Gannett Government Media websites hacked

          Hackers steal email addresses and other information of Defense News subscribers.Websites belonging to Gannett Government Media, including several websites for the Army Times and other government news websites and newspapers, have been reportedly hacked.

          According to a report by the Los Angeles Times, the media company said that it first discovered the security breach on 7 June and announced it in a notice online on the same day. Now, Gannett has released more details.

          It said in a statement, "We discovered that the Gannett Government Media family of websites suffered a cyber attack resulting in unauthorised access to files containing information of some of our users."
However, the company has assured that financial details of the users are safe.

          It added, "The information in those files included your first and last name, userID, password, email address, the internal number we assigned to your account, and if you provided the information, your ZIP code, duty status, paygrade, and branch of service."

          "We want to assure you that no financial (e.g. credit or debit card) information was compromised. Financial information is stored on a completely different system." The company has asked its users to be vigilant of phishing attacks or suspicious mails asking for personal or financial details.

          Among the websites that are believed to have been breached are: Defense News, the Armed Forces Journal, the Federal Times, Military Times, Army Times, Navy Times, Air Force Times and Marine Corps Times. Gannett has said that an "outside forensic company" is probing to find out the reason of the breach and to identify the people behind it.

Read More

MasterCard blames ISP, not hackers, for outage

          Anonymous attacks Orlando, Florida tourism website. MasterCard has blamed the outage, which its website suffered on Tuesday, on an Internet Service Provider. However, the company has not dismissed claims by hackers that they were behind the disruption.

          MasterCard had then issued a statement saying, "It is important to note that no cardholder data has been impacted and that cardholders can continue to use their cards securely." "We are continuing to monitor the situation closely," the credit-card company said.

          On Tuesday, soon after it was noticed that the MasterCard website was down, a Twitter user, under the name ibomhacktivist, promoted "MasterCard.com DOWN!!!". The user also said that the hack attack was because the credit card company had messed with WikiLeaks and Anonymous in the past.

          "MasterCard's corporate, public-facing Website experienced intermittent service disruption, due to a telecommunications/Internet Service Provider outage that impacted multiple users," a MasterCard spokesman said.

          Meanwhile, the hacker group Anonymous has attacked a US tourism website in Orlando, Florida, to protest against the arrests of people distributing food to the city's homeless.

Read More

Cyber criminals spend $250,000 for a botnet of US users: Kaspersky

          Cybercriminals offer anonymous access services for 100 dollars per month; TDSS is most advanced malwar. Computer security company Kaspersky Lab has estimated that the expenditure of cybercriminals on the creation of a botnet made up of American users is around $250,000.

          The company found that malicious software program TDSS (another term for TDL) is one of the most advanced and perfected tools used by cyber criminals today. The malware uses sophisticated methods to infect a system, hide its tracks, control the PC remotely and prepare it for installation of other malicious programs. It has allowed its author to create a botnet made up of millions of personal computers, said Kaspersky.

          Experts at Kaspersky Lab investigated the behaviour of a new version of the TDL-4 malicious program and evaluated its new capabilities. They found that among the new capabilities of the malware was the use of peer-to-peer (P2P) networks. The analysis of TDL-4 undertaken by Kaspersky Lab experts Sergey Golovanov and Igor Sumenkov has also allowed them to estimate the number of infected PCs.
TDL-4 can not only build a botnet which is as well-hidden from competitors and anti-virus companies, it can now delete around 20 of the most popular competing products on an infected machine, including Gbot, ZeuS and Optima, said Kaspersky.

          Besides, TDSS itself installs on a PC around 30 utilities, including fake anti-virus programs and systems for both increasing advertising traffic and distributing spam. One of the most significant new additions to TDL-4 is the possibility to infect 64-bit operating systems. The Moscow-based company said that for the first time the Kad public file exchange network (used by P2P networks) is being used to control the botnet.
Another new function of TDL-4 is the possibility to open a proxy-server.

          Kaspersky said cybercriminals offer anonymous access services via infected computers, charging for such a service around 100 dollars per month. Like previous versions, TDL-4 is distributed mainly with the use of so-called partner programs. The authors of the malware do not expand the network of infected computers themselves; instead they pay third parties for that. Depending on the particular terms and conditions, partners are paid from 20 to 200 US dollars for the installation of 1000 malicious programs.

          Kaspersky said that its data shows that in just the first three months of 2011, TDL-4 helped infect more than 4.5 million computers around the world, with a large proportion of those being situated in the US. The estimated expenditure of cybercriminals on the creation of a botnet made up of American users is around $250,000. The experts who carried out the investigation said the development of TDSS will continue.

          They said, "Malware and botnets connecting infected computers will cause much unpleasantness - both for end-users and IT-security specialists. Active reworkings of TDL-4 code, rootkits for 64-bit systems, the launch of a new operating system, use of exploits from the Stuxnet arsenal, use of p2p technologies, proprietary "anti-virus" and much much more make the TDSS malicious program one of the most technologically developed and most difficult to analyse."

Read More

Hacker GeoHot working for Facebook as software engineer

          Social networking site employs hacker who cracked iPhone and PlayStation 3 security codes. George Hotz, the young American hacker who is infamous for his role in Sony PlayStation Network(PSN) hacks in April this year, is working for Facebook, according to a report by the Daily Mail.

          The report said that George Hotz, 21, has been working for the social networking site as a software engineer since 9 May. Sony had won a restraining order two months ago from the court against Hotz who is better known as a GeoHot in the hacking circles. A California court had warned Hotz against leaking secret codes and had asked him to hand over his computer equipment to Sony.

          In April this year, Sony experienced the biggest hack attack in online history, which is believed to have compromised personal information of over one million people across the world. The company took nearly a month to restore its service.

          In 2008, Hotz had found his way through the security gates of the iPhone and posted details of how to do unlock the phone on a blog. George Hotz has maintained that he was not responsible for the PSN hack.

Read More

Goatse hacker pleads guilty to stealing iPad user data

          Daniel Spitler, an alleged member of the Goatse Security hacking group, has pleaded guilty to breaking into AT&T's systems and obtaining the email addresses of iPad users. The story of how a vulnerability on AT&T's website allowed outsiders to scoop up the email addresses of early adopters of the Apple iPad made huge news headlines this time last year.

