SurvivalRing

Rich Fleetwood on Survival & Preparedness - Founded/Established 1997

Personal Cybersecurity #39: Daily news

What you need to know for your personal cyber security life…

Number thirty-nine in a series of semi-regular daily current and topical computer threats that may affect your online, or even offline, digital and real life. Why cyber-security on SurvivalRing? Because EVERYTHING you do in your life everyday is a part of the cyber world…even your offline plans. So, be aware, and pay attention. The bad guys WILL eventually get around to YOU…personally…so be prepared for it, by staying in the informational loop.

And, just so you know, I’ve got 31 years of IT experience, and my day job is with the State of Wyoming as an Information Specialist. I believe an informed prepper is a BETTER prepper. Information is the life blood of being prepared. Learn more with every article in this continuing series. Please ask questions if you want to learn more…I’m here to help.

evil inside

# # #

HEADLINES…for this issue…22 articles

  • French Hacker Legion is west’s foremost snoop squad says Robert Gates
  • Monsanto Data Security Breached at Precision Planting
  • Vessel-tracking system vulnerable to denial-of-service, other attacks, researchers say
  • Iranian Hackers Target U.S. Military Officials With Elaborate Social Media Scam
  • DARPA Contest Aims to Create Self-Defending Networks
  • Police: Pair lied in attempt to enter Naperville bank’s back room
  • Meet “Cupid,” the Heartbleed attack that spawns “evil” Wi-Fi networks
  • Why did Microsoft choose to put its cybersecurity accelerator in Israel?
  • ‘Operation Tovar’ Targets ‘Gameover’ ZeuS Botnet, CryptoLocker Scourge
  • Keeping Up with Cybersecurity Framework
  • American Express issues alert after Anonymous dumps cardholder data
  • Flash Poll: The Hunt For Cyber Talent
  • Hackers put security tool that finds payment card data into their arsenal
  • Exclusive: Inside the FBI’s Fight Against Chinese Cyber-Espionage
  • DUDE, WHERE’S MY CAR? New leccy BMWs have flimsy password security – researcher
  • How IT security experts handle healthcare network access
  • Hacker Who Helped Disrupt Cyberattacks Is Allowed to Walk Free
  • Are Paychecks the Problem? Senate Considers Bonuses for Pentagon’s Cyber Workforce
  • The Escalating US-China Spying War Is McKinsey’s Loss and Huawei’s Gain
  • New banking Trojan ‘Zberp’ offers the worst of Zeus and Carberp
  • LulzSec hacker ‘Sabu’ praised by FBI for helping stop more than 300 cyber attacks
  • F5 Networks Pounces on Fledgling Anti-DDoS Startup Defense.net

# # #

French Hacker Legion is west’s foremost snoop squad says Robert Gates

http://www.theregister.co.uk/2014/05/30/france_a_cyberespionage_threat_says_robert_gates/

  • By Richard Chirgwin
  • The Register
  • 30 May 2014

Former spook and defense department secretary Robert Gates has identified France as a major cyber-spying threat against the US.

In statements that are bound to raise eyebrows on both sides of the Atlantic, Gates (not Bill) nominated French spies as being number two in the world of industrial cyber-espionage.

“In terms of the most capable, next to the Chinese, are the French – and they’ve been doing it a long time” he says in this interview at the Council on Foreign Relations.

Rather than a precis, The Register will give you some of Gates’s (not Bill) words verbatim, starting just after 21 minutes in the video, when he answers a question about America’s recent indictment of five Chinese military hackers.

[…]

# # #

Monsanto Data Security Breached at Precision Planting

http://www.bloomberg.com/news/2014-05-29/monsanto-data-security-breached-at-precision-planting.html

Monsanto Co. (MON)’s data security was breached at its Precision Planting unit, exposing employees and customers to potential misuse of credit card information and tax identification numbers.

Fewer than 1,300 farmer customers were affected by the breach, Christy Toedebusch, a spokeswoman for the St. Louis-based company, said in an e-mail yesterday. Monsanto discovered on March 27 that an outside party had accessed Precision Planting servers, the company said in a May 14 letter to the Office of the Attorney General in Maryland, where 14 state residents may have been affected.

