Every ‘Conspiracy Theorist’ In America Has Just Been Vindicated

Tales from the Conspiratum

Now that all of this is out in the open, America has two choices.

Source: Every ‘Conspiracy Theorist’ In America Has Just Been Vindicated – Waking Times Media

Now that all of this is out in the open, America has two choices.

Yes, the government can use your phone, your computer and even potentially your television to spy on what you are doing inside your own home. On Tuesday, Wikileaks released thousands of documents that prove what virtually every “conspiracy theorist” in America has been saying for years about government spying. And I don’t even like to use the term “conspiracy theorist” much, because the truth is that most “conspiracy theorists” are simply citizen journalists that are attempting to expose things that the mainstream media doesn’t want to talk about. And one of the things…

View original post 1,280 more words

Advertisements

HYPOCRISY: Nancy Pelosi now says Americans have a right to know what’s in Obamacare repeal BEFORE it passes

“Democrats continued to defend Obamacare as though their lives depended on it.”
For Nancy, it is life and death. She and other pedophiles in our gov’t power structure need to take down Trump ASAP before the Pedogate crackdown lands them all in jail. Anthony Weiner is squealing to the Feds. 🙂

TheBreakAway

Image: HYPOCRISY: Nancy Pelosi now says Americans have a right to know what’s in Obamacare repeal BEFORE it passes
Source: NaturalNews.com
JD Heyes
March 14, 2017

Let this be a lesson to anyone considering running for federal elected office: If you have a conscience, if you can be shamed, or if you have a tendency to avoid being the world’s biggest hypocrite, don’t run. None of these qualities will suit you well in office.

A lack of these qualities is precisely how House Minority Leader Nancy Pelosi, R-Calif., has not only managed to hold federal elected office for so long, but why she’s excelled in her position.

You may recall some years ago as the debate kicked off regarding Obamacare. During one particularly tone-deaf moment, Pelosi told an audience that Congress had to actually “pass the bill so that you can find out what’s in it…”:

D’oh! And that’s precisely what the Democratic congressional majority did – the passed it without a single Republican vote of support, and…

View original post 555 more words

ALERT: Doctors aggressively scheduling dangerous flu shots for patients without warning them of mercury risks

TheBreakAway

Image: ALERT: Doctors aggressively scheduling dangerous flu shots for patients without warning them of mercury risks
Source: NaturalNews.com
Thomas Dishaw
March 14, 2017

Fewer than half of Americans are getting the flu vaccine, and that has the CDC and doctors worried. A new study, however, may result in doctors aggressively scheduling flu shots for patients to combat this trend.

A Rutgers study  has found that doctors who schedule flu shots for their patients see a dramatic increase in vaccination rates. Patients are actually three times more likely to get vaccinated when their physician makes the appointment than when they are invited to make the appointment themselves.

Despite the CDC already admitting that flu shots don’t prevent influenza a majority of the time, these dangerous vaccines made with the mercury preservative Thimerosal are still being pushed on society, especially to those most susceptible to adverse effects: children and the elderly. Studies have even shown that people have a greater chance of getting sick with a…

View original post 331 more words

Hacker News: 7 Things That Happened After WikiLeaks Dumped The CIA Hacking Files

WikiLeaks CIA Hacking Dump

This week WikiLeaks published “Vault 7” — a roughly 8,761 documents and files claiming to detail surveillance tools and tactics of the Central Intelligence Agency (CIA).

The leak outlined a broad range of flaws in smartphones and other devices that the agency uses to intercept communications and spy on its targets, making even China and Germany worried about the CIA’s ability to hack all manner of devices.

While WikiLeaks promised the “Vault 7” release is less than one percent of its ‘Year Zero’ disclosure, and there’s more to come, we are here with some new developments on the CIA leak.

But, before knowing about the latest developments in the CIA hacking tool leak, I would suggest you read my previous piece to know 10 important things about ‘WikiLeaks-CIA Leak.’

