Security

When he was arrested at his Chicago home in 2012 for hacking the website of security think tank Stratfor, the dreadlocked Jeremy Hammond was the FBI's most wanted cybercriminal.

Authorities tracked him down with the help of top LulzSec member Hector Xavier Monsegur. But it has never been known how they managed to shut the lid of him computer, effectively encrypting the contents of Hammond's hard drive, which the hacker was able to encrypt as agents armed with assault rifles were raiding his home.

It was perhaps a bit unfortunate, but in October, about a hundred journalists, civil rights advocates and representatives from non-governmental organisations, Internet rights activists, academics and lawyers from across Asia were gathered in Kuala Lumpur to discuss Internet rights and freedoms.
 

Here's a summary of the four "critical" patches this month; the top one is super critical or, if you will, Heartbleed critical:

The controversial anonabox anonymity hardware router project returned today amidst a scathing reaction from the wider security and anonymity communities.

Previously, the project was suspended from Kickstarter after claims that the project used entirely custom hardware were debunked by industry experts and laymen alike. The project has resurfaced on crowdfunding site Indiegogo, where so far it has raised over $11,000.

According to the agency, over 800,000 employees of the USPS have had their personal data stolen from the postal service’s servers. When you consider that the USPS employs just under 500,000 people (below 800,000 in the 90’s) then you realize that the data stolen includes both current and former employees of the USPS. The data breach mostly affects employees of the USPS rather than customers who may have done business with them.

Hackers have developed a scheme to steal sensitive information from top executives by penetrating the Wi-Fi networks of luxury hotels, security researchers said Monday.

A report by Kaspersky Lab said the "Darkhotel" espionage effort "has lurked in the shadows for at least four years while stealing sensitive data from selected corporate executives traveling abroad."

A new class of apps and wireless devices used by private pilots during flights for everything from GPS information to data about nearby aircraft is vulnerable to a wide range of security attacks, which in some scenarios could lead to catastrophic outcomes, according to computer scientists at the University of California, San Diego and Johns Hopkins University. They presented their findings Nov. 5 at the 21st ACM Conference on Computer and Communications Security in Scottsdale, Ariz.

Last week’s takedown of Silk Road 2.0 wasn’t the only law enforcement strike on "darknet" illicit websites being concealed by the Tor Project’s network of anonymizing routers. A total of 410 .onion pages on at least 27 different sites, some of which sell everything from drugs to murder-for-hire assassins, were shut down as part of Operation Onymous—a joint operation between16 member nations of Europol, the FBI, and US Immigration and Customs Enforcement.

G20 is an “irresistible target for hackers,” according to Greg Rudd, spokesman for the Council of Registered Ethical Security Testers, or CREST Australia. Hackers "would love to just get into the traffic light system for example and just disrupt that and what they're after really is free international media,” Rudd told ABC.

The UK National Crime Agency (NCA) has helped to close 400 'dark web' sites involved in various illegal activities under an operation dubbed Project Protein.

The takedowns were part of the NCA's involvement in the shut down of the Silk Road 2.0 website by the FBI.