steal -- some estimates say there are as many as 6000 of such groups online with about 50,000 "bad actors" around the world drifting in and out of them -- are a threat, but the goals, methods, effectiveness of these groups varies widely.

security online networks hackers Malicious activity alert: Anonymous hack-school grads come online in 30 days

When they're angry, they hack into business and government systems to steal confidential data in order to expose information about their targets, or they simply disrupt them with denial-of-service attacks. These are the hackers with a cause, the "hacktivists" like the shadowy but well-publicized Anonymous or the short-lived Lulz Security group (which claimed to have just six members and just joined forces with Anonymous).

Over the years, Anonymous is believed to have hit targets that include the Church of Scientology, the Support Online Hip Hop website, the No Cussing Club website, and posted pornographic videos disguised as children's videos onto YouTube. It's said to have joined with Iranians protesting the results of the June 2009 Iranian presidential election. It's tied to taking down the Australian prime minister's website in 2009 because of the government's plans there to have ISPs censor porn on the Internet. Anonymous has taken up the cause of piracy activists fighting copyright law by launching denial-of-service attacks against anti-piracy groups and law firms. The group is supporting WikiLeaks, which publishes confidential information, including the U.S. State Department cables allegedly leaked by U.S. Army soldi hackers anonymous er Bradley Manning, now in a military jail awaiting trial.

Anonymous, perhaps tied to the Sony hacking incidents, has launched distributed DoS attacks against Amazon, PayPal, MasterCard, Visa and others when the card-payment groups refused to process donations to WikiLeaks. Anonymous has sprung into conflicts, such as this year's uprisings in the Mideast, hitting the websites of the Tunisian, Egyptian and Libyan governments. The group recently let the world know its chief focus these days is going to be targeting governments and corporations.

But hacktivists like Anonymous are just one type of hacker group. Others are out for financial gain, well-organized to steal payment-card numbers and personal financial data, or pillage bank accounts. And there are groups that focus on intellectual-property theft or steal valuable information for national interests, or money, or both.

Here's a look at what's known about some of them -- including the ones that unlike the hacktivists, seldom "Tweet" the world about what they do.

The Zeus gangs

The malware called ZeuS is designed to plunder victims' PCs to steal financial information and execute fraudulent high-dollar Automated Clearinghouse (ACH) transfers in corporate bank accounts, resulting in many millions of dollars in fraud against businesses, church groups and government agencies.

The Federal Bureau of investigation (FBI) and international law-enforcement partners in the United Kingdom, the Netherlands and the Ukraine managed to disrupt one of the six main ZeuS hacker groups last fall in a sweep that netted about 100 suspects tied to $70 million in U.S. bank heists. But the leader of what's called "JabberZeus" (because the specific variant of ZeuS used Jabber instant message to tell gang members when a victim's online banking credentials were stolen) is still believed to remain at large. And according to Don Jackson, senior security researcher at Dell SecureWorks. which has worked with business and the FBI, there are still five other separate ZeuS hacker groups very active across the world. These Zeus hacker groups have now been connected to "a billion dollars in losses," says Jackson.

Dogma Millions

This group, largely Russian, runs what's known as a "pay-per-install" operation to get victims to download malware they've designed and it's believed to have hundreds of "affiliates" that get paid when a malicious file is installed on a victim's machine. The group is known to have developed specialized software packers and protectors to ensure its malware, such as rootkits, which remain undetected by antivirus products.

The Chinese Hacker Puzzle

With a growing number of cyberattacks traced back to mainland China, there's a lot of interest in knowing about hacker groups there, with speculation there are many dozens of them. Security firm McAfee earlier this year released a report called "Night Dragon" which claimed hacker groups from China work regular hour shifts to try and break into oil companies to steal data.

security online networks hackers Over the years, the more famous China hacker groups have included Janker, founded by Wang Xianbing, and the Green Army Corps, founded by Gong Wei, according to researcher Scott Henderson, who runs the website Dark Visitor. Although there is no shortage of suspicion in the U.S. that Chinese hackers have at times worked for the Chinese government to steal secrets from U.S.-based businesses and the government, there are also times when Chinese authorities have taken steps to shut down hacker groups. For instance, reports said police last year in Hubei province went after hacker group "Black Hawk Safety Net" and its website that was providing Trojan-based malware.

Over the years, others such as the Network Crack Program Hacker Group based out of Zigong have been identified. The group used a rootkit called GinWui in attacks on the U.S. Department of Defense, other U.S. agencies and Japan about five years ago. GinWui is thought to have been developed by the group's leader, Tan Dailin, who has used the handle "Wicked Rose" and later "Withered Rose."

The Network Crack Program Hacker Group is believed to have transmitted a large amount of documents to China from the U.S. But when Dailin launched denial-of-service attacks against other Chinese hacker groups, including Hackbase, 3800hk and HackerXfiles, these hacker groups went to Chinese authorities, which arrested Dailin in 2009. He now faces over seven years in prison.

Hackers in the News: Inj3ct0r Team

Some hacker groups, particularly the hacktivists, are inclined to make their exploits public by announcing them online in some way or dumping contents they've stolen as proof of their prowess. This week a group called "Inj3ct0r Team" claimed they'd compromised a server belonging to the North Atlantic Treaty Organization (NATO).

When contacted by IDG, the group said the files were a "server backup, confidential data."

According to IDG, "inside the files was a notepad document dated July 3 that said: "NATO lamers! I've been watching you day and night since then! W00t! Your Machines rooted! Servers restored to default! what else! [Expletive deleted] you and your crimes! And soon enough all your stupid ideas will be published on WikiLeaks!"One industry source asked about Inj3ct0r Team says it started as one individual who began finding vulnerabilities in websites and publicizing them, who then attracted a following.

Hacker groups have a long history. The predecessors to today's had names like "The Legion of Doom" and "Masters of Deception" and in the 1980's they mainly struck phone networks, where "they did a lot of damage," says Dell SecureWorks researcher Jackson. Today's groups, he adds, are more "self-mobilizing, they drop in and drop out," and the big groups "always have a mastermind of two."

Read more about wide area network in Network World's Wide Area Network section.

View the original article here

Hack allows non-developers to get Mango now - Zunited

Hackers were able to port Mango to an older Windows Mobile device, but we’re guessing this may be of interest to much more people: if you’re using a Windows Phone device with NoDo, a new hack allows you to get Mango now rather than wait for Fall — without having to be a registered developer.

“A little birdie” gave Windows Phone Hacker the coveted solution to updating your Windows Phone device earlier than anyone else. You must have the Windows Phone Support Tool installed, and you must be running NoDo as mentioned previously, then run the UpdateWP.exe file that will allow you to receive beta updates, fire up the Zune software and Mango should be waiting for you.

Of course, there are other steps you should be aware of, like having to backup your phone; you can find everything, including the file, by visiting Windows Phone Hacker. And as always, proceed with caution, though the comments indicate this has been working for basically everyone that tries it out. Remember: Mango is a beta and isn’t meant for everyday use.

Thanks to Allen on Facebook, I don’t know how we missed this.
Image Credit: Windows Phone Hacker

View the original article here

Kiplinger Warns Customers Hackers Got Account Information - Bloomberg

Kiplinger Washington Editors Inc., the publisher of Kiplinger’s Personal Finance, warned customers that hackers breached its computer network at least as early as June 25 and stole account data, including credit card numbers.

Doug Harbrecht, the company’s director of new media, said the attackers stole user names, passwords and encrypted credit card numbers from as many as 142,000 subscribers to the magazine or the company’s various newsletters, including the Kiplinger Letter.

Harbrecht said the two-week delay in notifying customers resulted from efforts to understand the extent of the break-in by “an unidentified third party,” as the Kiplinger website described the intruders. He said the company notified the Federal Bureau of Investigation and is working with the agency on a probe of the incident.

“Part of the problem is we still don’t know exactly what the hackers got,” Harbrecht said in a phone interview. An e- mail sent to Kiplinger customers said the hacker may have accessed e-mail addresses as well as other personal information.

“We had to find out as much information as possible before we could respond,” Harbrecht said.

The attack against the personal finance publisher is the latest in a growing cyber crime-wave that has victimized companies including Lockheed Martin Corp., Citigroup Inc., Sony Corp. and the television network PBS.