We believe the US intelligence agencies have access to much bigger technical resources and cyber capabilities than the leak exposed in the leak.

The dump so far just shows that the agency gathered and purchased tools to target devices, but nothing in the leak specifies that was actually spying on people. Also, the nature of those tools suggests that they’re designed for targeted operations, rather than mass surveillance.

The CIA also issued a statement in response to the WikiLeaks claims regarding the agency’s hacking tools. Let’s have a look at what happened so far.

CIA Responds: It’s our Job to be Innovative, but we don’t spy on fellow Americans

The CIA denied conducting electronic surveillance on Americans, but at the same time, also said the agency is just doing its job, whether or not it has a giant arsenal of hacking tools for smartphones, computers and smart TVs.

While the agency did not confirm or deny if the documents released by WikiLeaks are authentic, the CIA argued that hacking and gathering intelligence is exactly what the agency should be doing and is meant to do.

“CIA’s mission is to aggressively collect foreign intelligence overseas to protect America from terrorists, hostile nation states, and other adversaries,” the CIA said in a statement. “It is CIA’s job to be innovative, cutting-edge, and the first line of defense in protecting this country from enemies abroad. America deserves nothing less.”

The CIA pointed out that it is legally prohibited from spying on Americans, and also expressed concern about the impact of Vault 7 on its operations, saying the Americans should be “deeply troubled” by Wikileaks disclosures designed to “damage” the agency’s ability to protect America against terrorists and other attackers.

Julian Assange: Wikileaks may have evidence CIA illegally spied On Americans

No doubt the CIA data dump made countries like China and Germany worried about the capabilities of the CIA to hack all manner of devices.

On the one hand, Chinese Foreign Ministry spokesman Geng Shuang expressed concern about the reports, urging the US to “stop listening in, monitoring, stealing secrets and internet hacking” against China.

On the other hand, the German Foreign Ministry said that it’s attempting to authenticate the Vault 7 documents carefully and will initiate an investigation if it sees any evidence of “concrete criminal acts or specific perpetrators.”

But the question remains: Has the CIA ever spied on American citizens?

This was the exact question that was thrown at Julian Assange Thursday during a press briefing hosted on Twitter’s Periscope, to which Assange’s response was: “The answer is not no.”

Assange claimed that Wikileaks had recovered over 22,000 IP addresses in the Vault 7 files that “corresponded” to the United States.

“It is not clear which are attack infrastructure, intermediary victims, or targets,” Assange added. “But we know there are numerous attacks on Europe and Latin America, including Brazil and Ecuador… are not really known for their extremists.”

Well, we need to wait until next WikiLeaks release for having more clarity on the US intelligence agencies’ operation, as the whistleblower organization tweeted that it “released less than 1% of its #Vault7 series in its part one publication yesterday ‘Year Zero.'”

Questions Arise Over CIA Handling of Zero-Day Vulnerabilities

During a keynote at the Black Hat 2014, Dan Geer, chief information security officer at the CIA’s venture capital arm In-Q-Tel, suggested that the government should purchase zero-days from the black market and disclose them to the software makers.

This practice, Geer said, would not only help the companies improve the security of its product, but would also burn its enemies’ stockpiles of exploits and vulnerabilities, making the U.S. far less susceptible to cyberattacks.

But the WikiLeaks dump shows that the CIA is itself stockpiling vulnerabilities in hardware and software for future exploitations, and it is unlikely to share details of these flaws with responsible vendors.

This puts the privacy and security of millions of people around the world who rely on smartphones, computers, routers, IoT gear, potentially smart TVs at risk, making them vulnerable to spying not only agencies but also hackers.

Google, Apple, Samsung, Microsoft, and Linux Foundation React to Wikileaks’ CIA Leak

In response to WikiLeaks CIA dump, several technology firms, including Apple, Microsoft, Samsung, Google and even Linux Foundation have released their statements.