The breach comes as Monsanto and competitors such as DuPont Co. (DD) begin to offer data services to help farmers boost yields with advice on issues such as seed spacing and chemical applications. The aggregation of farmers’ data by multinational agricultural companies is stirring concern about privacy and business risks.

Monsanto, the world’s largest seed company, doesn’t believe the breach was an attempt to steal customer information, Toedebusch said. While the company isn’t aware of any misuse of the information, it notified affected customers and is offering them complimentary credit monitoring services for a year, she said.

[…]

# # #

Vessel-tracking system vulnerable to denial-of-service, other attacks, researchers say

http://news.techworld.com/security/3522313/vessel-tracking-system-vulnerable-to-denial-of-service-other-attacks-researchers-say/

  • By Lucian Constantin
  • Techworld.com
  • 29 May 2014

Inexpensive equipment can be used to disrupt vessel-tracking systems and important communications between ships and port authorities, according to two security researchers.

During the Hack in the Box conference in Amsterdam Thursday, Marco Balduzzi, a senior research scientist at Trend Micro, and independent security researcher Alessandro Pasta described three new attacks against the Automatic Identification System (AIS), which is used by over 400,000 ships worldwide.

AIS supplements information from marine radar systems and sends a ships’s identity, type, position, course, speed, navigational status and safety-related information to other ships, shore stations and aircraft. Port and coastal authorities also use the system to send important traffic information and other data back to the ships.

Balduzzi and Pasta warned last year that the lack of authentication and integrity-checking in the AIS communication protocol could allow pirates, terrorists or other attackers to create ghost vessels or spoof information received by the ships.

[…]

 # # #

Iranian Hackers Target U.S. Military Officials With Elaborate Social Media Scam

http://www.defenseone.com/technology/2014/05/iranian-hackers-target-us-military-officials-elaborate-social-media-scam/85417/

  • By Marina Koren
  • National Journal
  • May 29, 2014

It was the “most elaborate social-engineering campaign” these security researchers had ever seen. 

A new report from iSight Partners, a Dallas-based computer-security firm, exposed on Thursday a three-year cyberespionage campaign carried out by Iranian hackers. The digital attacks, which infected about 2,000 U.S. personal computers since 2011, targeted members of the U.S. military and Congress, as well as diplomats, lobbyists, and Washington-based journalists.

The long-term campaign, dubbed “Newscaster” by the security firm, employed a dozen fake social-media accounts on sites such as Facebook, Twitter, and LinkedIn. Hackers sent targets links that, when accessed, would unleash malware. They directed people to fake login screens to steal their user names and passwords. They impersonated journalists and defense contractors, and even set up a fake news website to lure victims.

All signs pointed to Iran as the source. Nicole Perlroth writes in The New York Times:

[…]

 # # #

DARPA Contest Aims to Create Self-Defending Networks

http://www.eweek.com/security/darpa-contest-aims-to-create-self-defending-networks.html

  • By Robert Lemos
  • eWEEK.com
  • 2014-06-03

Thirty teams will participate in the Cyber Grand Challenge, aiming to make networks smart enough to detect and repair vulnerabilities before attackers can exploit them.

Aiming to make computer networks and systems self-defending, more than 30 teams will compete in the U.S. government’s first-ever Cyber Grand Challenge, the Defense Advanced Research Project Agency announced on June 3.

The contest will challenge teams to create systems that can detect vulnerabilities in a network and fix them before attackers can exploit the flaws to penetrate the network and their underlying data stores. Defenders normally need to find flaws, create patches and deploy those software updates to harden their networks against attack. Yet, the process takes time. While more than 80 percent of attacks compromise systems in days, less than 20 percent of incidents are detected by defenders in the same amount of time, according to the latest Data Breach Investigations Report released by communications services firm Verizon.

The Cyber Grand Challenge aims to find a solution to that fundamental imbalance between attackers and defenders, Mike Walker, DARPA program manager, said in a statement announcing the contest.