In some cases, the cyber-thieves have taken financial information that could be used in fraud. In others, like the hack of e-mail marketing company Epsilon Data Management LLC., they gained access to millions of customer e-mail addresses that security experts warned could be used for identity theft.

Harbrecht said Kiplinger believes the risk of identity theft is small because of the limited information accessed by the intruder. The type of data that he said was apparently stolen by the intruder, including e-mail addresses and contact information such as telephone numbers or addresses, is sometimes used in so-called phishing scams to gain more valuable data or for identity theft.

While the credit-card numbers were encrypted, Harbrecht said that encryption in rare cases can be broken. Kiplinger is advising customers to call their banks and replace the card numbers, he said.

“We think the risk level is minimal,” Harbrecht said. “We just want people to know we got hacked.”

To contact the reporter on this story: Michael Riley in Washington at michaelriley@bloomberg.net

To contact the editor responsible for this story: Michael Hytha at mhytha@bloomberg.net

View the original article here

Hackers hit Washington Post, expose 1.2 million accounts - Christian Science Monitor

An unknown group of hackers hit the jobs section of the Washington Post website last week, making away with the personal information of more than 1.2 million users. In a FAQ posted this afternoon, reps for the Post sought to play down the extent of the hack, assuring users that the worst that they will probably weather is a series of spam emails, which should obviously be ignored (the spam emails, not the FAQ).

Skip to next paragraph

"[Y]ou should be aware that you may receive some unsolicited e-mail (spam) as a result of this incident," Post exec Beth Diaz wrote in a letter to users. "As a general matter, you should always avoid opening suspicious or unsolicited e-mail, never respond to or click any links in spam, and avoid providing personal or financial information in an e-mail – especially credit card information, bank account information, passwords, and ID numbers."

Still, this isn't particularly great news for the Post, or for other newspapers, which typically require online readers to fork over a small amount of personal information – usually an email address and name, and sometimes more – before registering on the site. Readers like to trust that that personal information will be kept safe, not left exposed to marauding groups of hackers, whomever those marauding groups of hackers may be.

Speaking of which: Is it possible, as Kyle Wagner coyly hints over at Gizmodo, that the Washington Post attack could be the work of Anonymous or any of the other members of the AntiSec campaign? Horizons readers will remember that Anonymous has been very active in recent weeks, hitting the online home of the Arizona Police Department, among other targets.

Answer: Sure, it's possible that Anonymous is behind the attack. It fits the bill for AntiSec, which has typically targeted large governmental and media outposts. But then again, no one has yet claimed credit for the attack, and claiming credit is something that Anonymous likes to do. Stay tuned for more.

View the original article here

Motorola's Latest Phone Comes as No Friend to Hackers - Wired News

Motorola's Droid 3 debuted on Thursday, though phone modification enthusiasts aren't happy with its locked-down software. (Photo courtesy Motorola)

For phone modification junkies, the Android software platform comes with a host of mod-friendly features. It’s too bad, then, that Motorola’s latest Android phone lacks all of them.

Motorola’s Droid 3 features a locked boot loader, which is a program that loads the operating system software on every smartphone when it’s turned on. The company said it planned to change the policy this year.

The news first came from a Motorola support forums representative.

“As we’ve communicated, we plan to enable the unlockable-relockable boot loader in future software releases, starting in late 2011, where channel and operator partners will allow it,” said a Motorola spokesperson in a statement provided to Wired.com. “Droid 3 is not built on a software version that includes this feature.”

Locking down the boot loader is a big pain for those who want to modify their Android phone operating systems. Essentially, it drastically limits the extent of modification and customization you can accomplish on your phone. If you wanted to install a particularly popular piece of modding software like, say, CyanogenMod — a very popular custom Android build that optimizes a phone’s hardware performance and adds a number of nifty flourishes — with a locked boot loader, you’re out of luck.

In today’s smartphone landscape, handset manufacturers face pressure from wireless carriers like Verizon and AT&T to lock down phone boot loaders. This is done especially to prohibit the potential installation of software used to do things that carriers don’t want you doing, like, say, capture licensed streaming content. There’s also software available that lets you tether your phone to your computer — providing it with an internet connection for free — a feature for which wireless companies normally charge users. Bypassing that charge means cutting into a carrier’s bottom line.

Motorola doesn’t want to deal with the tech support nightmare that widespread phone hacks entail. “If you brick your phone messing with it” — which basically means rendering the device useless, like an electronic “brick,” as it were — “we don’t want to have to fix it under warranty,” a Motorola representative wrote in a message board post.

Because of all this, hacker-unfriendly phones aren’t uncommon. Motorola’s Atrix debuted with a locked boot loader, as have many of the company’s phones since the release of the Droid 2. Motorola’s upcoming Photon 4G smartphone will also be locked down.

Android modification junkies aren’t happy about Motorola’s decisions. In March, one Motorola smartphone owner started an online petition, asking others who don’t agree with the company’s locked boot loader decisions to sign and bring up the issue on Moto’s Facebook page. As of this post’s publishing time, the petition has over 10,000 signatures.

Given the hardware specs on the Droid 3, it’s especially disappointing for hackers to see the phone debut as mod-unfriendly. The Droid 3 has a beefy dual-core 1GHz processor under the hood, which, when used in conjunction with modding software, can be overclocked to faster speeds.

The future isn’t entirely grim for phone hackers. Motorola continually promises a change in locked boot loader policy come late 2011, and other companies like Sony Ericsson have even begun to court the modding community, providing a detailed list of instructions on how to unlock the company’s phones.

It seems as if the predominant feeling is “we’ll believe it when we see it.”

“There’s not a single reason to believe that Motorola has truly changed their views,” wrote an angry Motorola message board user in a post. “We’re not saying you have to unlock all our devices now, but a little sign of good faith would be much appreciated.”

Mike is a Wired.com staff writer covering Google and the mobile beat. He's written on a number of different tech topics, from startups to social media. Check out his Google+ profile here.
Follow @mj_isaac and @GadgetLab on Twitter.

View the original article here

Arizona DPS hacker damage is spreading - Arizona Republic

by JJ Hensley - Jul. 9, 2011 12:00 AM
The Arizona Republic

The damage from hackers who gained access to Arizona Department of Public Safety employee e-mails seems to have spread exponentially in the two weeks since the breach was discovered.

First, the hackers published the content of seven DPS employees' e-mails, and days later another group shared what its members found in the personal e-mail accounts of 11 DPS employees. Then, last week the group defaced Fraternal Order of Police websites around the state, posting online the user names and passwords for hundreds of officers and promising to release information on more than 1,000 other officers.

Investigators have determined that the hackers gained access to the DPS e-mails through information they gleaned by hacking into the websites of outside labor groups, DPS Director Robert Halliday said.

Regardless of where the security lapse originated, Halliday said, the scare has served as a wake-up call to DPS administrators in charge of computer security at the state's police agency. Halliday spoke this week to The Arizona Republic about the episode.

Question: What have you been able to piece together in the past two weeks about what took place?

Answer: I think they wanted people to know that they hacked into the Department of Public Safety. The reality is they came in through e-mails of personal accounts they got through labor groups. In our organization, we became somewhat complacent about our system and the security of it. We have people with passwords of 12345 and use them for every password in the world.

Q: Have you found that the hackers tried to access criminal-justice information?

A: We have not been made aware of that at this point, but there are people and organizations trying to hack into our site every day. That's not what this is about. . . . The most important thing that they got, I think - above any information bulletins, intelligence bulletins, operations plans - they got the names and addresses of our officers, and that concerned me the most.

Q: Have you gotten any reports of officers being threatened?

A: One time. We had an officer that was called. His wife is the one that answered the phone, there was some very abusive, vulgar language used, to include, "You might see a bomb show up." We immediately sent a team to his location. All of the people who were victims of this intrusion, we immediately contacted them and tried to make sure that everybody was aware of what was going on. To my knowledge, we've only had one person who was actually called and threatened with the possibility of a bomb.

Q: Where are you in terms of the criminal investigation?

A: I'm not at liberty to talk about that. There is an ongoing investigation of this system. We've asked for help from the federal side, we've asked for help from the industry side, we've asked for a lot of help to discern how we can make this thing better. My hope is that the ongoing investigation would, at some point in time, avail itself of the perpetrators and drag them into court and hopefully get some deterrent factor out of this.

Q: What steps are you taking internally to ensure a similar attack doesn't happen again?