While Apple says it has already patched many iOS vulnerabilities revealed in CIA leaks its latest iOS version, Google’s response is almost identical to Apple’s, claiming “many” of the vulnerabilities are already fixed.

Here’s what Google’s director of information security and privacy Heather Adkins said in a statement:

“As we have reviewed the documents, we are confident that security updates and protections in both Chrome and Android already shield users from many of these alleged vulnerabilities. Our analysis is ongoing, and we will implement any further necessary protections. We have always made security a top priority, and we continue to invest in our defenses.”

Microsoft and Samsung also reacted to the claims that the CIA had created malware to target computers running Microsoft’s Windows operating system and Samsung SmartTVs, saying they are looking into the issues raised.

Microsoft only says: “We are aware of the report and are looking into it,” while Samsung says: “Protecting consumers’ privacy and the security of our devices is a top priority at Samsung. We are aware of the report in question and are urgently looking into the matter.”

Since the Vault 7 leak also suggests that the CIA had created “attack and control systems” to hijack PCs powered by Linux-based software, The Linux Foundation CTO Nicko van Someren responded, delivering the following statement to the BBC:

“Linux is a very widely used operating system, with a huge installed base all around the world, so it is not surprising that state agencies from many countries would target Linux along with the many closed source platforms that they have sought to compromise. [But] rapid release cycles enable the open source community to fix vulnerabilities and release those fixes to users faster.”

WikiLeaks will share Exploits with Tech Companies to ‘Disarm’ CIA Hacking Tools

While the hackers had been expecting WikiLeaks to publish the actual code of the zero-days that the CIA uses to exploit previously undisclosed flaws in software and hardware products used by consumers and businesses, WikiLeaks announced to help tech firms fix the holes.

Assange said Thursday that his anti-secrecy group would offer tech companies, including Google, Microsoft, and Apple, access to CIA’s leaked hacking techniques and code, giving them time to “develop fixes” before further details about the tools are revealed to the public.

“After considering what we think is the best way to proceed and hearing these calls from some of the manufacturers, we have decided to work with them, to give them some exclusive access to the additional technical details that we have, so that fixes can be developed and pushed out and people can be secured,” Assange said during a press conference.

Assange also warned that others outside the agency might already have access to the CIA’s digital arsenal. “They were not securing it very well,” he said, adding it’s quite possible numerous people, including China, have it.

But, this doesn’t mean that WikiLeaks will not release the CIA hacking tools to the public.

Once all vulnerabilities are patched by the tech firms in their affected hardware and software, WikiLeaks will release the actual computer code for the CIA’s alleged cyber weapons to the public, Assange promised.

However, if the code is released and doesn’t get patched by vendors or more likely devices whose owners neglect to update them, the respected hardware and software would remain vulnerable, and this time, to anyone.

U.S. Intel Officials Were Aware Of CIA Breach Since Late Last Year

The CIA has been aware of a security breach since late last year, which led to the latest Wikileaks data dump, a U.S. intelligence agencies and a law enforcement officials told Reuters on Wednesday.

The officials, who wished to remain anonymous, said the agency became aware of a cyber attack on its systems last year but did not know the exact nature of the breach.

The duo believed the documents about CIA tools and tactics used between 2013 and 2016 were authentic.

Meanwhile, the White House also said President Donald Trump was “extremely concerned” about the security breach, adding that the Trump administration will be intended to be tough on leakers.

Hunt For Snowden 2 Begins: FBI And CIA Launch Criminal Investigation

Well, the FBI is launching a hunt to unmask the mysterious whistleblower inside the CIA who’s responsible for the CIA leak that has rocked the US intelligence services.

According to the investigators, the leak was not the work of nation state like Russia, but of an insider. The FBI is set to interview possibly over a thousand officials who may have had access to the information leaked by WikiLeaks, the NY Times reports.

The CIA and FBI are also trying to determine if there are other unpublished files and documents WikiLeaks may have.