          Goatse (don't Google it, trust me..) bombarded the AT&T website service with thousands of requests using made-up ICC-ID codes (an internal code used to associate a SIM card with a particular subscriber).
By flooding the website with so many made-up ICC-IDC codes, some were bound to relect a genuine one, and when this happened the website believed them to be a genuine iPad user and revealed the associated email address.

          In total, about 120,000 iPad users were said to have had their email addresses exposed. The court in Newark, New Jersey heard that victims of the hack included included New York Mayor Michael Bloomberg, ABC News anchor Diane Sawyer and Rahm Emanuel, who was the White House chief of staff at the time.
26-year old Spitler, who hails from San Francisco, is scheduled to be sentenced on September 28th, and could face a maximum penalty of five years in prison and a $250,000 fine.

          In all honesty, although taking the information was clearly against the law, the hack probably received so much media attention at the time purely because it was iPad-related rather than because of the data that was taken.

          That's not to say that you want your email address exposed (it could potentially have become a victim of phishing attacks, for instance, targeting iPad owners) but there is presumably much more damaging information that could have been taken.

          Another man, 25-year-old Andrew Auernheimer, has pleaded not guilty to the hacking charges and continues to faces prosecution.

Read More

Peeping Tom tricked women into taking hacked webcams into shower, claim police

          The problem of perverts and cyberstalkers using malware to grab control over female victims' webcams is one that has been around for quite some time. Hackers can secretly spy upon people in their bedrooms, and even exploit technology to blackmail young women into posing naked, threatening that they will send other compromising photos to their online friends.

          It's pretty unsavoury stuff, and has probably made some women cautious of handing over their computers to that ever-so-friendly repair man, fearful of what they might install while the computer is in their care.

          In the latest case, a 20-year-old man has been arrested for allegedly infecting young women's Apple Mac computers with spyware that could commandeer their webcam. Trevor Harwell, of Orange County, California, is said to have rigged the MacBooks with error messages that would increase the chances of him capturing nude pictures and movies of the young women.

          You're probably wondering what kind of error messages would achieve such a result.

"You should fix your internal sensor soon. If unsure what to do, try putting your laptop near hot steam for several minutes to clean the sensor."

          According to Fullerton Police Sgt. Andrew Goodrich, the error message tricked many victims into taking laptops into their bathroom while taking a steamy shower. The sleazy scheme was only brought to light last summer when a mother became suspicious about the unlikely messages appearing on her daughter's computer.

          Hundreds of thousands of surreptitiously taken still images, videos and cellphone videos were seized from Hawell's computer according to a report in the LA Times. Anyone woman who believes they might have been a victim is invited to contact Fullerton Det. Kathryn Hamel at (714) 738-5327. Of course, and perhaps most disturbingly, there was nothing stopping the victim of the alleged surveillance being under-age.

          It's true of people of any age, but young people's PCs must be properly protected with the latest anti-virus software, security patches and firewalls. It is also essential that young people are taught how to behave safely online, to avoid being exploited by sick-minded hackers.

Read More

Arizona police website hacked by LulzSec over anti-immigration law

          NATO suspects security breach in its e-Booksho.Hacker group Lulz Security (LulzSec) has reportedly breached the networks of Arizona police website on Thursday.

          According to a Reuters report, the group has released dozens of internal documents from the website over the Internet, in protest of tough anti-immigration law in Arizona. Lulz Security titled the leak as "Chinga La Migra," which in Spansih roughly means "Screw the Immigration Service." The report said that LulzSec has leaked about a half GB of data, including account names, passwords and contact information.

          A spokesman for the Arizona Department of Public Safety Steve Harrison told Reuters that the department was probing the matter. Harrison said, "We are aware of computer issues." "We're looking into it. And of course we're taking additional security safeguards."

          LulzSec has previously claimed responsibility for several hack attacks including a US Senate website, Sonypictures.com and a CIA website as well. Recently, LulzSec said that the group along with online hacktivist group Anonymous would target government agencies in their war against efforts to regulate the Internet.

          Earlier this month, the Spansih police claimed that it had arrested three 'leaders' of the group, which was denied by LulzSec. This week the UK police with the help of the FBI have detained a teenager in connection to the hack attacks by LulzSec. But LulzSec claims that it does not have a centralised structure. Its members are said to be in different countries across the world.

          According to another Reuters report, the NATO suspects that one of its websites was hacked by cyber criminals. The organisation has added that the server that was breached did not contain any classified data. A NATO statement said, "NATO'S e-Bookshop is a separate service for the public for the release of NATO information and does not contain any classified data."

Read More

Update: Ukraine disrupts $72M Conficker hacking ring

          Ukraine's security service SBU said on Thursday it had helped the U.S. Federal Bureau of Investigation and other law enforcement organizations disrupt a cybercrime ring that cost the banking industry more than $72 million using Conficker, a fast-spreading worm unleashed in 2008.

          The SBU said it had interviewed 16 people so far following an international law enforcement investigation into fake antivirus software and online banking fraud. The interviewees indicated they allegedly used the Conficker worm to spread antivirus software, according to a translation of a news release from the SBU. Nineteen raids were conducted on Tuesday in the Ukraine, the SBU said.

          Conficker, also known as "Downandup," was one of the most severe computer security problems in recent years. It took advantage of a vulnerability in Microsoft's software, infecting at least 3 million PCs and possibly as many as 12 million, forming a massive botnet.

          The problem grew so bad that a group of companies and organizations formed the Conficker Working Group in late 2008 to research the malware and find ways to block it. In February 2009, Microsoft offered $250,000 as a reward for information that lead to the conviction of the person or people who wrote Conficker.

          On Wednesday, the FBI said it had worked with law enforcement agencies in the U.K., the Netherlands, Latvia, Germany, France, Lithuania and Sweden to take down two Latvian cybercrime gangs. The groups allegedly made tens of millions of dollars by sneaking fake virus warnings onto victims' computers and then sometimes charging more than $100 for software that supposedly fixed the problems.

          One of the Latvian gangs infected 960,000 computers, costing users $72 million, the same figure as referred to by the Ukrainian authorities on Thursday. The two people arrested in Latvia -- Peteris Sahurovs, 22, and Marina Maslobojeva, 23 -- both face wire fraud and computer fraud charges in the U.S.

Read More

ADAG Group Chairman Anil Ambani's email under phishing attack

          

          Some Unknown hackers attempted a phishing attack in May on Anil Dhirubhai Ambani Group (ADAG) Chairman Anil Ambani's email ID. The hacking case is now being investigated by the cyber crime cell of Mumbai police after ADAG officials registered a complaint. The incident took place on May 8, when Ambani received an email that appeared to have been sent by a journalist of international newswire service Bloomberg. The hacking attempt was revealed when the corporate communication department got in touch with the reporter and he denied sending any such mail.