A: We were in the process of migrating all of our folks over to a system with stronger passwords, and that was about two-thirds of the way done. When this popped up, there were about 100 people who had not come over. I shut them out at that point. If they want to get back in our system, which we encourage them to do, they've got to come and get their strong password. You've got that First Amendment right that you're always looking at. You can't tell somebody what they can and can't do with their personal e-mail accounts, but I think we can say, "If you're not going to abide by our policies and procedures, then we're not going to allow you to have access to our system and we'll have to get the information to you like we did 30 years ago."

Q: Some of the private-account e-mails contained information that officers thought would never see the light of day, including comments about supervisors and personnel at DPS and in other organizations. If your investigation requires you to look on their personal computers, how are you handling that?

A: That's already occurred. There were some things that were brought up in regards to people in the organization, but I don't really look at that with a jaundiced eye, frankly. People have comments. I'll share things with people that I trust. Those are the kinds of things that pop up. The last thing you want to do is hand your computer over to someone who's going to see you call them a jerk or whatever. To me that's just normal. There's nothing I would want to do about that. The other side of that is we explain to them (that) all we're looking at is the things that came into your computer.

Q: Do you have any sense yet on costs associated with security upgrades?

A: We haven't. You look at the system . . . I wouldn't put that real high on the list. But now I have a different perspective about that. I think everything that falls short of our officer safety and personnel safety becomes a priority.

Q: Why haven't you been able to say more about the security breach?

A: It's real simple: There's a criminal investigation going on. When we have a criminal investigation in any arena, we're pretty closed-mouth about any specifics. The last thing I want to do is put something out that's going to impinge on any investigation or give them information on how to divert off of something that's critical to investigation or prosecution.

View the original article here

Lebanese hacker targets Damascus University - The Daily Star

BEIRUT: A Lebanese hacker has targeted the website of Damascus University and posted information and a message saying more government and Syrian education websites will be hacked.

On Sunday afternoon, the hacker wrote on Twitter under the handle idahc_hacker, “Damascusuniversity.edu.sy OWNED,” with a link to a website where he had posted information from the university’s website.

“A message for the dictator Bashar Assad: we will hack many other gov.sy and edu.sy,” he wrote on http://pastebin.com/mhumVcd7.

The usability of the Damascus University website did not appear to be directly affected by the attack.

The hacker, who says he is an 18-year-old computer science student and describes himself as a “Lebanese gray hat hacker” on his Twitter biography, is one of several hackers who have recently targeted Sony in a high-profile campaign, along with the group Anonymous, and the now-disbanded LulzSec group.

The term “gray hat” is used to indicate a hacker who hacks without malicious intent, instead intending to, for instance, highlight a company’s security problems. In a recent interview with Forbes magazine, Idahc said he acted for “moral reasons” during his hacking, and his attacks were intended as a way to “help Sony” with their security vulnerabilities.

The message to Assad therefore marks a slightly more menacing turn for the young hacker, who has expressed disapproval of the work of LulzSec and Anonymous, who have revealed sensitive information of the companies they hack and, in LulzSec’s case, targeted the FBI.

Azzam Mourad, an assistant professor of computer science at Lebanese American University said the type of hack Idahc used could not be used to modify websites.

“It’s really just a message,” Mourad said. “It’s a dumping of information.”

However, he added, it was possible that such methods could be used to damage or to reveal sensitive information should Idahc go on to attack government websites. “At later periods, maybe he could attack the information. If he kept trying,” he said.

View the original article here

Tuesday, July 12, 2011

Rupert Murdoch set for UK as Rebekah Brooks blames 'betrayal' by hackers - Herald Scotland

REBEKAH Brooks, News International’s chief executive, last night claimed she had been “betrayed” by the News of the World phone hackers as her boss Rupert Murdoch announced he will fly into the UK today to deal with the growing crisis.

The former editor of the tabloid newspaper revealed her anger in a meeting with staff who will lose their jobs after the last edition is published tomorrow.

Ms Brooks, who is expected to hold crisis meetings with Mr Murdoch today, told workers: “I’m just as sorry as you are that people we trusted let us down, and that’s the case. If being betrayed is a resignation issue then maybe I’ve read it wrong, but I think I’m much more useful leading this company through this.”

She hinted that further revelations were to come in the hacking scandal and they would understand “in a year” why Britain’s biggest-selling Sunday newspaper had to close.

It came as the Crown Office called on Strathclyde Police to examine claims of phone hacking in Scotland, which could involve up to 1000 News of the World victims.

At News International’s London headquarters, Ms Brooks told staff the newspaper was forced out of business because advertisers saw the brand as toxic. She told staff she had “visibility” on revelations to come and “in a year you will understand why this decision was taken”.

However, James Murdoch, the company’s chairman, has stripped Ms Brooks of her role leading its internal investigation, which will now be done by other senior managers.

Last night, News International denied reports a senior executive had shredded “massive quantities” of emails.

Meanwhile, Andy Coulson, 43, the former News of The World editor, was released from police custody after being arrested nine hours earlier over allegations of phone hacking and payments to police officers.

Prime Minister David Cameron’s ex-director of communications left Lewisham police station, in south-east London, on bail amid a media scrum, saying: “There is an awful lot I would like to say but I can’t at this time.”

Clive Goodman, 53, the former News of the World royal editor, who was jailed over the scandal, was also arrested and bailed over alleged police bribery.

A 63-year-old man was last night arrested and is being held on suspicion of corruption.

It was claimed yesterday a News International executive deleted a huge number of emails from an archive believed to contain evidence crucial to the police’s phone hacking inquiry.

The file is believed to stretch back to 1995 and includes details of correspondence between News of the World staff and freelance workers, including private investigators.

A source close to the Metropolitan Police inquiry was reported as saying “massive quantities” of emails were related from the archive on two occasions.

Investigators are believed to know who is responsible for the deletions after following an electronic paper trail and the Crown Prosecution Service is understood to be deciding whether to charge the executive with perverting the course of justice.

A News International spokeswoman said: “This assertion is rubbish. We adopted a documented email retention policy in line with our US parent’s records management policy. We are co-operating actively with police and have not destroyed evidence.”

After, Ed Miliband, the Labour leader, again denounced the Prime Minister for an “appalling error of judgment” in appointing Mr Coulson. Mr Cameron refused to apologise but said he took “full responsibility” for the appointment.

Making clear he wanted to give his “friend” a “second chance”. The Prime Minister admitted it had not worked out because of the relentless attention on his spin doctor.

Mr Cameron said he had had background checks done on Mr Coulson but when pressed about warnings allegedly given to him by editors, the Prime Minister said he could not recall them.

Later, a No 10 source denied Mr Cameron was warned directly about Mr Coulson. There had been a telephone conversation in November 2009 between Alan Rusbridger, editor of The Guardian, and Steve Hilton, the PM’s aide, but “nothing specific” was mentioned in relation to the ex-tabloid editor and “nothing was passed on” to the PM.

Mr Cameron told journalists he wanted to “get to the bottom” of the phone hacking scandal and agreed a judge should lead the public inquiry.

Ian Bell: Page 15

Leader comment: Page 16

Letters special: Page 16

View the original article here

NUTS: Hackers Target Government, Apple and Samsung Continue Battle - Forbes (blog)

Jul. 10 2011 - 6:14 am | 1,096 views | 0 recommendations |

Hackers continued their wave of attacks, targeting several politicians including President Obama, while Apple attempts to put a stop to Samsung’s sales in the U.S.

News Under the Sun is a weekly column rounding up all the events on in the mobile industry. Want the news but don’t want it every day? Subscribe to our weekly Facebook or Twitter page.

Hackers Shift to Political Figures

Hacker group “Script Kiddies” gained access to the Twitter account of Fox News and posted a fake message about the assassination of President Obama. White House officials quickly assured the nation of the president’s safety.

Meanwhile, hacktivist group Anonymous targeted Orlando Mayor Buddy Dyer by posting photos of a Guy Fawkes mask hanging outside his home, as well as a photoshopped image of two headless police officers. The threats accompanied attacks on the city’s police websites.

Anonymous is proclaiming its disapproval with Orlando’s new policy against feeding the homeless without a license.

Besides political targets, AntiSec, a mix of Anonymous and former LulzSec hackers, broke into an Apple server and collected 26 administrative usernames and passwords. The group claims to have gained entry through a security flaw in third-party software.

