GCHQ

Gemalto Will Investigate Alleged SIM Card Hack

In-brief: Gemalto said in a statement Friday that it will investigate reports that the company was the victim of a sophisticated campaign of espionage by the U.S. National Security Agency and Britain’s GCHQ. 

NSA Headquarters Fort Meade

How The UK’s HACIENDA Program Targeted Entire Countries

The folks over at Heise/c’t Magazin revealed leaked, classified documents to report on HACIENDA, a GCHQ program to deliver country-wide Internet reconnaissance for so-called “five eyes” nations, including the US (NSA), Canada and Australia. And, as Bruce Schneier points out – its not clear that these documents were from Edward Snowden’s trove of classified NSA materials. HACIENDA involves the large-scale use of TCP “port” scans to profile systems connected to the Internet, in addition to profiling of enabled applications. According to Heise, which published a classified slide deck. GCHQ claimed to have canvassed 27 countries through the program. A list of targeted services includes ubiquitous public services such as HTTP and FTP, SSH (Secure Shell protocol) and SNMP (Simple Network Management Protocol). The Heise report, prepared by Julian Kirsch, Christian Grothoff, Monika Ermert, Jacob Appelbaum, Laura Poitras and Henrik Moltke claim that HACIENDA’s goal was to perform active collection and map vulnerable services across […]

AngryBirds-Halloween

Analysis Finds Blurry Lines Between Rovio, Advertisers

Rovio, the maker of the massively popular Angry Birds, makes no secret about collecting personal data from those who download and play its games. But an analysis from the advanced threat detection firm FireEye is helping to expose the extend of data harvesting, and also to sketch out the blurry line that separates Rovio and third-party advertising networks it contracts with. In a blog post on Thursday, FireEye analysts Jimmy Suo and Tao Wei described the findings of an investigation into the interaction between Rovio’s mobile applications, including the latest version of Angry Birds, and third party ad networks such as Jumptap and Millenial Media. Using FireEye’s Mobile Threat Prevention (MTP), the two gathered and analyzed network packet capture (PCap) information and analyzed the workings of Angry Birds and its communications with third-party ad networks. The two were able to reveal a multi-stage information sharing operation, tracking code paths from the reverse-engineered […]