After the two anonymous officials confirmed the authenticity of the leaked documents, the biggest concern for the federal government right now is if the whistleblower organization publishes the code for zero-days held by the CIA, hackers could take that code and cause havoc overseas.

The CIA revelations by the whistleblower organization are just beginning. People will see more revelations about the government and agencies from the WikiLeaks in coming days as part of its Year Zero leak series.

Swati - Hacking News
Technical Writer, Security Blogger and IT Analyst. She is a Technology Enthusiast with a keen eye on the Cyberspace and other tech related developments.

Hacker News: Beware! Pre-Installed Android Malware Found On 36 High-end Smartphones

android-malware-apps

Bought a brand new Android Smartphone? Do not expect it to be a clean slate.

At least 36 high-end smartphone models belonging to popular manufacturing companies such as Samsung, LG, Xiaomi, Asus, Nexus, Oppo, and Lenovo, which are being distributed by two unidentified companies have been found pre-loaded with malware programs.

These malware infected devices were identified after a Check Point malware scan was performed on Android devices. Two malware families were detected on the infected devices: Loki and SLocker.

According to a blog post published Friday by Check Point researchers, these malicious software apps were not part of the official ROM firmware supplied by the smartphone manufacturers but were installed later somewhere along the supply chain, before the handsets arrived at the two companies from the manufacturer’s factory.

First seen in February 2016, Loki Trojan inject devices right inside core Android operating system processes to gain powerful root privileges. The trojan also includes spyware-like features, such as grabbing the list of current applications, browser history, contact list, call history, and location data.

On the other hand, SLocker is a mobile ransomware that locks victims devices for ransom and communicates through Tor in order to hide the identity of its operators.

List of Popular Smartphones Infected with Malware

Here’s the list of infected smartphones:

  • Galaxy Note 2
  • LG G4
  • Galaxy S7
  • Galaxy S4
  • Galaxy Note 4
  • Galaxy Note 5
  • Xiaomi Mi 4i
  • Galaxy A5
  • ZTE x500
  • Galaxy Note 3
  • Galaxy Note Edge
  • Galaxy Tab S2
  • Galaxy Tab 2
  • Oppo N3
  • Vivo X6 plus
  • Nexus 5
  • Nexus 5X
  • Asus Zenfone 2
  • LenovoS90
  • OppoR7 plus
  • Xiaomi Redmi
  • Lenovo A850

The malware backdoor offers its operator unrestricted access to these infected devices, from downloading, installing and activating Android malicious apps, deleting user data, uninstalling security software and disabling system apps, to dialing premium phone numbers.

This incident underscores the dangers of untrusted supply chains, and experts are quite worried about the security of the supply chain with reports of over 20 incidents where rogue retailers have managed to pre-install malware on new Android handsets.

Here’s How to Remove the Malware Infections:

Since the malware programs were installed to the device’s ROM using system privileges, it’s hard to get rid of the infections.

To remove the malware from the infected devices, either you can root your device and uninstall the malware apps easily, or you would need to completely reinstall the phone firmware/ROM via a process called “Flashing.”

Flashing is a complex process, and it is recommended that users power off their device and approach a certified technician/mobile service provider.

It’s not the first time when high-end smartphones have been shipped pre-installed with malicious apps that can covertly siphon sensitive user data.

In December last year, certain low-cost Android smartphones and tablets were found to be shipped with malicious firmware that covertly gathered data about the infected devices, displays ads on top of running apps and downloads unwanted APKs on the victim’s devices.

In November, researchers discovered a hidden backdoor in the AdUps firmware of over 700 Million Android smartphones, which also covertly gathered data on phone owners and sent it to a Chinese server without the user’s knowledge.

Meanwhile, a flaw in the Ragentek firmware used by certain low-cost Android devices was also discovered that allowed attackers to remotely execute malicious code with root privileges, turning over full control of the devices to hackers.

Wang Wei - Hacking News
Security Researcher and Consultant for the government, Financial Securities and Banks. Enthusiast, Malware Analyst, Penetration Tester.