LinkedIn Wins Dismissal of Privacy Suit Over Hacking

LinkedIn Corp. (LNKD), the biggest online professional-networking service, won dismissal of a lawsuit claiming it failed to follow industry standards and its own promises in encrypting user password information.
The lawsuit, filed last year in federal court in San Jose, California, followed the company’s website being hacked and 6.5 million member passwords being posted on an unrelated website. In June, LinkedIn confirmed its site was hacked. The suit was based on alleged violations of California consumer protection statutes, breach of contract and negligence claims.

 

The LinkedIn Corp. app logo is displayed on an Apple Inc. iPad in Des Plaines, Illinois. Photographer: Tim Boyle/Bloomberg 

Oct. 11 (Bloomberg) -- Jeff Weiner, chief executive officer of LinkedIn Corp., talks about job creation, the company's mobile strategy and premium services. He speaks with Nicole Lapin on Bloomberg Television's "Bloomberg West." (Source: Bloomberg)

In dismissing the case, U.S. District Judge Edward J. Davila said the plaintiffs didn’t read LinkedIn’s allegedly misrepresented privacy policy, which is necessary to support their claims.
The plaintiffs haven’t demonstrated they have standing to bring the lawsuit, Davila said, because they failed to demonstrate a “causal connection” between Mountain View, California-based LinkedIn’s alleged misrepresentation and their harm, according to yesterday’s ruling.
Jay Edelson, a lawyer representing plaintiffs in the case, didn’t immediately return a call yesterday after regular business hours seeking comment on the ruling.
The case is In re LinkedIn User Privacy Litigation, 12- cv-03088, U.S. District Court, Northern District of California (San Jose).
To contact the reporter on this story: Joel Rosenblatt in San Francisco at jrosenblatt@bloomberg.net

Lobbyists Targeting Liberal Groups Channeled Chinese Hackers' Strategy

Attorney General Eric Holder, center, accompanied by U.S. Intellectual Property Enforcement Coordinator Victoria Espinel, left, and Acting Commerce Secretary Rebecca Blank, speaks about strategy to mitigate the theft of US trade secrets, Wednesday, Feb. 20, 2013, in the Eisenhower Executive Office Building on the White House complex in Washington. (AP Photo/Jacquelyn Martin)

