IT security firm Trustwave sued for Failing to Stop Data Breach

IT security firm Trustwave has been accused of failing to properly investigate the card breach suffered by the Las Vegas-based casino operator Affinity Gaming in 2013.

Affinity Gaming filed a complaint in the district court of Nevada in December alleged Trustwave of misrepresenting themselves and failed to perform the adequate investigation, identify the breach, and falsely misinform them about the correction of the breach.

In December 2013, Affinity Gaming suffered a security breach that penetrated their payment card systems. They called Trustwave to investigate the matter.

According to the complaint filed “Trustwave informed the company that the malware was removed from its systems and that the breach was contained.”

After Trustwave completed its investigation, Affinity Gaming called Ernst & Young to conduct penetration testing. While penetration testing testers identified suspicious activity associated with a piece of malware.

Now Affinity Gaming  called FireEye-owned forensic specialist Mandiant  for further investigation.

The complaint was filed based on the latest investigation done by Mandiant.

“Trustwave had failed to diagnose that the data breach actually was the result of unidentified outside persons or organizations who were able to compromise Affinity’s data through Affinity Gaming’s Virtual Private Network (VPN), and that the ‘backdoor’ these persons/organizations had created — which Trustwave had speculated may have existed but concluded was ‘inert’ — was very real and accessible,” reads the complaint.

“Mandiant also determined that the unauthorized access and renewed data breach occurred on a continuous basis both before and after Trustwave claimed that the data breach had been contained,” it continues.

Affinity is looking for damages in excess of $100,000 / €92,000.

A trojan that evades security products and stole data

Spymel, a new Trojan discovered by Zscaler (a US-based cyber-security vendor), reaches computer through spam emails and remain undetected from security products.

This Trojan is attached to emails as an archive file. Once it is downloaded and decompressed, the archive file starts executing a JavaScript file that downloads and installs the actual malware executable, a .NET binary.
It is notion that the  archive file does not contain the malware, so the antivirus products fails to flag the danger. .Net binary is also not detected because of the  digital certificate that is issued by  SBO INVEST via DigiCert.

According to Zscaler  Spymel infections was  first detected in early December 2015. As soon as they informed the case to DigiCert and had the certificate revoked. But the group behind Spymel quickly updated their certificate
.
Spymel can act like a malware payload downloader , make screenshots of a user's desktop, record videos of the desktop, log keystrokes, and upload stolen data to a remote server.

Spymel is a perfect example of  malware, where malware can use archive files boobytrapped with JavaScript code and digital certificates to hide.

MagSpoof which costs $10 can steal your credit card number


Someone has made a device that costs $10 which could steal credit card information when anyone has lost his credit card and applied for a new card. And before he gets it, the device helps hacers to steal or at least guess the credit card number.

The device dubbed MagSpoof was made by Samy Kamkar. The device can predict and store hundreds of American Express credit card numbers, allowing anyone to use them for wireless payment transactions, even at non-wireless terminals.

According to the hackers, MagSpoof can spoof any magnetic stripe or credit card entirely wirelessly, it also disable chip and PIN (EMV) protection and accurately predict the card number and expiration date on American Express credit cards.

“MagSpoof can be used as a traditional credit card and simply store all of your credit cards (and with modification, can technically disable chip requirements) in various impressive and exciting form factors, or can be used for security research in any area that would traditionally require a magstripe, such as readers for credit cards, drivers licenses, hotel room keys, automated parking lot tickets, etc,” Kamkar said in a blog post.

MagSpoof emulates a magnetic stripe by quickly changing the polarization of an electromagnet, producing a magnetic field similar to that of a normal magnetic stripe as if it's being swiped. The magstripe reader requires no form of wireless receiver, NFC, or RFID. MagSpoof works wirelessly, even with standard magstripe readers. The stronger the electromagnet, the further away you can use it.

The device actually guesses the next credit card numbers and new expiration dates based on a cancelled credit card's number and when the replacement card was requested respectively. This process does not require the three or four-digit CVV numbers that are printed on the back side of the credit cards.


The hacker has notified American Express and said the company is fixing the flaw. 

FBI denies paying $1 million to attack Tor



FBI has refused an accusation of paying at least $1 million to Carnegie Mellon University (CMU) researchers to infiltrate Tor, a free software implementation of second-generation onion routing that enables its users to communicate anonymously on the internet.