Read More

Over 90% of companies experience IT security breach: Kaspersky

           70% of companies have anti-malware protection, 3% have no protection at all. Moscow-based computer security company Kaspersky Lab has said that 91% of companies across the world saw an IT security event from an external source in the last 12 months.

           In its report, 'Global IT Security Risks' , Kaspersky said that the most common security threat comes in the form of viruses, spyware and other malicious programs. The survey was conducted by Kaspersky Lab in partnership with research agency B2B International. More than 1,300 IT professionals in 11 countries participated in the survey.

          The study found that 31% of malware attacks resulted in some form of data loss, with 10% of companies reporting the loss of sensitive business data. Kaspersky also said that only 70% of companies have implemented anti-malware protection fully across their businesses, while 3% have no protection at all.

          The level of anti-malware implementation varies from country to country: in emerging markets 65% of companies have adopted it, while in the UK and US levels of implementation stood at 92% and 82% respectively. Despite this, the vast majority of companies still experienced an IT security breach in the last 12 months, and almost a third lost business information, said the company.

          Kaspersky Lab Market Intelligence & Insight director Alexander Erofeev said such an attitude is surprising when it is known that almost half of all organisations see cyber-threats as one of the top-three emerging risks.

           Erofeev said, "The most likely explanation is underinvestment in IT security." The study found that every second company evaluates its IT security budget as insufficient, and estimates that an increase of 25% or more is required. Currently, the average investment in IT security is reported to be $8,055 for small businesses, $83,200 for medium-sized companies and $3,263,476 for large corporations.

           The study also found that almost half of surveyed professionals reported an increase in the number of IT security accidents during the last 12 months. On the contrary, only 8% saw a decrease.

Read More

Microsoft.com Server vulnerable to hackers !!!

          A hacker with Codename "No.One" release some vulnerability regarding Microsoft.com via a pastebin post. We analyse it & Explaining the possible Security Breach. 

          Do you know how hacker get root access on a server If target site is not vulnerable ? Let's See.. Hackers Find a vulnerable site on same server which host target site . Let us suppose we have "Microsoft.com" as target. Now Microsoft.com hosted on 125.5.39.135 , which having two domains on it :
 

          Now We know that Microsoft.com is Secure site, Lets See another site of same host : http://www.dole.gov.ph/ . 
Its Official Website of the Department of Labor and Employment - Republic of Philippines . Is it vulnerable ?  


          Yes ! see : http://www.dole.gov.ph/secondpage.php?id=2113' . Its SQL injection . Now Hacker is able to get database from this site . For example the current database name is "dolews_4a351sd" and Hacker also may be able to upload to upload shell on server using this.
 
          This Attack may lead to rooting of 125.5.39.135 Server, Which also host "Microsoft.com", The Target site. Hackers may be able to deface the site or can steal source code too. 

Read More

UK police arrest British teen over international hacking attacks

          LulzSec denies Cleary is a member of the hacking group.Scotland Yard has said that police, with FBI's inputs, has arrested a 19-year-old man over hacking attacks on businesses and government agencies across the world.

          Though police have not identified him, the teenager has been identified as Ryan Cleary by reports, which add that Cleary was arrested at a house in Wickford, Essex, on suspicion of involvement with the hacker group Lulz Security (LulzSec).

          A police source has confirmed to AFP that arrest of the teen is over LulzSec. The source said, "Yes, the arrest is in connection with the Lulz Security attacks. We believe this to be a significant arrest."
Cleary is being questioned at a central London police station.

           In a statement, Scotland Yard said the "pre-planned, intelligence-led" and "working in cooperation with the FBI" operation followed a series of DDoS attacks. "The arrest follows an investigation into network intrusions and Distributed Denial of Service (DDoS) attacks against a number of international businesses and intelligence agencies by what is believed to be the same hacking group," it said.

          "Searches at a residential address in Wickford, Essex, following the arrest last night have led to the examination of a significant amount of material. These forensic examinations remain ongoing," the statement said.

          However, the hacker group LulzSec has denied any association with Cleary. It has also claimed responsibility for the attacks on two Brazilian government sites which took place after the news of Cleary's arrest broke out. LulzSec tweeted, "Seems the glorious leader of LulzSec got arrested, it's all over now... wait... we're all still here! Which poor bastard did they take down?"

          Hacker group LulzSec is believed to be behind several cyber attacks in the recent months, including the attacks on Sony, the US Senate, the NHS and other security companies linked to the FBI. On Monday it hit the website of Serious Organised Crime Agency (SOCA).

Read More

Mobile security market to be $3.6bn opportunity by 2016

          Less than 1 in 20 smartphones and tablets have third party security software installed in them. The mobile security market will offer a $3.6bn opportunity for security software providers by 2016 as there is an increasing extent to which personal and corporate data is stored on mobile devices and the recognition of the need to protect it, according to Juniper report.

          The report said only 4% smartphones and tablets have third party security software installed in them, despite a steady increase in threats from device loss/theft, malwares and viruses, therefore poses a huge opportunity for mobile security providers.

          The increasing popularity of smartphones and tablets makes mobile security particularly relevant as many users are now accustomed to accessing e-mails, websites and performing online transactions on the move, thereby storing more and more potentially sensitive data.

          Report author Nitin Bhas said they believe that the market for mobile security products will go mainstream by late 2013 as the vulnerability of data centric mobile devices becomes more widely appreciated both in the business and consumer sectors.

          Juniper predicted that consumers will begin to include mobile devices to the list of electronic devices that they must secure, as they currently purchase and install Internet security products for their PCs and laptops.

          Sixty-nine per cent of total mobile security product sales revenue by 2016 will be contributed by enterprise security market for tablets, smartphones and feature phones. The proportion of tablets featuring security product will also increase and will overtake the protected smartphone user levels, as more tablets are expected to be brought into enterprise over the forecast period.

          The report finally concluded that some kind of protection will be installed in 277 million mobile devices by 2016.