The recent spate of attacks prompted European officials to form the International Cyber-Security Protection Alliance, or ICSPA, in an effort to protect organizations against future attacks.

On a positive note, Sony re-launched its PlayStation Network and Qriocity music services in Japan after an 11-week blackout. Nearly 100 million accounts were compromised due to the attacks in April.

Apple Versus Samsung: The Saga Continues

Apple filed a complaint with the International Trade Commission, asking for a ban on Samsung products in the U.S., claiming four of Samsung’s devices — the Galaxy S 4G, Infuse 4G, Droid Charge and Galaxy Tab 10.1 tablet — violated its iPhone and iPad patents.

In response, Samsung denied the allegations and said it will continue to sell its products until it is legally prevented to do so. The ITC filing hints may offer a faster settlement between the warring companies, since it takes less time to decide than the courts.

Apple’s App Store Breaks Records, Other Break Security

Apple’s App Store platform is expected to surge with apps and e-books at a rate of 39 percent over the next three years, reaching an estimated $13 billion in revenue by 2013.

After debuting in 2008, users have downloaded 15 billion apps. There are now more than 200 million iOS devices worldwide, each with an average of 75 apps.

In total, more than 425,000 apps are currently available in the App Store.

However, the Apple’s popularity has made it a target among hackers. The company acknowledged a security flaw in iOS, allowing attackers to infect users’ devices with malicious software and give them administrative privileges.

Hackers may gain access to information like passwords, online banking data, e-mail and contact information, as well as a person’s camera or calls.

In the courtroom, a judge rejected Apple’s request to stop Amazon from using the “AppStore” name. Apple claims customers may confuse Amazon’s “AppStore” with Apple’s “App Store.”

Amazon is allowed to use its AppStore term up until a trial date for October 2012.

In future products, Apple filed two patents related to augmented reality and transparent touch screens. The AR patent gives Apple a way to populate live photos and video feeds from iPads and iPhones with digital information, allowing users to easily identify unknown objects and places.

The transparent screen patent allows Apple to overlay real-time images with digital data, hinting at improved iPad features in the future.

Cloud Competition Gets Crowded

Swedish-based Spotify is joining the fray in the U.S. The music-streaming service had planned to launch months ago, but licensing negotiations with major record labels delayed its debut.

Meanwhile, Amazon offered unlimited Cloud Drive and Player storage, allowing users to host as much music as they wish for a $20 annual fee.

Consumers unwilling to pay can still host up to 5-gigabytes of music files, as well as upload unlimited files purchased from Amazon. They also receive a free 20-gigabyte storage locker for photos and video.

Verizon Caps Data, Introduces New Phones

Verizon ended its unlimited data plans, ushering in tiered plans starting at $30 a month for 2-gigabytes of data.

Customers already with unlimited contracts can keep their plans for the duration of the contract, but new customers must sign up for capped data plans.

The carrier said about 95 percent of its customers consume less than 2-gigabytes per month, suggesting users will pay the same under the limited plans.

Meanwhile, Verizon plans to sell the Droid Bionic on August 4. The phone packs a 1-gigahertz dual-core chip, 512-megabytes of RAM, a 4.3-inch screen and 8-megapixel camera.

It also unveiled the Motorola Droid 3, which will debut later this summer for $200 with a two-year contract. The device will run on Android 2.3, along with a dual-core processor, 4-inch display, including an 8-megapixel camera capable of capturing 1080p video.

Google+ Sees Familiar Face, NFC Goes Social

Google last week launched its Google+ social network, amid positive reviews. And its most followed member so far is none other than Facebook CEO Mark Zuckerberg.

So far, Zuckerberg amassed over 21,000 followers, beating even Google co-founders Larry Page and Sergey Brin, both with less than 15,000 followers.

Google also launched a Google+ app for Android, which includes a mobile payment component. The app is still in beta, but Nexus device owners can now scan near-field communication, or NFC, tags and post information as a status update on their Google+ accounts

The features blend the world of mobile payments with location check-in sites like Foursquare and Facebook.

The Internet giant is in the courtroom as well. Transcenic filed a complaint against Google, Microsoft and AOL’s MapQuest, claiming Google’s street view-perspective technology, used in Google Maps, violates its patent for collecting and manipulating panoramic imagery.

The Louisiana company is seeking unspecified damages in Federal Delaware District Court.

HTC Sees Profits Rise

HTC posted record sales due to the popularity of its Android phones and a surge in demand from Asia. The company shipped about 11 million units in the April-June period, more than double the total from a year ago.

HTC is pushing ahead by buying chip-designer S3 Graphics for $300 million. The deal gives HTC a portfolio of 235 patents, which it can use to protect itself in the increasingly-heated patent infringement arena, as well as provide it with technology to improve its smartphone lineup.

Nortel Sale Under Investigation

Canadian regulators are investigating the winning $4.5 billion bid for bankrupt telecom Nortel.

Canadian Industry Minister Christian Paradis said the results of the auction, including its 6,000 patents, are subject to the Investment Canada Act, which require the country to gauge whether any foreign investment or acquisition more than $312 million benefits or hurts the country.

A group of major companies including Apple, Microsoft, Sony, Ericsson and Research in Motion won the auction for patents relating to 4G, Wi-Fi, search engines and other telecom areas.

Facebook, Skype Team Up for Video Calling

Facebook announced a partnership with Skype to bring video chat to its 750 million users. The move beefs up Facebook’s offerings before a showdown with Google+. To use the service, people need to download a plug-in for their browsers.

ISPs Cracking Down on Piracy

Internet service providers partnered with entrainment companies to curb online piracy. ISPs agreed to a six-strikes warning program to reprimand those suspected of downloading copyrighted music and movies from sites like BitTorrent.

The Copyright Alert System will monitor users of illegal file-sharing services. If users are caught sharing copyrighted files, the alert system will send users’ ISP a notice to dole out punishment. ISPs can then issue up to six warnings before reducing users’ Internet speeds or suspending services until illegal file-sharing stops.

Government Deals with Online Sexual Material, Cell Phones in Cars

Judge Ralph Beistline struck down an Alaska law that aims to hold adults criminally liable for distributing sexually explicit material to minors over the Internet. Beistline sided with the group of plaintiffs that filed a lawsuit last August, saying such a law violates the First Amendment.

The judge agreed, saying the Internet lacks a reliable mechanism for verifying the age of Internet users.

Meanwhile, the Governors Highway Safety Association, or GHSA, concluded cell phone use while driving increases the chance of crashing. The group studied over 350 scientific papers released since 2000, and found a link between texting and higher risks while driving, but it remains inconclusive on how to prevent phone-related car crashes.

But, the GHSA did agree with a ban on cell phone use for teenaged drivers, who are the highest risk for crashes.

Meanwhile, New Jersey ruled tracking one’s spouse by GPS legal and not an invasion of privacy.

The case originated when Kenneth Villanova’s wife suspected he was cheating but couldn’t confirm this as the private investigator she hired was unable to follow the suspected husband. She then placed a GPS unit in the glove compartment of the vehicle they owned together, eventually tracing him to another woman’s driveway.

Nokia Firesale, Store Closure

Nokia announced it will cut prices on its current line of smartphones, including the popular N8, C7 and E6 models, by 15 percent in Europe, as it readies the release of its Windows phones next year. Nokia claims these cuts are normal and part of on-going business.

Meanwhile, the company is shutting down its Vertu luxury mobile phone stores in Japan. The company said it will continue to do business with Japanese craftsmen on products sold in other markers.

Microsoft Targets Samsung

Microsoft is seeking $15 for each Android device Samsung sells because of alleged patent infringement. If Microsoft demands payment, Samsung may be looking at a shelling out $45 million to Microsoft for past Galaxy S 2 sales alone.

Samsung aims to negotiate a lower fee of $10 per device, in exchange for a deeper partnership with Microsoft to create smartphones using the Windows Phone platform.

It’s a Sad World for RIM

RIM fell to third place behind Apple and Google. The once-strong company now controls just 24 percent of the market, behind Apple’s 26 and Google’s 38, according to ComScore.

Last week, the company agreed to conduct an independent study to determine the effectiveness of a leadership change, much to the chagrin of investment firm of Glass Lewis & Co.