The revelation, made by the New York Times and a firm called Mandiant last month, that the Chinese military is engaging in a sophisticated campaign of Internet spying and cyber attacks targeting American corporations and government websites provoked widespread alarm. What hasn’t been noted is that the Chinese plot bears much in common with a conspiracy to spy on and sabotage liberal advocacy groups and unions—a plot developed on behalf of none other than the US Chamber of Commerce back in 2011.
Indeed, Mandiant identified the Chinese plot by combing through the database of hacking tools managed by the same individuals associated with the American firm that had been enlisted to help the Chamber execute its spying and hacking plan, before it was exposed by the hacktivist group Anonymous.
Attorneys for the Chamber were caught negotiating for a contract to launch a cyber campaign using practically identical methods to those attributed to the Chinese, which reportedly could be used to cripple vital infrastructure and plunder trade secrets from Fortune 100 companies. The Chamber was seeking to undermine its political opposition, including the Service Employee International Union (SEIU) and MoveOn.org, but apparently had to scotch the plan after it was revealed by Anonymous.
At the RSA Conference in San Francisco, the “nation’s largest gathering of cyber security professionals,” The Nation spoke to a number of experts who said the same invasive strategies employed by the Chinese military could be easily used in political campaigns and other political contexts by anyone willing to take the risk.
The story of both the Mandiant report and the American lobbyist hacking conspiracy begins in February of 2011, when the hacktivist group Anonymous stole some 70,000 e-mails from a Bethesda, Maryland-based firm called HBGary Federal and dumped them onto the Internet. HBGary Federal was an affiliate of HBGary, a firm that maintained a database and discussion forum of hacking software called Rootkit.com, which served as a “malware repository where researchers stud[ied] hacking techniques from all over the world.” It appears the Chinese hackers, known as the “Comment Crew,” had participated to gain the types of software used to compromise computers owned by dozens of American interests.
The Mandiant report details how the disclosure of Rootkit.com’s user database from Anonymous not only revealed the e-mail account associated with UglyGorilla, or Jack Wang, and SuperHard_M, or Mei Qiang, two of the alleged Chinese hackers, but the IP address that helped confirm the Shanghai Pudong location of the Chinese military office building, from which it launched attacks on US-based targets. As Nate Anderson of Ars Technica reported, the theft of HBGary Federal’s data offered the Mandiant researchers a “treasure trove of information.”
Rootkits, a term used to describe software that can gain access to computer systems without detection, can often be used for malicious purposes. Asked why he thought the Chinese military would participate in an American site like Rootkit.com, Richard Bejtlich, Mandiant’s Chief Security Officer, told The Nation that at least initially, “If you wanted to get up to speed on that technology, that’s where you went.”
Mandiant compared the information from the Rootkit.com user database with data from other cyber security breaches attributed to Chinese hacking attempts to come to the conclusions in their report.
According to the New York Times and Mandiant, the Shanghai-based Unit 61398 of the People’s Liberation Army employing the “Comment Crew” hackers relied largely upon spear-phishing (often an e-mail to trick the recipient into opening a document or attachment containing a malicious piece of software, like a rootkit) to gain access to firms like Coca-Cola, the National Electrical Manufacturers Association, EMC, and Telvent, a company that produces programs for remote access for oil and gas pipelines.
As policymakers and major American companies continue to react to the news about the Chinese hacking, similar threats could play a role in labor organizing and political campaigns.
The disclosure of HBGary Federal’s e-mails revealed one of the most brazen political espionage efforts in recent memory, which underscores this threat.
In October of 2010, HBGary Federal was solicited by Matthew Steckman of the firm Palantir on behalf of attorneys representing the US Chamber of Commerce “about offering a complete intelligence solution” and “social media exploitation.” The Chamber had dealt with critical news about an IRS complaint alleging that the insurance giant AIG had illegally laundered millions of dollars to the Chamber in September. Also around that time, I wrote a separate story for ThinkProgress revealing fundraising documents that showed the Chamber had solicited foreign corporate money for the same 501(c)(6) legal entity the Chamber used to run campaign commercials during the midterm elections. The leaked HBGary Federal e-mails show the Chamber was interested in responding aggressively to this pressure.
By November of that year, Palantir, HBGary Federal and another firm, Berico, had discussed the effort to push back against the Chamber’s critics several times with a number of the Chamber’s attorneys at the law/lobbying firm Hunton and Williams, and had prepared a series of presentations detailing their proposal to the Chamber. One of the attorneys involved in the discussions, Hunton and William's Richard Wyatt, had already been retained by the Chamber to sue the Yes Men, a comedic advocacy group, for impersonating the Chamber at a prank press conference.