Read More

LulzSec Hackers break into US Senate Computers

          The loosely organized hacker group Lulz Security broke into a public portion of the Senate website but did not reach behind a firewall into a more sensitive portion of the network, Martina Bradford, the deputy Senate sergeant at arms.Lulz announced the hack on Monday.
Lulz Security, who have hacked into Sony's website and the U.S. Public Broadcasting System, posted online a list of files that appear not to be sensitive but indicate the hackers had been into the Senate's computer network.

           "We don't like the US government very much," Lulz Security said at the top of their release. "This is a small, just-for-kicks release of some internal data from Senate.gov - is this an act of war, gentlemen? Problem?"

           The Senate has been the frequent target of hacking attacks, with tens of thousands thwarted each month, Senate Sergeant at Arms Terrance Gainer told Reuters in early June.

           Still, the break-in is just the latest in a series of embarrassing hacks against companies and organizations.

Read More

LulzSec claims CIA website hack

          The CIA's main public facing web site appears to have been taken down by hacking group LulzSec earlier today. The group, which has previously claimed responsibility for hacking into Sony Pictures , tweeted this afternoon about bringing down the CIA site.

          "Tango down - cia.gov - for the lulz," the loosely organized group said in the tweet. As of late this afternoon, the CIA's main website, at www.cia.gov, appeared to be resolving somewhat slowly or not at all in some cases.

          It is not immediately clear if the intrusion resulted in any information being compromised. The CIA hack adds to what has already been a very busy week for LulzSec. The group this week also claimed credit for breaking into servers belonging to the U.S. Senate and to game maker Bethesda Software. A spokesman from the Senate's sergeant at arms had noted that the group had managed to break into an account at a Senator's office and used that access to compromise the Senate server.

          LulzSec, which until recently was a relatively unknown group, also announced earlier this week that it would accept hacking requests from anyone who wanted specific websites targeted. "Call into 614-LULZSEC and pick a target and we'll obliterate it," the group announced on Tuesday. Tweets posted by the group Tuesday and Wednesday suggest that those who dialed the numbers were being automatically redirected to other numbers.

          "Our number literally has anywhere between 5-20 people ringing it every single second. We can forward it anywhere in the world. Suggestions?" LulzSec said in a tweet earlier today. The group dubbed yesterday as Titanic Takeover Tuesday and claimed credit for breaking into several gaming sites including Eve Online, Minecraft and League of Legends. "Welcome to #TitanicTakeoverTuesday where everyone is laughing at crybabies getting Lulz Cannoned!," the group said.

          The continuing string of attacks show "how just about everyone's perimeter defenses are vulnerable to attack," said Josh Shaul, CTO at Application Security Inc. "Security teams need to focus their efforts on securing data where it lives, in the database, instead of continuing in the failed strategy of protecting the borders of the network," he said.

           "Hopefully some good will come from this string of high profile hacks. For a long time organizations have vastly under invested in it security. This could be the inflection point where that all changes," he said.

Read More

PayPal vulnerability: Paypal accounts are safe.

          This has been debunked, Paypal accounts are safe. We’ve spoken in depth to Matt Langley, the person who discovered the supposed issue, and it’s clear why he assumed there was a serious security breach but the issue is far less serious than initially thought.

Matt Langley explains:

          ''It seems that the ‘victim’ had opened an account using an email address of mine, with extra characters thrown in, which Gmail ignores and accepts as the same email address, so it was gmail which uncorrupted the email address and sent the emails to me, not Paypal. I had previously reported an account set-up with fraudulent email address to Paypal many times in the past, but only yesterday noticed that the email address was different to mine, in a way which on any other email system in the world would be a different email address.”

          There is a small vulnerability because Gmail allows you to include dots in your email address, it essentially allows anyone to create multiple Paypal accounts with the same email address because Paypal recognises the inclusion of a dot as a separate email address entirely. It’s seems like a flaw but not a massive security vulnerability. Also Paypal also doesn’t appear to verify email addresses on registration so anyone can create multiple accounts for the same person without any need to click a confirmation link in a verification email. Again, a flaw but not a massive security vulnerability.

          A security vulnerability in PayPal’s systems may make it possible to gain full, unrestricted access to any account within 30 seconds, we’ve heard from Matt Langley of Integrated Computer Enterprises Limited. The vulnerability lies in PayPal’s forgotten password recovery features. Says Langley:

          PayPal sends Password Forgotten Change tokens to unauthorized email addresses instead of the email address on the account. Once you follow the link they email, and change the password, you are given total access to that account. No trickery or sophisticated hacking is required. It’s a bug in their email system that corrupts email addresses.

          Once the attacker has access, there’s nothing restricting their ability to siphon money out of the account. The exploit is, of course, a direct violation of PayPal’s privacy policy and a laundry list of laws, so don’t try this at home — but PayPal needs to act as thieves aren’t particularly concerned with such things.

          After a range of high profile attacks this year, use of this vulnerability would easily topple the Sony PlayStation Network attack as the most significant and damaging of the year. PayPal is used by millions of Internet users to transfer money.

          Our source says that PayPal has been warned previously but ignored his emails. We’ve contacted PayPal on this matter and are awaiting a response.

Read More

Criminals posing as computer security engineers and calling people: Microsoft survey

          Ask for remote access to steal information and banking password. Microsoft has warned English speaking computer users about cyber crooks posing as computer security experts.

          The company has asked people to be suspicious of unsolicited calls related to a security problem, even if they claim to represent a respected company. It has also said that people should note down the caller information from fraud call and pass it to the authorities. A survey into an emerging form of Internet scam, released by Microsoft, found that such scams target English-language markets and cost victims on average $875.

          The scam works by fraudsters posing as computer security engineers. They call people at home and warn them of a security risk in their computers. They then trick users to gain remote access into their computers and steal banking passwords and other information, saying that they are providing free security checks.
 
          The survey was conducted by Microsoft and questioned 7,000 computer users in the UK, Ireland, US and Canada. The survey found that across all four countries, 15% of people had received a call from scammers. The scam is at its peak in Ireland at 26%.

          On an average 22% said they received such calls, and 3% of the total survey sample said they were deceived into following the scammers' instruction. Most of these (79%) revealed that they suffered some sort of financial loss after following the instructions, with 17% saying their money was taken from their accounts, 19% reporting compromised passwords and 17% said they were victims of identity fraud. More than half (53%) had to face subsequent computer problems.

          The survey calculated that in the four countries, the average amount of money stolen was $875. It was $82 in Ireland and $1,560 in Canada. The average cost of repairing damage caused to computers by the scammers was $1,730 -- rising to $4,800 in the US, said the study.