The intelligence agency told Ars Technica, that these accusations of paying the security researchers of the university to disclose the Tor users as well as Reveal their IP addresses as part of a criminal investigation was 'inaccurate'.

"The allegation that we paid (Carnegie Mellon University) $1 million to hack into Tor is inaccurate," the FBI said.

However, the Tor Project team had discovered last year in July that more than hundred new Tor relays that modified Tor protocol headers to track people who were looking for Hidden Services, web servers hosted on Tor that offers more privacy.

The attackers used a combination of nodes and exit relays along with some vulnerabilities in the Tor network protocol that let them uncovered users' real IP addresses.

After discovering the flaws, the team updated its software and rolled out new versions of code to block similar attacks in the future. But, during that time the team could not find the hackers behind the flaws.

“We teach law enforcement agents that they can use Tor to do their investigations ethically, and we support such use of Tor -- but the mere veneer of a law enforcement investigation cannot justify wholesale invasion of people's privacy, and certainly cannot give it the color of "legitimate research," the Tor team said in a blog post.

"Whatever academic security research should be in the 21st century, it certainly does not include "experiments" for pay that indiscriminately endanger strangers without their knowledge or consent," the post added.


Now, the Tor claims to have patched the vulnerabilities but this doesn't solve the core problem.

5.6 million fingerprints stolen, but the reason is still unknown

Some people are blaming Office of Personnel Management (OPM), which serves as a sort of human resources department for the federal government,  some are saying unchangeable biometrics and others are blaming Chinese hackers behind the massive breach in U.S of the OPM’s servers during which fingerprints of 5.6 million people were stolen.

No matter, what was the reason but the tension is about those millions people whose fingerprints have been stolen. What would be the consequence? Or there is nothing to worry about?

The authority concerned needs to come up with some program to address the issue.

Now, the U.S. officials have blamed Chinese government hackers without any evidence. China has also denied to have any involvement in the breach.

The OPM has said that the federal experts believe there is low chance of fingerprints being misused. However, there is a possibility that future technologies could take advantage of this information.

The OPM had earlier confirmed that the number of people was 1.1 million only. However, the number has now increased to 5.6 million.

“The fact that the number [of fingerprints breached] just increased by a factor of five is pretty mind-boggling,” Joseph Lorenzo Hall, the chief technologist at the Center for Democracy & Technology, told Boing Boing. “I’m surprised they didn't have structures in place to determine the number of fingerprints compromised earlier during the investigation.”

Not only the fingerprints, it is said that about 21.5 million individuals had their Social Security Numbers and other sensitive information affected by the hack.

As per the OPM, now, Department of Homeland Security and Defense Department representatives are planning to review the implications of the stolen fingerprint data.

Two Ukrainian defendants to pay $ 30 million to the Securities and Exchange Commission

Ukrainian based firm, Jaspen Capital Partners Limited and Chief Executive Officer (CEO), Andriy Supranonok had agreed to pay $30 million to settle U.S. Securities and Exchange Commission (SEC) civil insider trading charges on Monday (September 14).

SEC had charged the two to have traded on information from illegally obtained news releases.
The company had become the first of 34 defendants to settle SEC charges over allegations of theft of more than 150,000 press releases from Newswire before the news became public.

Traders would sometimes create what prosecutors called “shopping lists” of companies that were expected to make announcements and pass them on to hackers.

The illegal profit generated by traders over a period of five years is estimated to be around $ 100 million while Jaspen and Supranonok made approximately $25 million buying and selling contracts-for-differences (CFDs), which are derivatives allowing for leveraged stock price bets, to trade from 2010-2015 trading on press releases stolen from newswire service.

The case was filed in U.S. District Court for the District of New Jersey, which entered an asset freeze and other emergency relief against Jaspen and Supranonok, among others. Nine of the defendants also face criminal charges, though Jaspen and Supranonok were not criminally charged.

Without admitting or denying the SEC’s allegations, the two defendants agreed to transfer $30 million of ill-gotten gains from the accounts which were frozen a month ago.

"Today's settlement demonstrates that even those beyond our borders who trade on stolen nonpublic information and use complex instruments in an attempt to avoid detection will ultimately be caught,” said SEC enforcement chief, Andrew Ceresney.