The presentations, which were also leaked by Anonymous, contained ethically questionable tactics, like creating a “false document, perhaps highlighting periodical financial information,” to give to a progressive group opposing the Chamber, and then subsequently exposing the document as a fake to undermine the credibility of the Chamber’s opponents. In addition, the group proposed creating a “fake insider persona” to “generate communications” with Change to Win, a federation of labor unions that sponsored the watchdog site, US Chamber Watch.
Even more troubling, however, were plans by the three contractors to use malware and other forms of malicious software to hack into computers owned by the Chamber’s opponents and their families. Boasting that they could develop a “fusion cell” of the kind “developed and utilized by Joint Special Operations Command (JSOC),” the contractors discussed how they could use “custom malware development” and “zero day” exploits to gain control of a target’s computer network. These types of hacks can allow an attacker not only to snoop, but to delete files, monitor keystrokes, and manipulate websites, e-mail archives and any database connected to the target computer.
In January of 2011, Hunton and Williams, which had met with the Chamber to discuss the proposals, sent by courier a CD with target data to the contractors. The targets discussed in e-mails included labor unions SEIU, IBT, UFW, UFCW, AFL-CIO, Change to Win, as well as progressive organizations like the Center for American Progress, MoveOn.org, Courage Campaign, the Ruckus Society, Agit-Pop, Brave New Films and others.
Though HBGary markets itself as a firm that uses its expertise in cyber security to help both companies and the government defend against malicious attacks, the e-mail archives leaked by Anonymous make clear that executives at the firm were interested in selling this technology for offensive capabilities. In an e-mail with Greg Hoglund, the founder of both HBGary and Rootkit.com, and part owner of HB Gary Federal, Aaron Barr, HBGary Federal's chief executive, described a “spear phishing strategy” that could be used on “our adversaries.” In another e-mail chain, HBGary staff discussed using a fake “patriotic video of our soldiers overseas” to induce military officials to open malicious data extraction viruses; in another, they discuss the success of a dummy “evite” e-mail used to maliciously hack target computers.
The tactics described in the proposals are illegal. However, there were no discussions in the leaked e-mails about the legality of using such tactics. Rather, the Chamber’s attorneys and the three contractors quibbled for weeks about how much to charge the Chamber for these hacking services. At one point, they demanded $2 million a month.
HBGary Federal and their partners were scheduled to meet the Chamber to finalize the deal on February 14, 2011. However, on February 4, Barr boasted to the Financial Times that he was preparing to reveal the identities of Anonymous, which responded with the hack that spilled the contents of HBGary Federal’s e-mails and Rootkit.com’s user database. HBGary Federal had also entered into talks about working on behalf of Bank of America to discredit the website Wikileaks and its perceived allies in the media. The e-mail trail ends on February 6th; the Chamber, despite e-mails showing they met with Hunton and Williams to discuss the project, denied any knowledge of the proposal and said they had never compensated the firms or entered into any agreement for the work described in the proposals.
HBGary Federal, which shared the same owners and office space as HBGary, shut down in the wake of the leaked e-mails. Last year, HBGary was acquired by a military contracting firm called ManTech International for $23.8 million, according to disclosures with the Securities and Exchange Commission. The spokesperson for HBGary declined to comment on this story.
Although Rootkit.com is no longer online, similar websites like MetaSploit and TrustedSec offer hackers and cyber security professionals an array of software that could be used by anyone seeking to break into an organization, take control of their network, and seize data.
“There’s nothing so unique about how you break into an organization,” said Nick Levay, the Director of Technical Operations Information Security at the Center for American Progress, who spoke to The Nation by telephone. Levay, an expert on computer security, said there’s “lots of overlap” between the documented Chinese military cyber hacking incidents described by The New York Times and the Mandiant report and the tactics proposed by the contractors working with the Chamber’s attorneys.
Mandiant’s Richard Bejtlich described the malware tools as a firearm that could be used by anyone. “You could buy a firearm but what are you going to do with it? Is it for hunting or self-defense?” Researchers commonly use sites like MetaSploit to develop defense software against certain cyber attacks. Or, Bejtlich said, “Are you outfitting an army to conduct an insurgency where you’re going to harass a foreign military for ten years?”
Levay said that malware or phishing attempts may be difficult to detect if the perpetrator is only interested in gathering intelligence. However, “any disruption or sabotage, they’re going to get caught,” said Levay. Bejtlich made a similar case, arguing that if domestic political organizations or cyber criminals attempt to sabotage computers in the United States, “the Bureau’s going to find you.”
Large firms that have been victimized by malicious hacking, including Google and Intel, at least have the resources to detect and counter most forms of computer crimes. But what about a small company, or political advocacy group with little resources?
“Political campaigns, absolutely, they have to be vigilant that they will be attacked,” said Ajay Uggirala, the Director of Protect and Technical Marketing at the cyber security firm Solera Networks. “It’s going to be a dynamic,” Uggirala explained,  “I wouldn’t be surprised if people use the good tools we have for bad purposes on political candidates.”