          Microsoft. International Public and Analyst Relations director Richard Saunders said the security of software is improving all the time, but at the same time we are seeing cybercriminals increasingly turn to tactics of deception to trick people in order to steal from them."

          Saunders said, "Criminals have proved once again that their ability to innovate new scams is matched by their ruthless pursuit of our money."

Read More

26,000 sex website passwords exposed by LulzSec!!!

          The notorious LulzSec hacking group has published login passwords for almost 26,000 users of an x-rated porn website. The hackers compromised the database of the hardcore website (called "Pron"), exposing not only the email addresses and passwords of over 25,000 members but also the credentials of 55 administrators of other adult websites.
    
          Furthermore, LulzSec drew particular attention to various government and military email addresses (.mil and .gov) that appeared to have accounts with the porn website.
That must be an embarrassing one to explain to the boss..

          To add insult to injury, the LulzSec group called on its many recent Twitter followers to exploit the situation, by logging into Facebook with the email/password combination and tell the victim's Facebook friends and family about their porn habit.

          It should go without saying that logging into someone else's account without their permission is against the law in most countries around the world.

          Fortunately, it's reported that Facebook's security team responded quickly to the threat - and reset the passwords for all of the accounts it had which matched the email addresses exposed. Of course, it's still possible that those email address/password combinations are being used on other websites.

Read More

Turkey arrests 32 Anonymous hackers for DDoS attacks

           Turkey responded to the hacking group Anonymous with 32 arrests following attacks on government websites, according to the country's state-run news agency. The Anadolu Agency wrote the alleged Anonymous members were arrested in 12 cities, including Ankara and Istanbul.

          Turkey is the latest country to make arrests connected with Anonymous, a decentralized group of activists who conduct distributed denial-of-service attacks (DDoS) against organizations and businesses that the group opposes. The attacks seek to make websites unavailable.

          On Friday, Spain said it concluded its first policing action against Anonymous, arresting three people who allegedly directed DDoS attacks on banks, government websites and companies including Sony.
Also on Friday, Anonymous said through its website, AnonOps Communications, that its attacks against Turkish government websites were in protest of "plans to implement a filter on Internet browsing" in August. Activists took to the streets in 30 cities in Turkey in May to protest the plans.

          "Over the last few years, we have witnessed the censorship taken by the Turkish government, such as blocking YouTube, Rapidshare, Fileserve and thousands of other websites," according to the statement. "Most recently, the government banned access to Google services. These acts of censorship are inexcusable."
Anonymous said the strikes will be executed using the Low Orbit Ion Cannon, an easy-to-use tool for DDoS attacks but one that security experts have said is not difficult for law enforcement to trace who is using it.
Targets included Turkey's telecommunications directorate, which appeared to be offline on Monday morning, and the country's social security institution, Anonymous wrote.

          On Saturday, Anonymous wrote that it had retaliated against Spanish police by launching what it said was a successful DDoS against that organization's website for several hours. The site, however, was functioning on Monday morning.

Read More

NHS loses laptop containing 8 million records...

          Data security under the spotlight once more as sensitive medical information goes missing A laptop containing hospital records of over eight million people has gone missing, according to a report in The Sun.

          The laptop was one of 20 that have gone missing from a store room at London Health Programmes, based at the NHS North Central London health authority. According to the report eight have been recovered with the search ongoing for the other 12. The loss occurred three weeks ago but has only just been reported to the police, according to the report.
  
          One of the missing laptops contained sensitive details of 8.63 million people as well as records of 18 million hospital visits, operations and procedures.
Although the missing data does not include names it does contain postcodes and details such as gender, age and ethnic origin, according to The Sun. Details of cancer, HIV, mental illness and abortions were also contain in the records.

          Information contained on the laptop was not encrypted, which Nick Lowe of security firm Check Point described as "essential" to safeguard personal records.

          "The scale of this potential data loss drives home just how essential it is to have mandatory, strong encryption on all sensitive, personal on laptops and portable storage devices - even if those devices are stored in supposedly secure areas within buildings. Less than half of all UK firms encrypt their laptops, so data security is still being mostly left to chance," he said.

          The Information Commissioner's Office (ICO) is looking into the loss. Chris McIntosh of ViaSat UK called on the organisation to impose meaningful sanctions.

          "The ICO has proven several times that it is willing to impose civil penalties on public sector organisations. It is to be hoped that the ICO acts swiftly and decisively to pass a strong message in this case and that, more importantly, the data on the laptop itself doesn't end up in the wrong hands. If it does, innocent members of the public could find extremely sensitive, personal information that should have been strictly confidential being used against them," he said.

          "When a machine contains highly sensitive information on literally millions of patients, not securing the data on it by any means possible isn't just careless: it's sheer negligence. With the value of the data on such a machine in the tens of thousands of pounds, spending a little extra on security should be a no-brainer," McIntosh added.

Read More

How to change Windows Experience Index (WEI) in Windows 7??

          The Windows System Assessment Tool (WinSAT), is a free benchmarking tool by Microsoft that measures various performance and capabilities of a computer running in Windows 7, Vista and Windows Server 2008. The ratings are displayed as Windows Experience Index (WEI) score which corresponds to the lowest computed subscore. It ranges from 1.0 to 5.9 in Windows Vista and between 1.0 to 7.9 for Windows 7.

          You can see the rating by right-clicking on My Computer Icon >> Properties.

          Type “wordpad” in Start Menu Search > Right-Click > Run as Administrator. Once wordpad opens you’ll noticed that the UI was changed. Just press CTRL+O to browse and open the file Formal.Assessment(Initial).WinSAT

          WinSAT saves the scores in XML file located at Windows\Performance\WinSAT\DataStore folder. Each time you perform benchmarking using WinSAT, it creates a new XML file(s). All you have to do is to open the latest XML file and edit it using WORDPAD.

Once, loaded… Press CTRL+F to find and type WinSPR

Simply change the scores to 7.9 between <WinSPR> and </WinSPR>.
Save it and then view the Windows Experience Index. It would definitely bring a smile on your face. :-)

CONS: Like I said before, Computer stores may trick their customers by editing the WEI scores. So, Please be careful! Always, check them by Re-running WinSAT.
How? Go to Control Panel and open the Performance Information and Tools window.



Click "Re-run the assesment". For laptops, be sure that it is connected in AC source.
Enjoy!