The settlement between Jaspen and Mr. Supranonok must be approved by a court.

The SEC said its civil case will continue against the other 32 defendants.


  

Researcher says Laser Pen can Halt Driverless Car


Where the world is waiting for self driving cars to become more popular to reach the masses, a security researcher has found a major flaw in the driverless car that can possibly drive it off the road.

Principal scientist at software security company, Security Innovation, Jonathan Petit, discovered that a laser pointer that costs only $ 60 could interfere with the laser ranging (Lidar) system of the car that could bring it to a halt.

Most self-driving cars rely on to navigate on this system of Lidar which creates a three dimensional map and allows the car to see potential hazards by bouncing a laser beam off obstacles.

Focusing the laser pointer at an automated or a semi automated car will be picked up by the Lidar system and can trick the car into thinking of some objects ahead it while there’s nothing actually. This act will force the car to slow down. A hacker can also overwhelm it with spurious signals which will force the car to remain stationary.

During his tests, Petit recorded laser pulses reflected by a commercial Lidar system, and then mimicked them with the laser back at the navigation system. This method worked from a distance of 300 feet from the car, and didn’t require perfect accuracy with the laser beam.

According to him, the movement of cars, pedestrians or stationary obstacles can be imitated from 50 to 1000 feet away from the car and the same attack can be carried out using a Raspberry Pi or an Arduino single-board computer.

On detecting a phantom object, the car may exhibit both short and long term response. The short term reaction may only consist of an unnecessary stop but a long term stop may trick the car into believing a blockage on the road thus taking an alternative route which will affect the trip.

The automakers need to ensure that simple hacks don't render driverless vehicles useless or worse.

If proper steps are not taken on security implications of internet-connected cars right now, they will be vulnerable to hackers in the same way as PCs, laptops and tablets.

Director of smart connected vehicles at Cisco, Andreas Mai believes that an advanced end-to-end security reference architecture and close collaboration among automakers, suppliers, technology providers and government agencies should be maintained in order to deal with modern cyber attacks.

In a world, where data breaches takes place every time and all sorts of corporations look up to cyber security to protect their customer’s personal and financial information, car companies have something major to worry for.

Automated cars were developed with thought for safety as the conventional, human-driven cars produced many instances of bad decisions of humans while driving. Road accidents happen because of human errors on when to accelerate and when to put brakes.

But Google, which has led the way on self-driving cars, has experienced several accidents since hitting the road. In July, one of the firm’s Lexus SUV driverless cars was rear-ended in Google's home city of Mountain View, California.

For car companies, the worry of hacking does not end with financial crimes and frauds like in other corporations but here hacking can result in real-world and real-time physical problems and injuries.

While automated cars could be beneficial in future, the companies that bring them to the masses have to make people comfortable about them. They won't be successful if they aren't perceived as completely safe.

Man jailed for 18 months for hacking into 900 Aviva phones

Richard Neele (40) has been sentenced to 18 months in prison for hacking into 900 phones of insurance company Aviva.

Neele deleted the data on all the 900 smart phones making the company lose out on 5,00,000 pounds onf business.

Neele was a director at Esselar. a company which had been contracted by Aviva to manage its security network.

Neele has said that he carried out hte attacks becauys eof falling out with his colleagues.

He hacked the system at Aviva in May 2014 when Esselar was giving a security demonstration to Aviva.

Splunk buys Caspida for $190M

Splunk announced on July 9 that it had purchased Caspida, a Palo Alto startup that uses machine learning techniques to help identify cyber-security threats from inside and outside the company, for $190 million.

“Under the terms of the agreement, Splunk has acquired all of the outstanding stock of Caspida for an aggregate purchase price of approximately $190 million, including approximately $127 million in cash and $63 million in restricted Splunk securities,” the Splunk posted on its blog.

Haiyan Song, SVP of security markets at Splunk said it helped both companies to deal with the onslaught of machine data coming from IT systems using data science techniques and automation to make sense of it. Part of that is a growing security business, which accounted for a third of the company revenue in its most recent quarter.

“With Caspida, Splunk accelerates its focus on solving advanced threats - both external and from insiders - by shining a light on those who are wrongfully using valid credentials to freely and unpredictably exploit systems they have accessed. By addressing the entire lifecycle of known and unknown advanced threats, and by providing a platform to detect, respond to, and automate actions, Splunk has further reinforced its position as the security nerve center,” he added.