Ethical Hacking Tutorials PDF

Today I am going to share some useful Ethical Hacking Tutorials/E-book/PDF .These PDFs are suitable for both the Novice and Expert in the field of Ethical Hacking.


1.Hacking For Beginners (A beginners guide for learning ethical hacking)

Download Link

http://depositfiles.com/files/hbrfultbx

2.The Hackers Underground Handbook

Download Link

http://depositfiles.com/files/u9l4jx0jv

3.Hacking for Dummies ( Access to Other Peoples Systems Made Simple)

Download Link

http://depositfiles.com/files/n37b2rgkv

4.Gray Hat Hacking  (The Ethical Hackers Handbook, 3rd Edition [NepsterJay])

Download Link

http://depositfiles.com/files/y8n44r1mw

5.Hacking Exposed-Web Applications - Web Application Security Secrets & Solutions

Download Link

http://depositfiles.com/files/l27gwn5uh

6.Hacking Exposed - Windows

Download Link

http://depositfiles.com/files/e6p8kxsil

7.Hacking Exposed - Linux

Download Link

http://depositfiles.com/files/95bcuofr1

8.Hacking Exposed - Malware And Rootkits

Download Link

http://depositfiles.com/files/6pr1abae8

9. Hacking Exposed-Wireless - Wireless Security Secrets & Solutions

Download Link

http://depositfiles.com/files/hs1mrum6w

.


10.Ankit Fadia's E-book Collections.

Download Link

http://depositfiles.com/files/fx2gk4gw7

Please do comment if you need any specific e-books.

Facebook hacked in 'sophisticated' attack

Facebook has revealed it has been targeted a "sophisticated attack" by hackers who exploited a previously unknown loophole in its computer system.

Facebook claims it has more than 1bn active users worldwide Photo: AP

7:45AM GMT 16 Feb 2013

111 Comments

The internet company insisted that no personal information of users had been compromised by the hacking attack.

It said that malware had infected its computer systems after employees had visited the website of a developer of mobile applications that was "compromised".

In a blog post, Facebook said it was not the only company to have been attacked in this way.

The California-based company said: "Last month, Facebook security discovered that our systems had been targeted in a sophisticated attack.

"Facebook was not alone in this attack. It is clear that others were attacked and infiltrated recently as well."

Facebook said that it took immediate action to repair all infected computers once the malware was discovered and added that it had informed law enforcement authorities.
It is the latest in a number of sophisticated hacking attacks on high-profile websites and companies.
Twitter reported earlier this month that 250,000 user details, including usernames, passwords and email addresses, were stolen by hackers. It said it was "not the work of amateurs".
The New York Times, Washington Post and Wall Street Journal have all accused China of attacking their computer systems.
Earlier this week a report by US intelligence community concluded that the country was being targeted by a massive cyber-espionage campaign.
The National Intelligence Estimate, a classified report compiled by the US intelligence services, identified energy, finance, information technology, aerospace and automotive companies as the most frequent targets of hacking campaigns that appear state sponsored, according to The Washington Post earlier this week.
Facebook said that the malware that attacked its own systems used a previously unseen loophole, taking advantage of a flaw in Java software made by Oracle, a mobile developer.
The company said the malware attacked its employee laptops despite running up-to-date antivirus software. It added that it was continuing to investigate the threat.
A statement on its website said: "Facebook, like every significant internet service, is frequently targeted by those who want to disrupt or access our data and infrastructure.
"Foremost, we have found no evidence that Facebook user data was compromised."
It was unknown whether the cyberattack on San Francisco-based Twitter was related to the Facebook breach.