Read More

IMF hit by 'sophisticated cyberattack,' says report

          The International Monetary Fund (IMF) has reportedly been hit with a "large and sophisticated cyberattack" that potentially puts sensitive, confidential data about national economies at risk of exposure.
The scope of the attack remains unknown, according to the New York Times, which broke news of the incident Saturday.

          The newspaper noted that the IMF, which helps manage financial crises around the world, is "the repository of highly confidential information about the fiscal condition of many nations."
The attack took place over the last several months and was disclosed internally by the IMF on Wednesday to its staff and board of directors, said the Times, which cited unnamed senior officials as its source.

 

          An IMF spokesman confirmed to the paper that the fund is investigating an "incident" but declined to give details. The spokesman said the fund remains "fully functional." One unnamed official told the Times it had been a "very major breach."

          The incident is apparently unrelated to the arrest of Dominique Strauss-Kahn, the former head of the IMF who was arrested in New York last month for allegedly sexually assaulting a hotel maid. It also appears unrelated to a March break-in at RSA Security that compromised its SecurID access system, the Times reported.

          The IMF's computer systems include communications with national leaders who have been negotiating the terms of international bailouts, the Times said. One official referred to those agreements as "political dynamite."The paper emphasized that it was unclear what information the hackers were able to access, however. The IMF has not said where the attack originated.

Read More

Rahul Gandhi's email server hacked

           This is one aam admi outreach Rahul Gandhi will not appreciate.

           In April, when the Congress general secretary was in the thick of poll campaigns, hackers broke into two servers created by him for family constituencies in UP. Passwords were illegally accessed and the internet address tweaked to redirect users to an engineering college website. The web servers, amethinet and raebareli, are maintained from Rahul Gandhi's bungalow by his team of technical experts.

           On April 8, some of them noticed suspicious activity in the computer systems. The site was getting redirected and the email accounts had been broken into. They immediately lodged an FIR, stating, "officials found that amethi.net website is not accessible". A case was registered under 66 Information Technology Act. The Special Cell of Delhi Police, which is handling investigations, is now on the lookout for the hacker.

          "Technically, the hacker has cracked the whole domain system of the server and used an email to get the passwords," a senior officer who is part of the investigation said. The hacking reportedly took place between April 4 and 19.

          Sources said the servers and websites at 12 Tughlak Lane had information on the constituencies of Rahul Gandhi and his mother, Congress chief Sonia Gandhi. The young MP's house is also a hub of policymaking for the Youth Congress and the systems store huge databases in terms of constituencies, individuals and trends, they said.

          Amethinet and raebareli were created specifically to address the constituents, but the former, after hacking, opened onto www.pdmce.ac.in, the website of an engineering college in Bahadurgarh, Haryana. When Rahul's team checked the domain name system (DNS) of the website, it showed an IP address different from that of Rahul Gandhi's network. "Amethinet domain is registered with godaddy.com domain and when officials tried to log in to the domain management console, it was not working," the FIR said.

          Email IDs created for password recovery was also hacked. "The login and password for the email was also not working," said the complaint. As experts reset the password for amethi@hotmail.com and accessed the account, they found several suspicious emails. "These emails were sent by domain management console, godaddy.com (of amethinet), to an unknown person on his request regarding password recovery," says the FIR.

          Officials said the recovered emails revealed the times at which the IP address password recovery requests were generated by the hacker. "The unknown hacker has cracked all of our domain management console passwords using password recovery email account amethi@hotmail.com and has made changes in DNS zone files so that it got redirected into some other websites," the FIR said.

Read More

Scammers target Facebook users with surveys and rewards: GFI Software

          Majority of malware threats in May 2011 found to be Trojans. May 2011 was marked by a number of Facebook survey scams trapping users with offers of free airline tickets; exclusive video footage of Osama Bin Laden's death; and threat of rogue antivirus attacks, according to GFI Software.

          Online scammers employed a number of lures to entice victims to participate in their surveys with offers of free merchandise to trick users into reposting messages to their Facebook wall, which then redirect their friends to the same surveys.

          GFI said that those filling out the survey will be on the receiving end of high volumes of spam as any personal information they shared will be exploited by identity thieves, and their PCs will be infected with a broad range of malicious malware.

          In addition, GFI also uncovered a viral spam attack on the popular microblogging site Tumblr. Spammers, taking advantage of the ease of Tumblr's reblog feature, tricked users into reblogging a phony message meant to keep their account from being deactivated.

          GFI has identified top 10 most prevalent malware threats for the month of May 2011 which revealed that the vast majority of malware threats found continue to be Trojans, mostly detected in generic form.
BT Trojan topped the list with 22.51%, cobra Trojan stood second with 3.79% while SB.0 Trojan posted 3.73%.

          GFI Software senior threat researcher Christopher Boyd said surveys are an increasingly common tactic used to disguise a wide range of security threats lurking on Facebook and other social networking sites.
"Scammers also have improved their ability to immediately hijack high-profile news for their attacks and by exploiting breaking and developing news stories, they are catching users off guard," Boyd said.

          "Users should always be wary of promises of free items or sensational content, and they should never share personal and financial information online unless they are dealing directly with a known, trusted and secure website not a Facebook or Twitter post claiming to represent a recognised business or organisation."

Read More

United Nations Children's Fund (UNICEF) Hacked by ZCompany Hacking Crew

           On 6/6/2011 Pakistani hackers group named ZCompany Hacking Crew deface the official website of United Nations Children's Fund (UNICEF) , The Screenshot is as above.
Link : http://unicef.bg/bg
Mirror : http://www.zone-h.org/mirror/id/14163920

Read More

Citigroup breach exposed data on 210,000 customers !!!

          Citigroup admitted Wednesday that an attack on its website allowed hackers to view customers' names, account numbers and contact information such as email addresses for about 210,000 of its cardholders in North America.

          Citigroup did not say how the website, Citi Account Online -- which is used by its customers to manage their cards -- was compromised but that the discovery came through its "routine monitoring." The bank discovered the breach, which was first reported in Thursday's Financial Times, early last month.
Other customer information, such as Social Security numbers, birth dates, card expiration dates and the three-digit code on the back of the card, were not exposed, the company said.

          "Citi has implemented enhanced procedures to prevent a recurrence of this type of event," said Sean Kevelighan, head of communications and public affairs for Citigroup's North America Consumer Banking division in a statement. "For the security of these customers, we are not disclosing further details." The affected customers are being contacted by Citigroup. However, the Citi Account Online website did not have a notification of the breach on its front page on early Thursday morning.