It is said that Splunk is adding a new tool to its security arsenal to beef up the ability to locate threats using the machine learning techniques that Caspida has developed.

“Like everyone, Splunk has watched the growing number of breaches over the last year, and its customers have been asking for better security detection tools to help battle these threats, many of which use with compromised credentials. This kind of attack is difficult to detect with conventional security techniques looking for signatures or rules. If someone comes in through the front door using valid credentials, there are no rules or patterns. They look like a valid user,” Song explained.

According to the blog post, the 35 Caspida employees will join Splunk immediately.

Caspida, which was launched in 2014, came out with its first product at the end of last year.

“We founded Caspida with a vision of applying data science to help solve the most pressing cybersecurity challenges - advanced threats and insider threats,” said Muddu Sudhakar, CEO of Caspida.

“By analyzing machine data and using data science to detect meaningful anomalous behavior of users, devices and entities, Caspida has solved a problem that previously required significant manpower and expensive, do-it-yourself toolsets. We are very excited to join the Splunk family and deliver new detection capabilities to customers,” he explained.

Avast announced the acquisition of Mobile Virtualization Company ‘Remotium”


Avast Software, maker of the most trusted mobile and PC security products in the world, on July 8 announced the acquisition of Remotium, a leader in virtual enterprise mobility which technology enables enterprises to extend access securely, simply, and cost-effectively to business-critical applications in a bring-your-own-device (BYOD) environment.

According to a press statement posted by the company, the acquisition of the Silicon-Valley-based start-up will allow Avast to expand its offering of mobile security applications to the enterprise space.

The entire Remotium team has joined the global organization of more than 600 Avast employees.

Like Avast, Remotium, which won "Most Innovative Company" at RSA Conference 2013, solves the challenges of delivering corporate applications to employees’ mobile devices by creating a smooth user experience, while assuring data security and compliance.

The company said that its product, Virtual Mobile Platform (VMP), which enables access to enterprise applications from any mobile or desktop device, allows users to work from anywhere in the office, remotely from their home office or while on business trips.

It is said that the users can connect to their VMP from any device they are using smartphones, tablets, and desktops in order to get access to their corporate tools, apps and data.

Vince Steckler, CEO at Avast, said that the Remotium‘s mobile solutions address the needs of modern enterprises.

"As more and more companies support BYOD policies, the question of how to implement these policies efficiently and securely is top of mind for everyone. With Remotium’s technology, 
companies have visibility and security needed to ensure data integrity and corporate compliance. At the same time, users enjoy increased privacy, as well as apps that look and feel consistent across mobile and desktop platforms. We are pleased to add the Remotium staff to our team together we will further accelerate Remotium’s growth and expand its capabilities across enterprise mobility platforms," he added.

Stephanie Fohn, CEO at Remotium, said, "The Remotium team and I are very excited about joining Avast Software. Avast has a long history in creating innovative, best-in-class security for personal and commercial use. We look forward to extending our technology leadership position and continuing to deliver groundbreaking enterprise mobility solutions to meet the needs of the enterprise.” 

Cisco announces its intent to acquire OpenDNS

 
Cisco announced on June 30 its intent to acquire OpenDNS, a security company which provides advanced threat protection for any device, anywhere and anytime based in San Francisco.

It is said that the acquisition will boost Cisco's Security everywhere approach by adding broad visibility and threat intelligence from the OpenDNS cloud delivered platform.

According to the press statement issued by the organization, the OpenDNS team will join the Cisco Security Business Group. As per the agreement, Cisco will pay $635 million in cash and assumed equity awards, plus retention based incentives for OpenDNS. The acquisition is expected to close in the first quarter of fiscal year 2016, subject to customary closing conditions.

The press statement said that the burgeoning digital economy and the Internet of Everything (IoE) are expected to spur the connection of nearly 50 billion devices by 2020, creating a vast new wave of opportunities for security breaches across networks. The faster customers can deploy a solution, the faster they can detect, block and remediate these emerging security threats.

“OpenDNS' cloud platform offers security delivered in a Software-as-a- Service (SaaS) model, making it quick and easy for customers to deploy and integrate as part of their defense architecture or incident response strategies. By providing comprehensive threat awareness and pervasive visibility, the combination of Cisco and OpenDNS will enhance advanced threat protection across the full attack continuum before, during and after an attack,” the statement read.