[…]

 # # #

Police: Pair lied in attempt to enter Naperville bank’s back room

http://www.chicagotribune.com/news/local/suburbs/naperville_lisle/chi-police-pair-lied-in-attempt-to-enter-naperville-banks-back-room-20140603,0,1899443.story

  • By Adam Sege
  • Tribune reporter
  • June 3, 2014

Police in Naperville are investigating after a man and woman falsely claimed they worked for a telephone carrier as they asked to be let into a back room of a local bank, authorities said.

Officials in the west suburb said the pair walked into the bank May 28 and asked to be let into a room with telephone equipment, said they had an appointment to update the bank’s telephone system.  When bank officials determined they did not work for the the company they claimed to, the pair was turned down and walked away, police said in a news release.

Police describe the man as white, 25 to 35 years old, between 5’7” and 5’10”, with an average build, dark wavy or curly hair and no facial hair. The man was dressed in a dark suit, dark slacks, a white dress shirt and a dark tie, according to police.

The woman is described as black, in her 30s, with an average build, relaxed or permed dark hair and a medium complexion. She wore a business-type suit, a blouse and low heels, and she was carrying a Coach purse, police said.

[…]

 # # #

Meet “Cupid,” the Heartbleed attack that spawns “evil” Wi-Fi networks

http://arstechnica.com/security/2014/06/meet-cupid-the-heartbleed-attack-spawns-evil-wi-fi-networks/

  • By Dan Goodin
  • Ars Technica
  • June 2, 2014

It just got easier to exploit the catastrophic Heartbleed vulnerability against wireless networks and the devices that connect to them thanks to the release last week of open source code that streamlines the process of plucking passwords, e-mail addresses, and other sensitive information from vulnerable routers and connected clients.

Dubbed Cupid, the code comes in the form of two software extensions. The first gives wireless networks the ability to deploy “evil networks” that surreptitiously send malicious packets to connected devices. Client devices relying on vulnerable versions of the OpenSSL cryptography library can then be forced to transmit contents stored in memory. The second extension runs on client devices. When connecting to certain types of wireless networks popular in corporations and other large organizations, the devices send attack packets that similarly pilfer data from vulnerable routers.

The release of Cupid comes eight weeks after the disclosure of Heartbleed, one of the most serious vulnerabilities to ever hit the Internet. The flaw, which existed for more than two years in OpenSSL, resides in “heartbeat” functions designed to keep a transport layer security (TLS) connection alive over an extended period of time.

Heartbleed is best known for giving end users the ability to pluck data out of vulnerable servers. But it turns out that the bug can be used to the same effect against virtually any device running an unpatched version of OpenSSL. Cupid streamlines the process of exploiting devices connecting over wireless networks that are secured using the extended authentication protocol (EAP), which many large organizations use to password-protect access.

[…]

 # # #

Why did Microsoft choose to put its cybersecurity accelerator in Israel?

http://features.techworld.com/sme/3523085/why-did-microsoft-choose-to-put-its-cybersecurity-accelerator-in-israel/

  • By Sam Shead
  • Techworld
  • 03 June 2014

Microsoft is looking to make friends and partner with innovative tech start-ups across the world through designated spaces known as accelerators.

Accelerators usually offer a fixed-term, cohort-based programme, that includes mentorship and educational components and culminates in a public pitch event or demo day where the start-ups can potentially secure funding.

Microsoft has opened several accelerators for generic tech start-ups over the last couple of years in cities like Berlin, London and Tel Aviv but now it is looking to focus on particular areas where it sees a growing demand. That is why yesterday it announced it is launching a new cybersecurity programme out of its existing Tel Aviv accelerator.

A Microsoft spokesperson said: “Israel is considered a hub of knowledge and excellence in the cyber space, and offers the range we were looking for with relevant start-ups, top-notch mentors and program partners.

[…]

 # # #

‘Operation Tovar’ Targets ‘Gameover’ ZeuS Botnet, CryptoLocker Scourge

http://krebsonsecurity.com/2014/06/operation-tovar-targets-gameover-zeus-botnet-cryptolocker-scourge/

  • By Brian Krebs
  • Krebs on Security
  • June 2, 2014

The U.S. Justice Department is expected to announce today an international law enforcement operation to seize control over the Gameover ZeuS botnet, a sprawling network of hacked Microsoft Windows computers that currently infects an estimated 500,000 to 1 million compromised systems globally. Experts say PCs infected with Gameover are being harvested for sensitive financial and personal data, and rented out to an elite cadre of hackers for use in online extortion attacks, spam and other illicit moneymaking schemes.