Pentagon spreads anti-China hacking lies

Feb. 25 — Dramatic front-page headlines in the New York Times accusing the People’s Liberation Army of China of being behind computer hacking in the U.S. have all the earmarks of a Cold War-style propaganda attack on China.
This bellicose attack comes at the same time that new leadership is about to take over in China. It comes in the context of the U.S. “pivot” to the Pacific and the buildup of military forces there directed at China. It comes at a moment when the Pentagon is facing the prospect of budget cuts. And it comes at a time of intractable economic crisis, when the U.S. government and the financial authorities are desperate to shore up the economy.
Seeming to surface out of nowhere — in the midst of debates about budget cuts, gun control, immigration reform, maneuvers over cabinet appointments and so on — this sudden flare-up of hostility is a dangerous step forward by anti-China hawks in the Pentagon and the establishment.
The China-hacking smear campaign was based upon a 60-plus-page report sent to the New York Times by the computer security firm Mandiant. The Times wrote a 3,000-word lead front-page article, replete with code names, charging that internet protocol addresses pointed to a building in Shanghai that allegedly housed a unit of the PLA.
The Chinese government and the PLA have strenuously and categorically denied the charges. They called the charges irresponsible and pointed to the lack of any proof. Other U.S. experts in cyber security pointed out gross inconsistencies in the report and asserted that no one can pinpoint the location or origin of a computer breakin by the IP address alone. It is common practice among hackers to conceal their origin by directing the IP address to a false location. (Jeffreycarr.blogspot.com/2013/01/ — search for “China”)
Be that as it may, what stands out is that the hacking story is being used politically to stir up suspicion and hostility against China and the Chinese military, even though all the alleged targets of the hacking were economic, i.e., unnamed private corporations.
The Times reported this incident in a sensational manner, conjuring up images of China destroying U.S. electrical grids, water supplies, communications systems, ad nauseam. The leap from alleged economic corporate spying, which takes place on a regular basis among all major companies and all governments, to a lurid military-spun fantasy about subversive Chinese aggression is calculated to stir up antagonism against China.
‘Cyber security’ & the military-industrial complex
Mandiant is a cyber security company that has cashed in on the recent anti-China boom. It works for the Fortune 100. Cyber security is a $30 billion industry, and Mandiant had revenue of $100 million in 2012, up 60 percent from the previous year. (Reuters, Feb. 22)
Mandiant operates out of Arlington, Va., and is tied to the military and the CIA. Its CEO and founder, Kevin Mandia, has worked for Lockheed Martin and U.S. Air Force intelligence. Its chief security officer, Richard Bejtlich, has worked for the Air Force Internet Warfare Center and the Air Intelligence Agency.
They are part of a growing wing of the military-industrial complex. For example, a keynote speaker at a Mandiant-sponsored conference held at the Washington Ritz-Carlton hotel last October was retired Gen. Michael Hayden, former head of the National Security Agency and then of the CIA. Hayden is part of the Chertoff Group, run by former head of Homeland Security Michael Chertoff.
It should be remembered that the U.S. and Israel developed the Stuxnet virus, which sabotaged Iran’s nuclear facilities. This is far more than mere espionage. It was an act of warfare. These are the forces behind the report.
The Times story and the Mandiant report are nothing less than a “nongovernmental” attack organized by the U.S. government and the Pentagon to lay the basis for further military measures against China.
The report was leaked to the New York Times. It could have been handled in a completely toned-down style or behind closed doors, the way many matters of the gravest importance are handled. Making it public in such a dramatic way was the real political aggression. Buried in the Times article on the report was the admission that the Times has a “business relationship” with Mandiant.
The Times is the most prestigious mouthpiece of the U.S. ruling class. It could never have issued such a sensational blast at the PLA without prenotification and thorough consultation with the Pentagon and the State Department, as well as the White House. In fact, President Barack Obama previewed the attack with a strong reference to “our enemies” and cyber attacks in his State of the Union speech. This was clearly a coordinated offensive.
It should be recalled that former New York Times reporter Judith Miller worked with the Bush administration and the Pentagon to sell the Iraq war, writing front-page articles about how Saddam Hussein was stockpiling “weapons of mass destruction.” She and the Times were ultimately discredited when the reports proved false, but they helped pave the way for the U.S. invasion.
Similarly, the timing of the race to push forward the Mandiant report was partly driven by the Pentagon’s plans to bolster its Cyber Command staff from 900 to 4,900. Thus the report was also aimed at protecting this projected increase in a key Pentagon program at a time of talk about general austerity and Pentagon cutbacks.
The capitalist media are understood by Marxists to be an integral part of the capitalist state. They are sometimes described as the fourth arm of the state — the means of ideological and informational compulsion. The treatment of the Mandiant report was truly a state-to-state transaction, giving the capitalist government a safe distance should it find it diplomatically necessary to dodge and double talk.
Critical time for China