The statement added that OpenDNS' broad visibility, unique predictive threat intelligence and cloud platform with Cisco's robust security and threat capabilities will increase awareness across the extended network, both on- and off-premise, reduce the time to detect and respond to threats, and mitigate risk of a security breach.

Hilton Romanski, Cisco chief technology and strategy officer, said that many people, processes, data and things connected because of which opportunities for security breaches and malicious threats grow exponentially when away from secure enterprise networks.

“OpenDNS has a strong team with deep security expertise and key technology that complements Cisco's security vision. Together, we will help customers protect their extended network wherever the user is and regardless of the device,” Romanski added.

A Bug allows anyone to crash the iPhone with a Message

(pc- Google images)
A new bug in the latest version of iOS shows a string of Arabic characters and symbols in a special text message which is followed by the crashing of the phone.

(pc- Google images)
It affects the Messages App so much so that the lines of the message after being copied and texted to another iPhone, shuts it off as well.

Affecting iOS 7 and iOS 8 now, it is due to the banner notifications processing the Unicode text using CoreText API.

This susceptibility of the iPhone to stop working can happen in any mode; but in Jailbreaking iOS, it enters into the safe mode.

The only patch to this vulnerability is to send a photo or text to the original dispatcher with the help of the share sheet in another app.

The Reddit website has been flooded with comments after the recent attack of the malicious iMessage on their iPhones.

Megaupload domains serve malware and scam ads to website visitors


Three years ago, the US government had seized several Megaupload domains that are now directing visitors to malware scams and ads.The domains namely Megaupload[dot]com and Megavideo[dot]com are being exploited by cybercriminals to supply malware and carry out scams.

Seized back in January 2012, the trial and hearing have been delayed since the New Zealand police raided the mansion of Kim Dotcom in Auckland and closed the online file locker storage website. US officials still hope that New Zealand will hand over him and his colleagues.

The domains redirect people to a Zero-Click advertising feed which feeds malicious links to malware installers and other malicious ads.

Many of these redirects try to trap the visitors with the chance of winning iPhones for cheap. One of the malicious ads serves as the link to a false BBC article, offering the iPhone 6 for only £1.

It is said that the reason behind the exploitation of the domains is the failure of the FBI cybercrime unit in controlling the main nameserver, which was previously registered to the Cyber Initiative and Resource Fusion Unit (CIRFU).


CIRFU.biz, the domain name for Megaupload.com, points to a server in The Netherlands hosted by LeaseWeb; and the domain CIRFU.net lists Syndk Media Limited as the registrant.

It seems that Megaupload and Megavideo are serving malicious ads run by the third party as the domain used as a nameserver by the Department of Justice has either expired or taken over via other means, and is no longer a part of the Government.

“With U.S. Assistant Attorney Jay Prabhu the DOJ in Virginia employs a guy who doesn’t know the difference between civil & criminal law. And after this recent abuse of our seized Mega domains I wonder how this guy was appointed Chief of the Cybercrime Unit when he can’t even do the basics like safeguard the domains he has seized,” Megaupload founder Kim Dotcom commented.

“Jay Prabhu keeps embarrassing the U.S. government. I would send him back to law school and give him a crash course in ‘how the Internet works’,” Dotcom adds.

Apart from these domains, various poker sites seized previously, naming absolutepoker.com and ultimatebet.com also are linked to malicious content now.

Copart.com hacked, requests all members to change passwords


Copart, a Texas-based company which provides online vehicle auction and remarketing services, is urging its member to change their password for their Copart.com account after the company discovered that an authorized person gained access to its computer network.


“As part of our efforts to address the problem, the Copart is requiring all members to change the password for their Copart.com account,” Sean Eldridge, senior vice-president & chief operating officer at the Copart, wrote in a letter.


“If you have not already recently been required to reset your password, simply sign into your Copart account and go to the Change Password option under the My Account tab. Also, if you use the same username and password for any other account, we recommend that you change your password there as well,” he added.

On 31 March 2015, when the company identified that the unauthorized person accessed to its network, the company immediately worked to block any further unauthorized access.