The investor had wanted to conduct a vote over whether to split up RIM’s executive roles at this year’s shareholders meeting. The firm says a change, not a study, is needed to fix the company.

Sprint May Finally Get iPhone

Sprint may add the iPhone to its lineup before Christmas, according to Citadel Securities. If so, the company may attract customers since it is the last U.S. carrier to offer unlimited data plans.

The iPhone is expected to boost Sprint’s fortunes, especially if it struggles to survive in a post-AT&T and T-Mobile merger.

Cell Phones May Not Cause Cancer After All

A group of experts from the U.S., U.K. and Sweden found no convincing evidence linking cell phone use to cancer. The group also added there is little evidence to suggest radio signals trigger tumors. But committee cannot definitively say there is no connection at all between the two.

Meanwhile, a group of researchers are using smartphones to diagnose cataracts.

A team of MIT scientists developed the Catra System, which allows a user to look through an eyepiece that slides onto a smartphone or other mobile devices like tablets. The patient sees lines on the screen and pushes a button when the lines start to cloud. If there are enough lines that look cloudy, Catra diagnoses the cataract and recommends treatment.

Samsung Profits Dip, Sends Nexus S to Space

Samsung profits took a significant hit, even after the success of its Galaxy tablets. The company’s ongoing dispute with Apple casts doubt on the company’s future, especially if Samsung is forced to pay Apple for patent infringement.

Meanwhile, the company’s Nexus S phone joined rival Apple’s iPhone in space aboard the Atlantis space shuttle. The device is set to conduct several experiments with its computing power and camera.

Obama Holds Twitter Town Hall Meeting

President Barack Obama received nearly 170,000 questions and comments at his Twitter town hall meeting. The event was moderated by Twitter co-founder and chairman Jack Dorsey.

More than a quarter of the questions dealt with jobs, while 10 percent were about education. This was the first-ever online, live presidential town hall meeting.

Ebay Strengthens PayPal Service

Ebay purchased mobile payment provider Zong for $240 million. Ebay plans to connect the service’s 3.2 billion users and 250 wireless carriers with PayPal.

Shoppers use Zong to pay for items with their mobile phones by entering their mobile phone numbers, which Zong then verifies the transaction and charges the customer’s cell phone bill.

Japan Strikes… Metal

Japanese researchers reportedly found gadolinium, lutetium, terbium and dysprosium in the mud beneath the Pacific Ocean near Hawaii. These are the same metals needed to make iPhones, iPads and other gadgets.

Experts believe the find could total billions of tons of materials, which could be more than 1,000 times the amount found in land sources locally mostly in China.

News Under the Sun is a weekly column rounding up all the events on in the mobile industry. Want the news but don’t want it every day? Subscribe to our weekly Facebook or Twitter page.

This post originally appeared at Mobiledia.

View the original article here

AntiSec Hackers Hit FBI Contractor - New York Times (blog)

Hackers who have claimed responsibility for a spate of recent break-ins said on Friday that they had infiltrated the networkof IRC Federal, an engineering contractor that works for federal agencies including the Federal Bureau of Investigation, and stole internal documents from its database and e-mail system.

The group, which is a part of the hacktivist collective Anonymous and includes members of the defunct group Lulz Security, also said it had defaced IRC Federal’s Web site. The firm has taken the site down.

A spokesman for IRC Federal said it was investigating the claim. “We reported it to the authorities, and otherwise we have no comment.”

In a statement online that was decorated with a digital drawing of a mushroom cloud, the group complained that IRC Federal had been “selling out their ‘skills’ to the US empire. So we laid nuclear waste to their systems, owning their pathetic windows box, dropping their databases and private emails, and defaced their professional looking website.”

The group, which has been waging a campaign called AntiSec against what it calls corrupt corporations and governments, said it found within IRC Federal’s e-mails documents that included a proposal to develop for the F.B.I. a “Special Identities Modernization (SIM) Project” that it said would protect records associated with “trusted individuals,” while revealing the identities of individuals who might pose a terrorist or criminal risk to the United States.

It claimed it also found fingerprinting contracts for the Justice Department and biometrics development for the military. It also cited “strategy contracts” for the “National Nuclear Security Administration Nuclear Weapons Complex.”

The F.B.I. declined to comment.

The incident follows arrests earlier this week of 15 alleged members of Anonymous in Italy and Switzerland, aged 15 to 28, in raids in which 32 homes were searched by police. Last month, three men in Spain and 32 people in Turkey were arrested in connection with online attacks by Anonymous.

The collective has promised to retaliate, and has claimed break-ins at Italian universities and to have brought down hundreds of Turkish Web sites.

View the original article here

Hackers seize PayPal UK Twitter account

BOSTON (Reuters) - Hackers seized control of a PayPal Twitter feed for more than an hour on Tuesday, then sent out messages criticizing the payment processor in the second attack of its type in two days.

The hijacking of the PayPalUK Twitter feed came a day after hackers took control of a Fox News feed for more than five hours, then sent false tweets saying that U.S. President Barack Obama had been shot dead.

In PayPal's case, the attackers sent out messages promoting paypalsucks.com, a site devoted to what it says is "exposing the nightmare of doing business 'the PayPal way.'"

The Tweets were removed within a few hours of the hijacking. "Sorry, the profile you are trying to view has been suspended," Twitter said on its page for the PayPalUK feed.

A PayPal spokesman said via email that the attack on the Twitter account had not affected the company's operations or its internal computer networks. Officials with Twitter did not respond to emails seeking comment.

"PayPal UK is unaffected by this and has not been breached or affected," the PayPal spokesman said.

PayPal is a subsidiary of Ebay Inc, the e-commerce company.

The paypalsucks.com site said that it had nothing to do with the attack. "We never condone hacking of any kind," the site said in a statement emailed to Reuters.

(Reporting by Jim Finkle and Alistair Barr, editing by Matthew Lewis)

View the original article here

Apple girding gadgets against hackers

Apple on Friday said it was working to patch a vulnerability that hackers could use to break into the company's popular iPad, iPhone and iPod Touch gadgets.

Engineers at the California firm are fixing a weakness pointed out by the German Federal Office for Information Security (BSI).

"Apple takes security very seriously," Apple spokeswoman Trudy Muller said in response to an AFP inquiry.

"We are aware of this reported issue and developing a fix that will be available in an upcoming software update," she said.

BSI warned this week of a flaw that would let hackers infiltrate Apple mobile devices by duping users into opening PDF document files booby-trapped with malicious computer code.

Although no attacks have been observed, hackers are likely to try to exploit the weakness, according to a posting on the agency's website.

Possible "attack scenarios for cyber-criminals" include accessing passwords, email messages, contact lists, or built-in cameras and eavesdropping on phone conversations or getting location information, according to BSI.

The agency recommended that Apple device users guard against hackers by not opening PDF documents from unfamiliar sources.

Apple gadget users should limit Web browsing to reliable websites and avoid clicking on links in emails unless they are certain where they lead, BSI advised.

View the original article here

Hackers expose flaw in Apple iPad, iPhone software

BOSTON (Reuters) - Hackers have disclosed a bug in software from Apple Inc that security experts said could be exploited by criminals looking to gain remote control over iPhones, iPads and iPod Touch devices.

The security flaw in Apple's iOS operating system came to light on Wednesday as the website www.jailbreakme.com released code that Apple customers can use to modify the iOS operating system through a process known as "jail breaking."

Some Apple customers choose to jail break their devices so they can download and run applications that are not approved by Apple or use iPhone phones on networks of carriers that are not approved by Apple.

Security experts warned that criminal hackers could download that code, reverse engineer it to identify a hole in iOS security and build a piece of malicious software within a few days.

"If you are a malicious attacker, it is fairly doable," said Patrik Runald, a senior researcher with the Internet security firm Websense.

Apple has yet to release an update to iOS that protects customers against malicious software that exploits the flaw.

Apple spokeswoman Trudy Muller said the company was aware of the problem.

"We are developing a fix that will be available to customers in an upcoming software update," Muller said.

Apple has long been vocal against jail breaking, which if done voids the warranty on its devices.

Any security flaw in iOS software -- which runs Apple's iPhone, iPad tablet and iPod Touch -- has the potential to affect millions of devices that are at the core of Apple's business.

Apple has sold 25 million iPads since it launched last year. The company sold over 18 million of its popular iPhones in just the first three months of the year.