This report was a shot across China’s bow just when new leadership is about to take over. It is a flagrant threat and an attempt at destabilization. Washington and Wall Street are demanding that China move more vigorously toward abandoning state-owned corporations and state planning and open up wider to a complete takeover by the capitalist class and imperialism.
The top agencies of the U.S. government, the imperialist think tanks, the International Monetary Fund and World Bank — all are pressuring the Chinese leaders to make more political space for the bourgeoisie to organize in China under the slogan of “reform.”
The new leadership under Xi Jinping takes over after the previous leaders crushed the left wing at the top of the party, led by Bo Xilai. The new leaders are now faced with an encouraged and stronger right wing. This newest, most brazen threat to China’s armed forces is undoubtedly calculated to send a message to the new leadership that the U.S. wants to see a deepening of capitalist reforms and opening up to imperialism — or else.
U.S. ‘pivot’ toward Asia
These actions must be seen as part of Washington’s so-called “pivot” toward Asia — a euphemism for increasing its encirclement and military pressures on China. The present media attack is directed at the element within China regarded by the Pentagon as its primary adversary in the world: the People’s Liberation Army.
The so-called “pivot” is not new. It comes after a long history in which U.S. imperialism, and particularly its admiralty, have regarded the Pacific Ocean as a “U.S. lake.” The recent application of this doctrine is the “pivot” and is part of a multipronged offensive.
Consider some recent history:
Both the Bill Clinton and George W. Bush administrations escalated military pressure on China. Clinton moved a vast arsenal of naval and air weapons systems to Japan and Guam. The Bush administration sent an additional carrier force to the Pacific and announced the deployment of more submarines to the region.
The Obama administration went further. It expanded its joint naval exercises with Japan to prepare for the defense of disputed islands, abandoning the historic hands-off U.S. position. The U.S. sent Marines to Australia and restored military cooperation with Indonesia and New Zealand. Over the last three years the Obama administration has carried out the largest joint military exercises in Asia since the Korean War.
In January 2010, the Pentagon sold advanced military equipment to Taiwan, an island historically part of China that is politically separate only because it became the refuge of counterrevolutionary armies driven from the mainland in 1949 by the Chinese Revolution.
In July of that year, the U.S. and south Korea carried out a major military exercise in the Yellow Sea simulating war with China.
Washington has also strengthened its south Korean puppets militarily and is programmed to set up a theaterwide anti-missile system involving Taiwan, south Korea and Japan — all aimed at China and the Democratic People’s Republic of Korea.
In addition to military moves, anti-China economic measures are in the works. A Trans-Pacific Partnership that would include most of the nations in the region, plus the U.S., has excluded China.
Pentagon wants contracts, not cutbacks
The Pentagon is under pressure to make cutbacks in military spending, both from the masses who need the money and from the bankers who want to grab the money. The global suspicion generated by the hacking headlines is calculated to bolster the cyber war capabilities of the Pentagon and justify its huge budget by painting China as an “enemy” that must be defended against. It is supposed to provide support for new weapons systems that the Pentagon has in mind for its encirclement of China — including new generations of missile ships, long-range drones, new piloted bombers and ballistic missiles. All can be deployed outside the range of China’s defenses.
These types of big-ticket items were built up during the Cold War against the USSR and China, and made the military-industrial complex the dominant economic and political force in U.S. capitalist society. The anti-China hacking story is part of the campaign not only to ward off budget cuts but to increase the hundreds of billions of dollars handed over to the Pentagon for war
Finally, this attack comes at a time of stagnating U.S. economic growth that has led to mass unemployment and underemployment and declining wages. Because the masses have little money to spend, Pentagon spending becomes more integral to holding up the economy. It should be noted that with a dip in Pentagon spending in the fourth quarter of 2012, the economy shrank 0.1 percent.
The working class and the oppressed peoples must not be taken in by the attention-grabbing headlines against China and the PLA. It is the workers in both countries who will suffer from any escalation of Cold War-style tension generated by the Pentagon and the White House.
Schools are closing, hospitals are being shut down, social services are being cut, no money is spent on jobs, and prisons are filled with predominantly Black and Latino/a youth. The capitalist profit system is bringing more and more hardship to the people.
The enemies of the workers here are not the Chinese people or the Chinese government. The real enemies are the big capitalists who are running society into the ground at the expense of the masses. And one of the biggest concentrations of avaricious capitalists is military contractors — merchants of death who profit from war and war preparation.
As for “hacking,” technology is the product of the millions of people who have created it, not just in this generation but going back to long before the pyramids were built. This technology was created by humanity; it should belong to humanity as a whole to be used for its benefit. No group of avaricious monopolists should be allowed to own, control and use it against the people.