A leading cyber-security firm has been hired for the investigation. It helps the company to help determine what had happened to the company’s system and to assists in implementing enhanced security measures.

“Based on the investigation, we determined that the unauthorized person may have accessed the member’s name, address, driver’s license number, telephone number, e-mail address, and the username and password for their Copart.com account,” said Eldridge.

In order to protect, the company has recommended its members to remain vigilant by reviewing their account statements and credit reports for any unauthorized activity.

Similarly, the members can also get a copy of their credit report, free of charge, in every 12 months from each of the three nationwide credit reporting companies: Equifax, Experian and TransUnion.

According to the letter, in order to order the free credit report, the members should visit www.annualcreditreport.com or call toll free at 1-877-322-8228.

Eldridge said that if any member believed that his/her personal information has been misused, he/she should immediately contact the Federal Trade Commission and/or the attorney general’s office in respective Home State.

Cisco releases software updates to address serious flaws in TelePresence products

Cisco has released software updates to address several vulnerabilities that have been identified in its TelePresence products, which can be exploited by hackers to compromise a vulnerable system.

It has also urged its customers to update their TelePresence software. Similarly, they are advised to consult their maintenance providers or check the software for feature set compatibility and known issues that are specific to their environments.

Cisco said in an advisory published on May 13 that the workarounds that mitigate the vulnerabilities, which have been identified by during its internal tests and product security reviews, are not available.

“The vulnerability in the web framework of multiple Cisco TelePresence products could allow an authenticated or remote attacker to inject arbitrary commands that are executed with the privileges of the root user,” Cisco said in its advisory.

“The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by authenticating to the device and submitting crafted input to the affected parameter in a web page."

"Administrative privileges are required in order to access the affected parameter. A successful exploit could allow an attacker to execute system commands with the privileges of the root user,” the advisory added.

Cisco said that although, this is a serious vulnerability with a CVSS score of 9.0, it hasn’t found evidence that shows flaw has been leveraged for malicious purposes.

One click scammers targeting people in Hong Kong

People running one click scams on the internet have seem to taken it one step further by creating new malware in Chinese.

Recently, one click scammers have begun targeting people in Hong Kong by using pop-up windows and registration pages that have been written in Chinese and ask for payment in Hong Kong dollars. In the last month alone, Symantec has blocked more than 8,000 such attempts.

Such scams have been primarily running on adult websites and download malicious software to a users computer.

Such scams primarily were run in Japan but hackers have come into new territory by learning Chinese.

Cisco fixes remote code flaw in its UCS Central software

Cisco System Inc, an American multinational corporation,  has released an advisory to address remote code execution vulnerability in its Unified Computing System (UCS) Central software, a networking giant which integrates processing, networking and storage into one system.


The company said that it could exploit by remote attackers to execute arbitrary commands on affected systems.

“Successful exploitation of the vulnerability may permit unauthenticated access to sensitive information, allow arbitrary command execution on the Cisco UCS Central operating system or impact the availability of the affected device,” Cisco wrote in its advisory on May 6.

“An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device," said the advisory. An exploit could allow the attacker to execute arbitrary commands on the underlying operating system with the privileges of the root user.”

According to the advisory, the vulnerability was caused by the improper input validation (CVE-2015-0701) which allows an unauthenticated remote attacker to execute arbitrary commands on the underlying operating system with root privileges.

However, the company has failed to validate user input via its web framework, exposing the platform to remote attack in versions 1.2.

The company added that it is not aware of any public exploits as it hasn’t found any evidence to prove it.

The advisory said that the users can fix the vulnerability by updating the software which is provided by Cisco.

The company has urged its users to update to UCS Central software version 1.3. It has assigned the vulnerability its highest severity score of 10.

Earlier, Cisco released security updates for several of its products. Like Cisco Adaptive Security Appliance (ASA), Cisco Small Business SPA300 and SPA500 series IP phones, and IOS software.

Hacker's tweet led FBI to issue warning for airlines in US

In response to the claims and reports of the recent United Airlines incident, The US Federal Bureau of Investigation has issued a warning to all the airlines to be on the lookout for hackers. It follows an onboard tweet from Chris Roberts, pro hacker and the founder of One World Labs.