          The Financial Times reported that several card customers only found out about the issue last weekend when transactions using their card were denied, raising questions about Citigroup's notification procedures.
Although hackers may have not gained complete information on cardholders, the contact information is enough for scammers to try and elicit more information through targeted attacks.

          The email addresses, for example, could be used to send "phishing" messages asking for other sensitive information which could potentially give identity thieves enough to start committing fraud. Phishing can also be done over the phone, with the caller impersonating someone in authority and tricking a victim into thinking they're talking to a legitimate financial institution's representative.

Read More

USB Disk Security Full [Registered]

USB Disk Security provides 100% protection against any threats via USB drive, however, the majority of other products are unable even to guarantee 90% protection. USB Disk Security is the best antivirus software to permanently protect offline computer without the need for signature updates, but other antivirus software should update signature database regularly, and they cannot effectively protect offline computer. This light and easy to use solution is 100% compatible with all software and doesn't slow down your computer at all. You pay USB Disk Security once and get it all, however, other antivirus products should be paid for updates every year.

USB Disk Security uses innovative proactive technology to block any threats via USB drive.  There are relatively few products available in shops or on the Internet which offer even close to 100% protection against any malicious programs via USB drive. The majority of products are unable even to guarantee 90% protection. USB Disk Security is the world's best software to block threats via USB drive.
USB Disk Security has been specifically designed to perform effectively regardless of the user's level of computer expertise. Just install and forget it.

DOWNLOAD [4.49mb||WIN7|VISTA|XP]
ARCHIVE PASSWORD : easyhacks.tk

Read More

Delhi University's Control Panel & Fashion TV India's Data Hacked by Moofster

 

           Delhi University's (http://placement.du.ac.in/) & Fashion TV India's  (http://ftv.co.in/)websites are vulnerable to SQL injection. A hacker "Moofster" has been hack the admin panel of Delhi University's website and He also extract the database of Fashion TV India's website, as shown below :

Read More

Nintendo server hacked, consumer data safe...

          LulzSec, the hacking group behind PSB and Sony Pictures hacks, claims responsibility. Japanese manufacturer of hand-held video game players Nintendo has revealed that the security of one of its servers was breached by hackers on 16 May. However, the company added that consumer information was safe.

          Nintendo said a security breach by the same group that targeted Sony in April did not result in stolen data of its customers. The vulnerability has been fixed, added the company. The US unit of Nintendo told Bloomberg that the hack attack on 16 May caused "a server configuration issue that we investigated and resolved a few weeks ago."

          "The server contained no consumer information." Meanwhile, the hacker group LulzSec, which has claimed responsibility for recent data breaches at PSB and Sony Pictures, has also hinted that it was behind the hack attack of Nintendo.

          The group wrote on Twitter, "We're not targeting Nintendo. We like the N64 too much -- we sincerely hope Nintendo plugs the gap." The Wall Street Journal reported that LulzSec had posted a "server configuration file" on the Internet from a Nintendo server.

          Last week, LulzSec had said that it had breached Sony Pictures website to exploit a "primitive" and "insecure" database. However, Nintendo spokesman Ken Toyoda has refused to comment on LulzSec's claims or on the company's response.

          "There has been no significant damage to Nintendo or to our customers," Toyoda said.

Read More

Anonymous Leaks 10,000 E-mails of Iranian Government !!!

           A collection of 10,365 e-mails of the Iranian government were leaked by Anonymous OpIran on June 2, 2011. According to members of Anonymous the files were taken after the hacker accessed the Iranian Passport and Visa Office email center.

         These files consist mostly of the Iranian government alerting individuals of their visa application status. According to a member of Anonymous, the files were aimed more to damage the image of Iran in “both cyber space and the real world.”

           The 63 Mb file was released quietly by Anonymous. It was posted to file-sharing websites across the Internet.

Read More

3 websites hacked by Indian Girl Hacker - TriNitY !!!

         Till now we was just listen about that, some Hackers (boys) do hacks and sites defacements, But wait ! Here we have an Indian Girl with codename "TriNitY" .TriNitY is I think 1st Indian hacker who is in news for defacing some websites. The list of websites hacked by her :


http://demo-l.jahoma.de/administrator/images/index.html
http://www.upes.edu.vn/trinity.htm
http://www.xzdm.gov.cn/trinity.htm 


Sites may get recover, You can check deface page mirror at :
http://mirror.sec-t.net/defacements/?id=28312 
http://mirror.sec-t.net/defacements/?id=27353

Read More

National Informatics Centre (NIC INDIA) got hacked by Anonymous !!!

National Informatics Centre (NIC INDIA) got hacked by Anonymous (India). Purpose of this defacement is just to awake the Govt of India . Anonymous now start Operation India against corruption. Anonymous are world famous activist and always fight against Injustice.

Defaced Site : http://informatics.nic.in/oldnewsonline/abc.html

All Indians and Anonymous are Invited to Join the Revolution against Corruption in India at : http://www.facebook.com/OperationIndia

When corruption, destruction and mayhem strikes from governments or corporations it is the goal of anonymous to awaken that entity and the public that a change must occur.As price pritchet once said, "change always comes bearing gifts."Anonymous is the gift we have been waiting for. Honest and trustworthy persons working hard on our behalf for the betterment of mankind.

Read More

Hackers attack FBI affiliate in response to Pentagon's stand against cyber attacks

          LulzSec targets InfraGard after Nintendo and Sony breached. Hacking group Lulz Security (LulzSec) has reportedly targeted a US private affiliate of the Federal Bureau of Investigation (FBI) in response to Pentagon threats that cyber attacks would be considered acts of war.

          The non-profit organisation InfraGard connects businesses with law enforcement authorities. It said that about 180 passwords belonging to members of its Atlanta chapter were stolen in the hack. LulzSec has also posted copies of the passwords online.

          The FBI affiliate remains clueless about how the hack took place. InfraGard Atlanta president Paul Farley told the AP, "Someone did compromise the website."

          "We do not at this time know how the attack occurred or the method used to reveal the passwords." Meanwhile, LulzSec has claimed that it used one of the passwords to steal 1,000 work and personal emails from the chief executive of Delaware-based data leak intelligence company Unveillance LLC.

          The hacking group, which has claimed responsibility for the recent hacks on Sony, PBS and Nintendo, said that the attack on InfraGard was in response to recent reports that said the Pentagon would consider cyber attacks as acts of war.