Hackers can exploit the iOS vulnerability by creating a malicious PDF document file. It would infect Apple devices when users attempt to open that document, according to Runald.

Once the device is infected, hackers could "do anything they want," Runald said. That includes stealing passwords, documents and emails.

Comex, a 19-year-old hacker from New York State who developed the jail-breaking tool, said that Apple might be able to patch the software before criminal hackers develop software that exploits the bug.

Last time he put out a version of his jailbreaking software, Apple was able to issue a patch before anybody exploited the bug for malicious purposes.

He said that Apple might not be able to move quickly enough this time.

"It's not that hard to reverse engineer," he said via telephone.

(Reporting by Jim Finkle, additional reporting by Poornima Gupta; Editing by Bernard Orr)

View the original article here

Monday, July 11, 2011

Hackers falsely claim Obama dead on Fox Twitter feed

WASHINGTON (Reuters) - Hackers took control of a FoxNews.com Twitter account on Monday and sent six false tweets saying that U.S. President Barack Obama had been shot dead, prompting an investigation by the Secret Service.

"Hackers sent out several malicious and false tweets that President Obama had been assassinated," Foxnews.com said in a statement about the latest in a wave of high-profile cyber security breaches around the world.

"Those reports are incorrect, of course, and the president is spending the July 4 holiday with his family."

The media outlet, owned by Rupert Murdoch's News Corp, said the incident was being checked.

"The hacking is being investigated, and FoxNews.com regrets any distress the false tweets may have created," it said.

Obama is celebrating the July 4 Independence holiday with his family at the White House and was due to host military families to watch Fourth of July fireworks in the evening.

The White House declined to comment. The Secret Service, which is charged with protecting the president, said it was looking into the incident.

"The Secret Service is investigating the matter and will conduct the appropriate follow-up," spokesman George Ogilvie said.

The first hacked tweet appeared around 2 a.m. and said: "@BarackObama has just passed. The President is dead. A sad 4th of July, indeed. President Barack Obama is dead."

The next one, "@BarackObama has just passed. Nearly 45 minutes ago, he was shot twice in the lower pelvic area and in the neck; shooter unknown. Bled out."

The false tweets were removed around noon today, a Fox News spokeswoman said, after Twitter suspended the account.

Fox News Digital Vice President and General Manager Jeff Misenti said FoxNews.com was working with Twitter to address the situation as quickly as possible.

"We will be requesting a detailed investigation from Twitter about how this occurred, and measures to prevent future unauthorized access into FoxNews.com accounts," Misenti said.

In an email statement to Reuters, a spokesman for Twitter said, "while Twitter does monitor accounts for brute-force log-in attempts and similar methods of attack, we're unable to anticipate compromises that take place due to off-site behavior."

The Twitter spokesman also said that Fox News indicated its account had been compromised.

CYBER BREACHES

A group calling itself The ScriptKiddies claimed responsibility for sending the tweets -- including "#ObamaDead, it's a sad 4th of July" -- from the "FoxNewspolitics" news feed before Twitter suspended its access.

In all some six false tweets were issued, saying Obama had been shot at a restaurant in Iowa while campaigning.

Obama was not in Iowa this weekend. He returned on Sunday to the White House from a brief trip to Camp David in neighboring Maryland.

The Foxnews.com account hacking followed a wave of highly publicized cyber security breaches, including attacks on the bank Citigroup, Sony Corp., Apple and the U.S. Senate and Brazilian presidential websites.

The FoxNews.com hacking came two days before Obama's first "Twitter town hall" where he will field tweeted questions about the economy and jobs.

Twitter's co-founder and executive chairman, Jack Dorsey, is due to moderate that Wednesday session at the White House.

Fox.com, another Fox Entertainment Group website, was the target of an attack by hacker group Lulz Security in May.

LulzSec has also made assaults on Sony, the U.S. Central Intelligence Agency (CIA) and other targets. The attacks have mostly resulted in temporary disruptions to websites and the release of user credentials.

(Additional reporting by Ilaina Jonas, Tom Doggett, Jeff Mason and Nadia Damouni; Editing by Sandra Maler and Steve Orlofsky)

View the original article here

Hackers break into Washington Post jobs site

(Reuters) - Hackers broke into the Washington Post Co's jobs website in two incidents last month, affecting more than a million user IDs and emails, the company said on its website.

The company said about 1.27 million users' IDs and email addresses were affected but no passwords or other personal information was accessed.

The company said the jobs accounts of users whose email addresses were accessed remained secure.

This latest breach comes amid a spate of hack attacks against high profile targets including Sony Corp and Citigroup.

Washington Post said it quickly identified the attack and took action to shut it down. It is pursuing the matter with law enforcement and conducting an audit of the security of its jobs site.

(Reporting by Abhishek Takle in Bangalore; Editing by)

View the original article here

Hackers hit Washington Post, expose 1.2 million accounts

Skip to next paragraph

View the original article here

Hackers to Target Apple Devices?

{"s" : "aapl,amzn,c,ek,emc,erts,goog,lmt,nok,sne","k" : "a00,a50,b00,b60,c10,g00,h00,l10,p20,t10,v00","o" : "","j" : ""} Zacks Equity Research, On Friday July 8, 2011, 4:55 pm EDT

German authorities have identified potential security flaws in Apple Inc.’s (NasdaqGS: AAPL - News) devices such as iPhone, iPad and iPod that are feared to be vulnerable to cyber attacks. According to reports from the Associated Press, German security agencies cautioned that the security hole may be exploited by hackers to steal confidential data from the devices.

Germany's Federal Office for Information Security is of the opinion that hackers can infect Apple devices by sending malicious emails in the form of Portable Document Formats (PDF). Thereafter, once the unaware users are deceived to open the PDFs, the hackers will get accessibility to the administrative rights of the devices.

In such a case, hackers have the access to steal or use confidential information such as passwords, online-banking data, calendars, e-mails and intercept telephone conversations and the location of the user.

Meanwhile, Apple commented that the security issue will be resolved as it is in the process of plugging the loophole in its security by an upcoming software upgrade, which will be available for its iPhone, iPad and iPod touch devices.

Incidentally, this German agency had found another flaw in Apple software last year. That time, Apple had successfully fixed the issue with a software patch.

So far, however, it has been noticed that these attacks on smartphones and other handheld Internet gadgets has been rare. Hackers have been much more focused on PCs. However, we believe that with the growing use of smartphones and other Internet gadgets, as well as the growing ecommerce on these devices, hacking attacks will no doubt increase.

In the present day scenario, users seem to put down every bit of information in the smartphones, ranging from bank account numbers, social security numbers, as well as passwords to access other varied and important data.

We therefore believe that smartphone makers should be more careful while securing the devices as its vulnerability will have a profound impact on its user.

Looking Back at High Profile Hacking Incidents

Cyber security has emerged as the most discussed topic in the technology market over the last few months. As corporations, government agencies, banks and video game companies have been plagued by cyber attacks, online security has become a major concern for all.

However, the last few months have been particularly embarrassing for cyber security providers such as EMC Corp. (NYSE: EMC - News), after some high-profile hacking was reported at Sony Corp. (NYSE: SNE - News), EMC’s own RSA division, defense contractor Lockheed Martin Corp. (NYSE: LMT - News), banker Citigroup Inc. (NYSE: C - News), search company Google Inc. (NasdaqGS: GOOG - News), video game companies Electronic Arts Inc. (NasdaqGS: ERTS - News) and Sega Sammy Holdings Inc.

Moreover, government agencies like the IMF and CIA were also targeted. The Oak Ridge National Laboratory, which works closely with the U.S. Energy Department, also fell prey to cyber attack. In February 2011, France’s finance ministry suffered a cyber attack, aimed at stealing files on the G-20 summit in Paris.

Amid the growing number of cyber attacks, corporations and companies both in the private and public sector are looking for stricter and more stringent cyber security measures to plug the loopholes in the system.

For detailed report, read: Security -- Top Priority in 2011

Recommendation

Apple is a great company with a loyal customer base, international expansion, competitive pricing strategy and a solid cash position. We remain positive on Apple’s long-term growth. However, increasing competition in most of its major product segments, possible delays in product launch, higher operating expenses and increasing legal complexities compel us to maintain our Neutral rating over the long term (6-12 months).