The sneak attack on Gameover, dubbed “Operation Tovar,” began late last week and is a collaborative effort by investigators at the FBI, Europol, and the UK’s National Crime Agency; security firms CrowdStrike, Dell SecureWorks, Symantec, Trend Micro and McAfee; and academic researchers at VU University Amsterdam and Saarland University in Germany. News of the action first came to light in a blog post published briefly on Friday by McAfee, but that post was removed a few hours after it went online.

Gameover is based on code from the ZeuS Trojan, an infamous family of malware that has been used in countless online banking heists. Unlike ZeuS — which was sold as a botnet creation kit to anyone who had a few thousand dollars in virtual currency to spend — Gameover ZeuS has since October 2011 been controlled and maintained by a core group of hackers from Russia and Ukraine.

Those individuals are believed to have used the botnet in high-dollar corporate account takeovers that frequently were punctuated by massive distributed-denial-of-service (DDoS) attacks intended to distract victims from immediately noticing the thefts. According to the Justice Department, Gameover has been implicated in the theft of more than $100 million in account takeovers.

[…]

 # # #

Keeping Up with Cybersecurity Framework

http://www.bankinfosecurity.com/interviews/keeping-up-cybersecurity-framework-i-2329

  • By Eric Chabrow
  • Bank Info Security
  • May 30, 2014

The folks at PricewaterhouseCoopers, after surveying 500 U.S. business, law enforcement and government executives, conclude that the vast majority of cybersecurity programs fall very short of the federal government’s cybersecurity framework goals.

And that observation comes as some critics gripe that the framework is quite basic, too simple to be effective to protect critical infrastructure. That’s an arguable point, one that the framework’s point man, Adam Sedgewick, disputes.

But even if it’s too basic, many see great value in the framework, issued in February as a guide to critical infrastructure owners that they could voluntarily adopt (see NIST Releases Cybersecurity Framework). Are infrastructure owners adopting the framework? That’s a question Rep. Jim Langevin, D-R.I., wants answered, and earlier this week he persuaded his colleagues in the House to support a survey of infrastructure operators to find out just that.

Where are most organizations failing in implementing basic cybersecurity protections? PricewaterhouseCoopers identifies 45 IT security practices, policies and technologies that correspond with the cybersecurity framework, but in only seven of them did at least half of the respondents’ organizations implement those practices, policies and technologies. The seven widely adopted practices, policies and technologies are:

[…]

 # # #

American Express issues alert after Anonymous dumps cardholder data

http://www.csoonline.com/article/2304654/hacktivism/american-express-issues-alert-after-anonymous-dumps-cardholder-data.html

  • By Steve Ragan
  • CSO
  • June 2, 2014

In a letter to the California Attorney General’s Office (OAG), American Express says that 76,608 people in the state will get a breach notification letter after some of their data was published by Anonymous Ukraine earlier this year.

In March, Anonymous Ukraine released more than 7 million records as part of a protest against the financial firms that helped “enslave” people the world over.

“After the USA showed its true face when she unilaterally decides which of the peoples to live independently and who under the yoke of the Federal Reserve, we decided to show the world who is behind the future collapse of the American banking system,” Anonymous Ukraine supporters wrote at the time.

In all, they released 3,255,663 records from Visa; 1,778,749 records from MasterCard; 362,132 record from Discover; and 668,279 records from American Express. To date, only American Express has taken notification steps.

[…]

 # # #

Flash Poll: The Hunt For Cyber Talent

http://www.darkreading.com/operations/flash-poll-the-hunt-for-cyber-talent-/a/d-id/1269272

  • By Marilyn Cohodas
  • Dark Reading
  • 5/30/2014

Our latest flash poll paints a nuanced picture of how the security skills shortage is playing out in hiring strategies for the SOC. For the Dark Reading security community the Chinese curse, “May you live in interesting times,” has never been more true, at least when it comes to staffing.