Read More

Shahrukh Khan's upcoming Movie - Ra One Official Website hacked !!!

          A hacker with name "Seeker" today hacked into the Cpanel of Shahrukh Khan's upcoming Movie - Ra One Official Website and Deface the main page of site as shown below...

Read More

ACER Hacked : 40,000 Users Data, Source Codes & Server Compromised

          This Week is Really with great UP-DOWNS in Cyber World. Mega hacks like Sony Pictures hacked, Chinese Hacker Cracks 100's of Gmail accounts , Public Broadcasting Service (PBS) Hacked, 10,000 E-mails of Iranian Government Leaked ,etc etc and lots more...
 

          Now here we have the latest Report on Huge Data breach at Server of ACER(Europe) acer-euro.com by well know hacking Group "Pakistan Cyber Army".

          We got mail from PCA that they successfully hacked the FTP of ACER and Stole around 40,000 Users Data, Various Source Codes stored on server.
 
For the Proof PCA provide some Screenshots of Hack :
1.) User data copied from server

 2.) FTP Access on acer-euro.com

 3.) 40,000 Customers data Country Wise

Here is a glimpse of Source code Stealed :

Project("{E24C65DC-7377-472B-9ABA-BC803B73C61A}") = "http://localhost/AcerTPM_2005/", "http://localhost/AcerTPM_2005", "{8BF8689E-758D-4538-8158-34C92BD9F512}"
 ProjectSection(WebsiteProperties) = preProject
  SccProjectName = ""$/ASP/ASP 2005/TPM/AcerTPM/AcerTPM_2005", "
  SccAuxPath = ""
  SccLocalPath = "."
  SccProvider = "MSSCCI:Microsoft Visual SourceSafe"
  Debug.AspNetCompiler.VirtualPath = "/AcerTPM_2005"
  Debug.AspNetCompiler.PhysicalPath = "D:\Projects\ASP 2005\TPM\AcerTPM\"
  Debug.AspNetCompiler.TargetPath = "PrecompiledWeb\AcerTPM_2005\"

Read More

U.K. man arrested on Facebook hacking charges

           A 26-year-old U.K. man was arrested Thursday on charges that he tried to hack into the Facebook social-networking site.

          Facebook said it was working with the U.S. Federal Bureau of Investigation (FBI) and London's Metropolitan Police Service. "While no user data was [compromised], we have been working with Scotland Yard and the FBI, as we take any attempt to hack our internal systems extremely seriously,"
The man had been arrested in North Yorkshire Thursday on "suspicion of computer hacking offenses," and was now released on bond.

          It's not clear what the motive for the attack may have been, but Facebook is an attractive target for hackers. Because the site connects people who know and trust each other, it is often targeted by scammers and hackers looking to trick users into clicking on links or installing malicious software. The site also contains a wealth of personal information that could be used in specially targeted spear-phishing attacks. Spear-phishing attacks involve specially crafted e-mail messages that are written to look like they come from someone the victim knows.

         Google confirmed earlier this week that its Gmail service had been targeted by spear-phishing attacks launched out of China. The hackers behind the Gmail incident were trying to break into the accounts of government officials, contractors and activists.

          With more than 500 million users, Facebook is the world's largest social-networking site.

Read More

Sonu Nigam's email account hacked and recovered !!!

          Singer Sonu Nigam pressed the panic button when all his friends started receiving random emails, supposedly from him at a time when he was shooting for a TV show.

          Nigam didn’t want to specify the content of the abusive mails but dismissed them saying that they were ‘unwanted’.

          “The mails were sent to everybody on my address list. I want to apologise to everybody on my contact list — the mails were sent to my colleagues, my seniors and even to people I had not interacted for seven or eight years,” says Nigam.

          The actor has regained control over his email ID and is considering informing the cyber crime cell of the Mumbai police.

          “I have re-set my password and tackled all the security questions. But I still don’t know how many more people have received these mails supposedly from me. I want to clarify that I can never send such mails to them,” he added.

Read More

Police: Man stole nude photos from hacked e-mail accounts

          A 24-year-old Florida man was arrested Thursday on charges that he broke into women's Web mail accounts, looking for explicit photos to post online.

          According to police, Joseph B. Campbell used phishing to trick his victims -- some of whom he knew from high-school -- into divulging their passwords. He'd get email addresses from their Facebook pages, and then send his victims phoney electronic greeting cards that would ask them for login information for Web mail accounts, said Thomas Edwards, chief of police with the Belleair Police Department.

          Once he had a victim's password, he'd then search through her mailbox for sexy photographs, Edwards said. "He would post pictures that might be private in nature to their Facebook profile and he also set up a Web site for those pictures," he said. "They were nude pictures that a female might have sent to her...boyfriend or fiancee."

          Campbell told police he had hacked into between 350 and 500 accounts, Edwards said. As of Friday, police had identified 22 victims, most of whom were in their early 20s.

          Campbell, a temporary computer worker with a large local company, wanted to get people to pay to access his Web site, but police are unsure about his true motives. "We aren't sure if it was for revenge or for some other purpose," Edwards said. "He said he never made any money because the more he thought about it, the more he was afraid that he would be identified. He was doing some things to try and conceal his identity. He never collected any funds."

          Nonetheless, his victims were "devastated" after the compromising photos were posted to their Facebook profiles, Edwards said. "A lot of these women are engaged. One has recently married. They're young professionals and to have something personal in nature become public like this certainly bothers them."
Campbell faces four felony computer crime charges, but he could also face federal charges because some of the victims were out-of-state, Edwards said. The 24-year-old was released on bail Friday and is expected to be formally charged in the next few weeks.

          Campbell isn't the first person to be charged with stealing nude photos from Web mail accounts such as Gmail or Hotmail. Earlier this year, George Bronk, 23, of Citrus Heights, California, pleaded guilty to charges that he hacked into more than 3,200 email accounts looking for explicit photos. He posted many of them to his victims' Facebook pages.
    
          In April, a 26-year-old Minnesota man was charged with stealing private photos of women to post on pornographic Web sites.

          It's not unusual for people to send racy photos of themselves to their lovers. But most people don't realize how easily they can be accessed by others, Edwards said. Accounts "can easily be hacked into and what they think are private or personal things can easily become public or go worldwide," he said. "Don't put anything in your accounts that you wouldn't mind your mother seeing."

Read More