Of late, Apple has been in a spot with all the legal battles pertaining to patent rights with HTC, Eastman Kodak Co. (NYSE: EK - News), Samsung and Amazon.com Inc. (NasdaqGS: AMZN - News). Moreover, Apple has settled the patent dispute with Nokia Corp. (NYSE: NOK - News), but will have to make a one-time payment to the latter and is to pay regular royalties going forward. Financial details were not divulged.

More importantly, Apple has received unfavorable verdicts in a couple of cases at the International Trade Commission (ITC). As ITC has the authority to block import of products that infringe U.S patents, the lawsuits could cause a dent in Apple’s very sizeable cash balance. It may have to pay a hefty fine or a recurring license fee, which will hurt its profitability going forward.

Currently, Apple has a Zacks #3 Rank, which implies a Hold rating in the near term.

APPLE INC (AAPL): Read the Full Research Report

ELECTRONIC ARTS INC (ERTS): Read the Full Research Report

GOOGLE INC CL A (GOOG): Read the Full Research Report

AMAZON.COM INC (AMZN): Read the Full Research Report

NOKIA (NOK): Read the Full Research Report

E M C CORP MASS (EMC): Read the Full Research Report

EASTMAN KODAK CO (EK): Read the Full Research Report

CITIGROUP INC (C): Read the Full Research Report

LOCKHEED MARTIN CORP (LMT): Read the Full Research Report

Zacks Investment Research

View the original article here

NUTS: Hackers Target Government, Apple and Samsung Continue Battle

Hackers continued their wave of attacks, targeting several politicians including President Obama, while Apple attempts to put a stop to Samsung's sales in the U.S.

News Under the Sun is a weekly column rounding up all the events on in the mobile industry. Want the news but don't want it every day? Subscribe to our weekly Facebook or Twitter page.

Hackers Shift to Political Figures

Hacker group "Script Kiddies" gained access to the Twitter account of Fox News and posted a fake message about the assassination of President Obama. White House officials quickly assured the nation of the president's safety.

Anonymous is proclaiming its disapproval with Orlando's new policy against feeding the homeless without a license.

The recent spate of attacks prompted European officials to form the International Cyber-Security Protection Alliance, or ICSPA, in an effort to protect organizations against future attacks.

Apple Versus Samsung: The Saga Continues

Apple filed a complaint with the International Trade Commission, asking for a ban on Samsung products in the U.S., claiming four of Samsung's devices -- the Galaxy S 4G, Infuse 4G, Droid Charge and Galaxy Tab 10.1 tablet -- violated its iPhone and iPad patents.

Apple's App Store Breaks Records, Other Break Security

Apple's App Store platform is expected to surge with apps and e-books at a rate of 39 percent over the next three years, reaching an estimated $13 billion in revenue by 2013.

After debuting in 2008, users have downloaded 15 billion apps. There are now more than 200 million iOS devices worldwide, each with an average of 75 apps.

In total, more than 425,000 apps are currently available in the App Store.

However, the Apple's popularity has made it a target among hackers. The company acknowledged a security flaw in iOS, allowing attackers to infect users' devices with malicious software and give them administrative privileges.

Hackers may gain access to information like passwords, online banking data, e-mail and contact information, as well as a person's camera or calls.

In the courtroom, a judge rejected Apple's request to stop Amazon from using the "AppStore" name. Apple claims customers may confuse Amazon's "AppStore" with Apple's "App Store."

Amazon is allowed to use its AppStore term up until a trial date for October 2012.

The transparent screen patent allows Apple to overlay real-time images with digital data, hinting at improved iPad features in the future.

Cloud Competition Gets Crowded

Swedish-based Spotify is joining the fray in the U.S. The music-streaming service had planned to launch months ago, but licensing negotiations with major record labels delayed its debut.

Meanwhile, Amazon offered unlimited Cloud Drive and Player storage, allowing users to host as much music as they wish for a $20 annual fee.

Verizon Caps Data, Introduces New Phones

Verizon ended its unlimited data plans, ushering in tiered plans starting at $30 a month for 2-gigabytes of data.

Customers already with unlimited contracts can keep their plans for the duration of the contract, but new customers must sign up for capped data plans.

The carrier said about 95 percent of its customers consume less than 2-gigabytes per month, suggesting users will pay the same under the limited plans.

Meanwhile, Verizon plans to sell the Droid Bionic on August 4. The phone packs a 1-gigahertz dual-core chip, 512-megabytes of RAM, a 4.3-inch screen and 8-megapixel camera.

Google+ Sees Familiar Face, NFC Goes Social

Google last week launched its Google+ social network, amid positive reviews. And its most followed member so far is none other than Facebook CEO Mark Zuckerberg.

So far, Zuckerberg amassed over 21,000 followers, beating even Google co-founders Larry Page and Sergey Brin, both with less than 15,000 followers.

The features blend the world of mobile payments with location check-in sites like Foursquare and Facebook.

The Internet giant is in the courtroom as well. Transcenic filed a complaint against Google, Microsoft and AOL's MapQuest, claiming Google's street view-perspective technology, used in Google Maps, violates its patent for collecting and manipulating panoramic imagery.

The Louisiana company is seeking unspecified damages in Federal Delaware District Court.

HTC Sees Profits Rise

Nortel Sale Under Investigation

Canadian regulators are investigating the winning $4.5 billion bid for bankrupt telecom Nortel.

A group of major companies including Apple, Microsoft, Sony, Ericsson and Research in Motion won the auction for patents relating to 4G, Wi-Fi, search engines and other telecom areas.

Facebook, Skype Team Up for Video Calling

Facebook announced a partnership with Skype to bring video chat to its 750 million users. The move beefs up Facebook's offerings before a showdown with Google+. To use the service, people need to download a plug-in for their browsers.

ISPs Cracking Down on Piracy

The Copyright Alert System will monitor users of illegal file-sharing services. If users are caught sharing copyrighted files, the alert system will send users' ISP a notice to dole out punishment. ISPs can then issue up to six warnings before reducing users' Internet speeds or suspending services until illegal file-sharing stops.

Government Deals with Online Sexual Material, Cell Phones in Cars

The judge agreed, saying the Internet lacks a reliable mechanism for verifying the age of Internet users.

But, the GHSA did agree with a ban on cell phone use for teenaged drivers, who are the highest risk for crashes.

Meanwhile, New Jersey ruled tracking one's spouse by GPS legal and not an invasion of privacy.

The case originated when Kenneth Villanova's wife suspected he was cheating but couldn't confirm this as the private investigator she hired was unable to follow the suspected husband. She then placed a GPS unit in the glove compartment of the vehicle they owned together, eventually tracing him to another woman's driveway.

Nokia Firesale, Store Closure

Meanwhile, the company is shutting down its Vertu luxury mobile phone stores in Japan. The company said it will continue to do business with Japanese craftsmen on products sold in other markers.

Microsoft Targets Samsung

Samsung aims to negotiate a lower fee of $10 per device, in exchange for a deeper partnership with Microsoft to create smartphones using the Windows Phone platform.

It's a Sad World for RIM

RIM fell to third place behind Apple and Google. The once-strong company now controls just 24 percent of the market, behind Apple's 26 and Google's 38, according to ComScore.

Last week, the company agreed to conduct an independent study to determine the effectiveness of a leadership change, much to the chagrin of investment firm of Glass Lewis & Co.

The investor had wanted to conduct a vote over whether to split up RIM's executive roles at this year's shareholders meeting. The firm says a change, not a study, is needed to fix the company.

Sprint May Finally Get iPhone

The iPhone is expected to boost Sprint's fortunes, especially if it struggles to survive in a post-AT&T and T-Mobile merger.

Cell Phones May Not Cause Cancer After All

Meanwhile, a group of researchers are using smartphones to diagnose cataracts.

Samsung Profits Dip, Sends Nexus S to Space

Samsung profits took a significant hit, even after the success of its Galaxy tablets. The company's ongoing dispute with Apple casts doubt on the company's future, especially if Samsung is forced to pay Apple for patent infringement.

Meanwhile, the company's Nexus S phone joined rival Apple's iPhone in space aboard the Atlantis space shuttle. The device is set to conduct several experiments with its computing power and camera.

Obama Holds Twitter Town Hall Meeting

President Barack Obama received nearly 170,000 questions and comments at his Twitter town hall meeting. The event was moderated by Twitter co-founder and chairman Jack Dorsey.