According to our latest flash poll, roughly eight out of 10 respondents say their companies are struggling with personnel issues related to the skills of in-house staff, finding qualified candidates for new positions, and having a sufficient budget to hire them.

Worse, nearly a quarter of the security professionals who participated in the report say they are “too underwater” with the daily battle of fighting threats to even take the time to reflect and answer our question.

Not surprisingly, only 13 percent of respondents say that they are not hiring, with a little more than half of that cohort reporting that their staffs and skills sets are adequate. For the rest, where head counts are sufficient, managers struggle to train existing security staff on the critical skills to protect corporate assets. A scant 5 percent of respondents in a hiring mode report having no trouble finding qualified candidates.

[…]

 # # #

Hackers put security tool that finds payment card data into their arsenal

http://www.computerworld.com/s/article/9248693/Hackers_put_security_tool_that_finds_payment_card_data_into_their_arsenal

  • By Jeremy Kirk
  • IDG News Service
  • May 30, 2014

Like a crowbar, security software tools can be used for good and evil.

Bootleg versions of a powerful tool called “Card Recon” from Ground Labs, which searches for payment card data stored in the nooks and crannies of networks, have been appropriated by cybercriminals.

This month, the security companies Trend Micro and Arbor Networks published research into point-of-sale malware, which has been blamed for data breaches at retailers such as Target and Neiman Marcus, sparking concerns over the security of consumer data.

Both companies found that unauthorized copies of Card Recon had been incorporated into a malware program and a toolkit designed for finding and attacking POS terminals.

[…]

 # # #

Exclusive: Inside the FBI’s Fight Against Chinese Cyber-Espionage

http://www.foreignpolicy.com/articles/2014/05/27/exclusive_inside_the_fbi_s_fight_against_chinese_cyber_espionage

  • By Shane Harris
  • Foreign Policy
  • May 27, 2014

SolarWorld was fighting a losing battle. The U.S. subsidiary of the German solar panel manufacturer knew that its Chinese competitors, backed by generous government subsidies, were flooding the American market with steeply discounted solar panels and equipment, making it practically impossible for U.S. firms to compete. What SolarWorld didn’t know, however, was that at the same time it was pleading its case with U.S. trade officials, Chinese military hackers were breaking into the company’s computers and stealing private information that would give Chinese solar firms an even bigger unfair advantage, including the company’s pricing and marketing strategies.

SolarWorld learned about the hacking not from some sophisticated security software or an outside consultant, but from FBI agents. In early July 2012, they called the company and alerted executives to a “persistent threat, some kind of attack,” said Ben Santarris, SolarWorld’s spokesman, in an interview. Persistent threat is shorthand for hackers who burrow deeply into a computer system to steal information and spy on an organization from within. The FBI didn’t offer any specifics about the nature of the intrusion, Santarris said, but according to a federal indictment made public last week, the bureau determined that SolarWorld had been infiltrated by hackers working for China’s People’s Liberation Army, who were stealing private documents that would be valuable to Chinese state-backed solar companies — the same ones undercutting SolarWorld’s business. Armed with the warning from the feds, SolarWorld tightened up its computer security, and in September 2012, the intrusions appear to have stopped.

That federal investigators already knew SolarWorld had been hacked reveals the extensiveness of the Obama administration’s campaign, mounted almost entirely in secret, to turn the tables on Chinese spies, who U.S. officials say are responsible for nearly $300 billion a year in stolen intellectual property and lost business to American companies, and who have cost Americans jobs.

Interviews with eight current and former U.S. officials who are familiar with the now years-long counterintelligence campaign against China show that the administration has quietly waged a battle on many fronts. In the shadows, U.S. hackers at the National Security Agency (NSA) have broken into Chinese computers in order to find out what information has been stolen from American companies and who in the Chinese government is backing the operations. But closer to home, a team of FBI agents and a little-noticed group of prosecutors at the Justice Department have spent the past two years preparing to launch a more public offensive. This one, which aims to bring criminal charges against foreign government officials — an unprecedented step — relies on sophisticated cybersleuthing and the cooperation of American companies, which are willing to work with federal investigators and explain what damage they suffered as the victims of economic espionage.