Roberts, a researcher specializing in the security of commercial airplanes, was detained by FBI (Federal Bureau of Investigation) agents while deplaning his United Airlines flight from Denver to Syracuse, New York. This action was taken after he tweeted a joke about taking control of the plane’s engine-indicating and crew-alerting system, which provides flight crews with information in real-time about an aircraft’s functions, including temperatures of various equipment, fuel flow and quantity, and oil-pressure.

The computer expert tweeted: “Find myself on a 737/800, lets see Box-IFE-ICE-SATCOM, ? Shall we start playing with EICAS messages? 'PASS OXYGEN ON' Anyone ? :)”. This apparently caught the attention of Federal authorities who confiscated Robert’s iPad, MacBook Pro, and storage devices after questioning him for four hours.


Roberts stated that he was perturbed by the actions of the US law enforcement as he has been demonstrating vulnerabilities in the avionics system used on modern airplanes and telling CNN that he could connect a computer under his seat to view data from the aircraft’s engines, fuel and flight-management systems. And he is not the only one, according to an article by Forbes, Thomas Lim, head of security consultancy Cose Inc, has repeatedly been checked going through airports in recent years. On a flight from New York to Taipei, he was searched of all his belongings at the airport in Anchorage.

United Airlines has now banned Chris Roberts from all its flights.

Moreover, in a notification reported by the Wired Magazine, the FBI advised airlines to report any suspicious activity i.e. passengers connecting unknown wires and cables, or tampering or the forced removal of covers to network connection ports, along with reporting any evidence of suspicious behaviour concerning aviation wireless signals, including social media messages with threatening references to onboard network systems, automatic dependent surveillance systems (ADS-B), aircraft communications addressing and reporting systems (ACARS) and air traffic control networks.

Valve new policy to control spam cases and phishing on Steam


Photo Courtesy: Steam
With an aim to control spam cases and phishing on Steam, Valve, an entertainment software and technology company, has come up with a new policy under which people won’t get Steam’s features, unless they have a minimum of $5 worth of games in their library, or more in the store.

It is believed that Valve’s new policy is to ensure that the user is an actual gamer or not.

It is said that once the new policy gets implemented, current and new users will find huge restriction on their Steam accounts. However, those people who have spent $5 in the past or more in the store won’t have to face such restriction.

Although, people can play games without paying $5, they cannot send friend invitations, open a group chat, vote on Greenlight, Steam Reviews and Workshop items, participate in the Steam Market, post frequently in the Steam Discussions, gain Steam Profile Levels (Locked to level 0) and Trading Cards, submit content on the Steam Workshop, post in an item's Steam Workshop Discussions, access the Steam Web API, use browser and mobile chat.

Tom Sykes, who writes for PC Gamer, wrote that if anyone has 200 Steam games on his/her game library, then he/she won’t face restrictions. But, the new policy would affect people who only use Steam with disc-based retail games.

He added that by activating retail game on Steam won't prevent account restrictions. People can use buy different features by their own currency. Their currency will be converted into dollars using daily exchange rates.

Teenagers suspected of hacking Belgian and French websites


Photo Courtesy: The Local France
Two teenagers, who were suspected of hacking the websites of Belgian and French newspapers last week, would have a court hearing, authorities said on April 17.

The websites of Le Soir, La Libre Belgique, La Dernière Heure, the Sudpresse group, the French regional publications, including La Voix du Nord, and Union de Reims and l'Ardennais, which sites were disabled during the attacks, were targeted.

According to the prosecutors, five-year prison sentence will be given to those two teens, if the prosecutors find them guilty. Similarly, those persons will have to pay a fine of up to 100,000 euros and also to have to compensate for the damages.


In a statement Brussels prosecutors said that the regional unit of computer crime managed to identify the two teens, who are 18 and 16 years old, behind the cyber attacks on Sunday and Monday.

The hacking, which took place on Sunday evening, forced the Le Soir to close down its website for several hours.

The Belgian media group Rossel and the Belgian group IMP filed a police complaint last week.

The authorities carried out three raids in Belgium. During the raids, they discovered one address which linked to the attacks.

An examining magistrate has been investigating the case. They will try to find out, if others are involved or not in the attacks, the authorities said.

In a video by an anonymous group of Belgian, said that it had identified one of the teens as an adolescent who lives in Belgium and loves playing games.

The group, which is said to be hackers’ group, said it shared information with the police as it was protecting freedom of expression.