More than a quarter of the questions dealt with jobs, while 10 percent were about education. This was the first-ever online, live presidential town hall meeting.

Ebay Strengthens PayPal Service

Ebay purchased mobile payment provider Zong for $240 million. Ebay plans to connect the service's 3.2 billion users and 250 wireless carriers with PayPal.

Shoppers use Zong to pay for items with their mobile phones by entering their mobile phone numbers, which Zong then verifies the transaction and charges the customer's cell phone bill.

Japan Strikes... Metal

Experts believe the find could total billions of tons of materials, which could be more than 1,000 times the amount found in land sources locally mostly in China.

News Under the Sun is a weekly column rounding up all the events on in the mobile industry. Want the news but don't want it every day? Subscribe to our weekly Facebook or Twitter page.

This post originally appeared at Mobiledia.

Sunday, July 10, 2011

Hackers uncover new PDF exploit for iOS jailbreak

Hackers have once again found a weakness in the way Apple’s Mobile Safari browser loads PDF files, making it possible to jailbreak iOS devices without connecting to a computer first. Anyone interested in jailbreaking their device simply needs to point their Mobile Safari browser to jailbreakme.com and follow a simple set of instructions.

Jailbreakme is web-based, but does, however, recommend first connecting to iTunes to perform a backup. Other popular jailbreaking methods require users to download a program to their computers and then connect their device in order to carryout the exploit.

The hack was developed by “Comex,” Grant “Chpwn” Paul and Jay “Saurik” Freeman. The trio has dubbed their most recent exploit JailbreakMe 3. Last year, Comex released JailbreakMe 2, which made use of a similar vulnerability in the way iOS devices handle PDF files. Apple was quick to respond, releasing a patch within a matter of weeks to address the JailbreakMe 2 exploit.

This time, the hackers have beaten Apple to the punch. You see, Comex and his squad have already released a patch to protect iOS devices from the latest PDF exploit. But there’s a big catch; in order to download the patch, you’ll need access to the unofficial app repository Cydia, which– you guessed it — is only available for jailbroken devices.

In theory, JailbreakMe 3 exploit could be appropriated by other hackers with less noble intentions. The hackers say that, while that may be true, they aren’t particularly concerned. Comex points out that similar concerns were raised about JailbreakMe 2, but no reports surfaced of any hackers using the exploit malevolently.

“Until Apple releases an update,” Comex says in a FAQ, “jailbreaking will ironically be the best way to remain secure.” No word on when Apple will release its patch, but you can bet that they’re already at work on it.

View the original article here

Hackers Select a New Target: Other Hackers

SOMINI SENGUPTA and NICK BILTON, On Tuesday July 5, 2011, 9:58 am EDT

The hackers, calling themselves the A-Team, assembled a trove of private information and put it online for all to see: names, aliases, addresses, phone numbers, even details about family members and girlfriends.

But their targets were not corporate executives, government officials or clueless bank customers. They were other hackers.

And in trying to unmask the identities of the members of a group known as Lulz Security, the A-Team was aiming to take them down a peg — and, indirectly, to help law enforcement officials lock them up.

The core members of Lulz Security “lack the skill to do anything more than go after the low-hanging fruit,” the A-Team sneered in its posting last month.

In recent weeks, attacks on companies like Sony and government sites like senate.gov have raised concerns about increasingly organized and brazen hackers. On Monday, a Twitter account for Fox News was hijacked.

But much of the hacking scene is a fractious free-for-all, with rival groups and lone wolves engaged in tit-for-tat attacks on each other, often on political or ideological grounds but sometimes for no better reason than to outwit — or out-hack — the other guy.

The members of Lulz Security, or LulzSec, have been at the center of the sniping lately. The group won global attention through attacks on the C.I.A., Sony, the Arizona state police and other organizations, putting at risk the personal information of tens of thousands of people in the process. Even as they attacked, the LulzSec members craftily concealed their own identities, all the while articulating an ever-changing menu of grievances, from government corruption to consumer rights.

LulzSec’s provocative attacks and flamboyant style made it a tempting target. Other hackers, equally adept at maintaining their anonymity, have been seeking to penetrate the online aliases of the group’s members.

Late last month, LulzSec announced that it was disbanding, and that its members would continue their activities under other banners. But the F.B.I. and other agencies are continuing their pursuit, aided by information unearthed by other hackers. In fact, the Lulz Security members face the real possibility that if they are caught, it will be their fellow hackers who led the authorities to their doorsteps.

“This unfortunately represents one of few ways law enforcement gets good inroads into this community,” said Bill Woodcock, research director at the Packet Clearing House, a nonprofit group in Berkeley, Calif., that tracks Internet traffic.

In hacker parlance, to be unmasked is to be dox’d, as in documented. And by hacker logic, to be dox’d is to be put out of business. An online alias is an essential weapon: it conceals a person’s name and whereabouts, while allowing the creation of an alternate identity.

Indeed, the handbook for new recruits to Anonymous, the global hacker collective from which Lulz Security sprang earlier this year, contains tips on safeguarding one’s identity — from how to steer clear of Web sites that track online activity to masking one’s Internet provider.

One of the tools it suggests is Tor, a network of virtual tunnels originally developed by the United States Naval Research Laboratory to protect online government communications. “In our world,” the handbook concludes, “a good defense is the best offense.”

Despite the detailed profiling by the A-Team and other hacker groups including Team Poison and Web Ninjas, no professed Lulz Security member has admitted to being dox’d, and some have merrily denied it. But the campaign seems to have had some effect.

The A-Team’s supposed outing of seven of Lulz Security’s members coincided with the group’s announcement that it was disbanding. And a spokesman for the group, using the alias Topiary, bid a public farewell in typically impish language: “Sailing off — watch your backs and follow the north wind, brazen sailors of the ’verse.”

The A-Team posting about LulzSec included mundane personal details. The sister of one purported LulzSec member, it said, was a bartender in a bowling alley in a small British town. Another member was described as “very ugly.” A third, the group railed, cannot hack at all: “He doesn’t actually do anything except give interviews.”

Part of the posting, complete with misspellings, went to the heart of the hackers’ paradox: “If your anonymous no one can find you. No one can hurt you, so your invincible,” it said. “The problem with this idealogy, is it’s on the internet. The internet by definition is not anonymous. Computers have to have attribution. If you trace something back far enough you can find its origins.”

Lulz Security was not above outing one of its own. A member known as m_nerva leaked some of its chat room discussions to the media. In retaliation the group posted what it said was m_nerva’s personal information, including an address in Hamilton, Ohio.

Last week the F.B.I. raided a home in Hamilton but made no arrests, according to local media reports. An F.B.I. spokeswoman, Jenny Shearer, would not comment on what she said was a continuing investigation.

In an interview with the BBC Web site, a spokesman for LulzSec who called himself Whirlpool said of the group’s opponents: “They keep trying to bring us down, we mock them, they get flustered and make snide comments, we laugh.”

Meanwhile the Web Ninjas, who publish a blog called LulzSec Exposed, declared their intentions this way: “We have tried our best doxing LulzSec and keep doing it until we see them behind bars.”

Topiary’s fellows do not seem to be in a mood to venture off into the north wind forever. Since announcing its dissolution, LulzSec has melted into a broader movement called AntiSec, which potentially has thousands of hackers on its side, including those associated with Anonymous. Hackers have continued to torment the Arizona police because of their role in a state crackdown on illegal immigrants, leaking officers’ personal e-mail last week.

Security companies and government agencies have a long history of relying on current or former hackers in the fight against computer crimes. One new wrinkle is the way that attacks on government targets have given rise to a small but loud faction of patriotic, presumably American hackers who are fighting back on their own, said Gabriella Coleman, an assistant professor at New York University who is researching a book on Anonymous. The fights have also become more public and spectacular, in part because of platforms like Twitter.

“Warring becomes an art form itself,” Ms. Coleman said. “There is that game quality to it. They’re claiming they can’t be found. It’s a huge trophy if you can.”

View the original article here

Friday, July 8, 2011

Hackers Select a New Target: Other Hackers - New York Times

But their targets were not corporate executives, government officials or clueless bank customers. They were other hackers.

The core members of Lulz Security “lack the skill to do anything more than go after the low-hanging fruit,” the A-Team sneered in its posting last month.

View the original article here