[…]

 # # #

DUDE, WHERE’S MY CAR? New leccy BMWs have flimsy password security – researcher

http://www.theregister.co.uk/2014/05/27/bmw_password_security_shortcomings/

  • By John Leyden
  • The Register
  • 27 May 2014

Exclusive New BMW cars have security shortcomings that could allow thieves to pop open a victim’s flash motor from a smartphone.

Ken Munro, a partner at Pen Test Partners, uncovered security issues in the systems that pair the latest generation of beamers with owners’ mobiles. By stringing together the flaws, a crook could open doors, windows and the boot, and leave the lights on for an added headache.

Preliminary findings from the ongoing research – which El Reg passed onto BMW last month – suggest it may be possible to determine the usernames of drivers through social networks, and then use a mix of social engineering and other techniques to gain access to vehicles – or trick BMW into suspending security protections, clearing the way for other attacks.

The car manufacturer said it had passed Munro’s research onto its people in Germany, and played down any risk. “If it was an issue then it’s solved now,” a spokesman told The Register. It’s understood the company has added an extra layer of protection: a new check for a PIN when accessing the mobile application.

[…]

 # # #

How IT security experts handle healthcare network access

http://healthitsecurity.com/2014/05/27/how-it-security-experts-handle-healthcare-network-access/

  • By Patrick Ouellette
  • Health IT Security
  • May 27, 2014

Healthcare network security has become more complicated over the years because of the explosion of mobile device connectivity. And because it’s so difficult for healthcare organizations to have a firm grasp on where their perimeters begin and end, they must look for new ways to ensure networks are secure both internally and externally.

Panelists who took part in a talk titled “Data Security in the Cloud: Leveraging the Low-Cost Advantages while Managing Risk” at the recent iHT2 conference in Boston discussed how they perceive healthcare network security and access controls. John Meyers, PhD, Assistant Professor of Medicine and Director of Technology, Department of Medicine, Boston University Medical Center, sparked the talk by explaining how there’s occasionally there’s going to be some protected health (PHI) out there that shouldn’t be. But if an organization limits the number of users who have access to the data, it can help mitigate those risks.

David Reis, PhD, CISO, VP of IT Governance, PMO and Security at Lahey Health explained how Lahey essentially stopped trusting its inside network two years ago in the same way it doesn’t trust everyone externally. When asked what this change in trust measures meant, Reis said there were a few different considerations involved, starting with no longer trusting internal users.

[…]

 # # #

Hacker Who Helped Disrupt Cyberattacks Is Allowed to Walk Free

http://www.nytimes.com/2014/05/28/nyregion/hacker-who-helped-disrupt-cyberattacks-is-allowed-to-walk-free.html

  • By Benjamin Weiser
  • The New York Times
  • May 27, 2014

The New York man whose cooperation helped the authorities infiltrate the shadowy world of computer hacking and disrupt at least 300 cyberattacks on targets that included the United States military, courts and private companies was given a greatly reduced sentence on Tuesday of time served and allowed to walk free.

Federal prosecutors had sought leniency for the hacker, Hector Xavier Monsegur, citing his efforts in helping the Federal Bureau of Investigation take down an aggressive group of hackers who were part of the collective Anonymous, with which he had been involved, and its splinter groups, which had taken credit for attacking government and corporate websites.

Mr. Monsegur’s information, the authorities said, led to the arrest of eight “major co-conspirators,” including Jeremy Hammond, whom the F.B.I. had called its top “cybercriminal target” and who was sentenced to 10 years in prison in November.

The judge, Loretta A. Preska of Federal District Court, gave Mr. Monsegur time served, calling his cooperation “truly extraordinary”; he had spent seven months in custody in 2012.

[…]

 # # #

Are Paychecks the Problem? Senate Considers Bonuses for Pentagon’s Cyber Workforce

http://www.defenseone.com/management/2014/05/are-paychecks-problem-senate-considers-bonuses-pentagons-cyber-workforce/85258/

  • By Aliya Sternstein
  • Nextgov
  • May 27, 2014

Current and aspiring Defense Department personnel with cyber skills could see a boost in pay under a Senate 2015 defense policy bill that lawmakers detailed on Friday.

Defense is up against the private sector’s lucrative salaries as it endeavors to boost cyber mission forces. Pentagon Secretary Chuck Hagel recently said these forces, expected to include 1,800 personnel by year’s end, should number 6,000 professionals in 2016.

The Senate Armed Services Committee on Thursday approved a measure that directs each military service to determine “whether recruiting, retention, and assignment of service members with cyber skills requires bonuses or special and incentive pays,” according to the new details. The services would have to report their decisions to Congress by Jan. 31, 2015.

The policy bill, called the National Defense Authorization Act, also directs the services to consider if the cyber battleground warrants new career fields. The question is whether to create names for officer and enlisted specialties that are separate from the existing “communications, signals, and intelligence” specialties.

[…]

 # # #

The Escalating US-China Spying War Is McKinsey’s Loss and Huawei’s Gain

http://www.nextgov.com/cybersecurity/2014/05/escalating-us-china-spying-war-mckinseys-loss-and-huaweis-gain/85216/

  • By Heather Timmons
  • Government Executive
  • May 27, 2014

US consultants may be the next victim of the US and China’s escalating battle over cyber-spying. Chinese officials have asked state-owned enterprises to stop employing US consulting companies, the Financial Times reported (paywall), because of fears they are reporting company secrets to the US government.

The ban could boost the business of a company once slammed with allegations of spying for the Chinese by the US government. Equipment maker Huawei gave up on the US market after it was unable to convince the US government it was spying for Beijing, but still grew revenues 8.5% in 2013, as business in Europe and Asia grew.

The new rules come after Beijing forbid Chinese government offices from using Windows 8 last week and said they would vet imported IT equipment, and the US Department of Justice indicted five Chinese army personnel for stealing corporate secrets from US companies. Also last week, China’s Ministry of Finance proposedthat foreign accounting firms be banned from working on mainland Chinese accounts without a local partner, a move that could be as much about protecting China’s domestic industry as it is spying concerns.

The most recent ban could have a wide impact, depending on how Beijing decides to define “consulting.” Wall Street’s big investment banks, after all, advise and consult with numerous state-owned enterprise clients in China on everything from raising money to foreign takeovers. Some of the US’s biggest public relations firms have a big presence China, where they’ve been advising state-owned clients on IPO road shows and presentations to raise foreign capital.

[…]

 # # #

New banking Trojan ‘Zberp’ offers the worst of Zeus and Carberp

http://www.computerworld.com/s/article/9248567/New_banking_Trojan_Zberp_offers_the_worst_of_Zeus_and_Carberp

  • By Lucian Constantin
  • IDG News Service
  • May 26, 2014

A new computer Trojan that targets users of 450 financial institutions from around the world appears to borrow functionality and features directly from the notorious Zeus and Carberp malware programs.

The new threat, dubbed Zberp by security researchers from IBM subsidiary Trusteer, has a wide range of features. It can gather information about infected computers including their IP addresses and names; take screen shots and upload them to a remote server; steal FTP and POP3 credentials, SSL certificates and information inputted into Web forms; hijack browsing sessions and insert rogue content into opened websites, and initiate rogue remote desktop connections using the VNC and RDP protocols.

The Trusteer researchers consider Zberp a variant of ZeusVM, a recent modification of the widely used Zeus Trojan program whose source code was leaked on underground forums in 2011. ZeusVM was discovered in February and stands out from other Zeus-based malware through its authors’ use of steganography to hide configuration data inside images.

The Zberp authors use the same technique, which is meant to evade detection by anti-malware programs, to send configuration updates embedded in an image that depicts the Apple logo. However, the new threat also uses hooking techniques to control the browser that seem to have been borrowed from Carberp, another Trojan program designed for online banking fraud whose source was leaked last year.

[…]

 # # #

LulzSec hacker ‘Sabu’ praised by FBI for helping stop more than 300 cyber attacks

http://www.independent.co.uk/life-style/gadgets-and-tech/lulzsec-hacker-sabu-praised-by-fbi-for-helping-stop-more-than-300-cyber-attacks-9438035.html

  • By James Vincent
  • The Independent
  • 27 May 2014

A notorious former member of hacking group Anonymous has been praised by US prosecutors for providing “extremely valuable” assistance to the FBI and thwarting cyber attacks planned by his former associates.

According to court documents Hector Xavier Monsegur, otherwise known as ‘Sabu’, helped law enforcement stop more than 300 separate attacks since his arrest for computer hacking in June 2011.

Mr Monsegur is set to be sentenced today for his involvement in a number of major cyber attacks in the year of his arrest, with prosecutors recommending that he receive a reduced sentence.

In May 2011 Mr Monsegur and five other members of the loosely-defined Anonymous movement formed what court documents describe as “an elite hack collective or ‘crew’ commonly referred to as LulzSec”.

[…]

 # # #

F5 Networks Pounces on Fledgling Anti-DDoS Startup Defense.net

http://www.cio.com/article/753201/F5_Networks_Pounces_on_Fledgling_Anti_DDoS_Startup_Defense.net

  • By John E Dunn
  • CIO.com
  • May 26, 2014

Less than a year on from its launch, DDoS fledgling Defense.Net has been bought by F5 Networks for an undisclosed sum.

There has been a wave of security acquisitions recently, driven by the willingness of investors to cash in at what some now believe is the current high water mark for the security wave of the last five years.

It’s hard to say whether Defense.net has fallen to this trend or whether it’s simply a logical next step to embed the cloud-based DDoS mitigation it offers inside a larger and better-resourced firm that already sells on-premise systems.

Defense.Net’s launch pitch was also about not simply blocking DDoS attacks but doing so in a way that didn’t inadvertently cripple the systems it was supposed to defending or flood them with false positives. This might be another attraction; as DDoS mitigation has commoditised, vendors have looked for something, anything, to differentiate their offering from the many others out there. Given that its technology is recent, Defense.Net can plausibly can offer some of that.

[…]

 # # #

 

Updated: June 4, 2014 — 6:52 pm

The Author

Rich Fleetwood

Rich is the founder of SurvivalRing, now in it's 20th year, author of multimedia CDs and DVDs, loves the outdoors, his family, his geeky skill-set, and lives in rural Missouri, just a few miles from the Big Muddy. Always ready to help others, he shares what he learns on multiple blogs, social sites, and more. With a background in preparedness and survival skills, training with county, state, and national organizations, and skills in all areas of media and on air experience in live radio and television, Rich is always thinking about the "big picture", when it comes to helping individuals and families prepare for life's little surprises. Since 1997, he has provided guidance, authentic government survival history, and commentary on why we all need to get ready for that fateful day in the future, when we have to get our hands dirty and step in to save the day. He is an award winning videographer (2005 Telly Award), has received state and national scholarly recognition (2006 New Century Scholar and All USA Academic Team), and is a natural with computers, technology, gadgets, small furry mammals, and anything on wheels. Rich likes making friends, solving problems, and creating solutions to everyday issues. He doesn't mind mixing things up, when there is a teaching moment ready to happen. As a constitutional conservative, he's staying quite busy these days. The SurvivalRing Radio Show at www.survivalringradio.com will be coming back SOON!

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Connect With Us at
Twitter Twitter | FaceBook Facebook | LinkedInLinkedIn | Quora Quora | Instagram Instagram | Pinterest Pinterest | Youtube Youtube | Tumblr Tumblr
SurvivalRing © 2018
Contact Us | Advertise | Terms of Use | GDPR | TradeMarks | Privacy | Fair Use | Sitemap | F.T.C
Social Media Disclosure | Earnings Disclaimer | Anti Spam Policy | D.M.C.A.
Site Design by Richard Fleetwood - Founder / Director of SurvivalRing.org
Copyright © 1997-2018 SurvivalRing.org/SurvivalRing Media - All Rights Reserved. -
SurvivalRing is the Trademark (TM) & Service Mark (SM) of all SurvivalRing Media Projects
THIS WEBSITE HOSTED BY SURVIVALRING.ORG - Comments Welcome!