Skip to main content

Home/ Indie Nation/ Group items tagged attack

Rss Feed Group items tagged

Filter: All | Bookmarks | Topics Simple Middle
John Lemke

DDoS attacks on major US banks are no Stuxnet-here's why | Ars Technica - 0 views

arstechnica.com/...inst-major-us-banks-no-stuxnet

attacks 2012 ddos banks security hacking

shared by John Lemke on 12 Oct 12 - No Cached
  • More unusually, the attacks also employed a rapidly changing array of methods to maximize the effects of this torrent of data. The uncommon ability of the attackers to simultaneously saturate routers, bank servers, and the applications they run—and to then recalibrate their attack traffic depending on the results achieved—had the effect of temporarily overwhelming the targets."This very well could be a kid sitting in his mom's basement in Ohio launching these attacks." "It used to be DDoS attackers would try one method and they were kind of one-trick ponies," Matthew Prince, CEO and founder of CloudFlare, told Ars. "What these attacks appear to have shown is there are some attackers that have a full suite of DDoS methods, and they're trying all kinds of different things and continually shifting until they find something that works. It's still cavemen using clubs, but they have a whole toolbox full of different clubs they can use depending on what the situation calls for."
John Lemke

Acoustic cryptanalysis - 0 views

www.cs.tau.ac.il/...acoustic

hack IN-Pub security encryption audio acoustic

shared by John Lemke on 18 Dec 13 - No Cached
  • Here, we describe a new acoustic cryptanalysis key extraction attack, applicable to GnuPG's current implementation of RSA. The attack can extract full 4096-bit RSA decryption keys from laptop computers (of various models), within an hour, using the sound generated by the computer during the decryption of some chosen ciphertexts. We experimentally demonstrate that such attacks can be carried out, using either a plain mobile phone placed next to the computer, or a more sensitive microphone placed 4 meters away.
  • John Lemke on 18 Dec 13
     
    When I first read the article, I though it would take some sensitive mics but, quoting the article "Here, we describe a new acoustic cryptanalysis key extraction attack, applicable to GnuPG's current implementation of RSA. The attack can extract full 4096-bit RSA decryption keys from laptop computers (of various models), within an hour, using the sound generated by the computer during the decryption of some chosen ciphertexts. We experimentally demonstrate that such attacks can be carried out, using either a plain mobile phone placed next to the computer, or a more sensitive microphone placed 4 meters away."
John Lemke

Officials see Iran, not outrage over film, behind cyber attacks on US banks - Open Channel - 0 views

openchannel.nbcnews.com/...hind-cyber-attacks-on-us-banks

2012 attacks iran Cyberwarefare hacking banks cyber warfare

shared by John Lemke on 22 Sep 12 - No Cached
  • The attack is described by one source, a former U.S. official familiar with the attacks, as being "significant and ongoing" and looking to cause "functional and significant damage." Also, one source suggested the attacks were in response to U.S. sanctions on Iranian banks.
  • There was no report of an attack on the New York Stock Exchange.
John Lemke

Kurt Eichenwald Claims Snowden Is A Chinese Spy And Leaks Are Just To Protect Their Cyb... - 0 views

www.techdirt.com/...tect-their-cyber-attacks.shtml

2013 chinese attacks cyber indienationnews Snowden Eichenwald

shared by John Lemke on 04 Nov 13 - No Cached
  • And the attempts to tar and feather Ed Snowden continue. The latest is that famed reporter Kurt Eichenwald, who started attacking Ed Snowden months ago, has written up a long speculative article for Newsweek arguing that Ed Snowden has "escalated the cyber war" by giving China the necessary cover it needs to avoid reining in its own cyber attacks
  • That is, if you follow the bizarre logic here, without Snowden, Eichenwald believes that the US would have somehow convinced the Chinese to stop their cyber attack program. And, now because of Snowden, the Chinese can ignore that effort, by pointing out that the US is doing a ton of online hacking too.
  • Again, nearly everything about that statement is ridiculous. He didn't "leave all of the documents in Hong Kong." He provided heavily encrypted versions to a very small number of journalists, and then got rid of the files himself. Eichenwald takes that to mean he "left" them in Hong Kong, based on nothing, and all of this apparently means that Snowden is working for the Chinese (even though he left China pretty quickly).
John Lemke

US banks hit by more than a week of cyberattacks (Update) - 0 views

phys.org/...9-banks-week-cyberattacks.html

2012 banks Cyberwarefare cyber warfare cyberattack cyberwar USA Akamai Joe Lieberman

shared by John Lemke on 29 Sep 12 - No Cached
    • John Lemke
      John Lemke on 29 Sep 12
       
      They believe it was not a hacktivist attack because they are usually also associated with a rise in IRC and social network activity, those who would be joining the hacktivist event, and this even had no such spike.
  • Could a state actor be at play? U.S. Senator Joe Lieberman, without offering any proof, said he believed the assaults were carried out by Iran in retaliation for tightened economic sanctions imposed by the United States and its allies.
  • only a handful of groups out there that have the technical ability or incentive
  • ...3 more annotations...
  • at least half a dozen banks—including the Bank of America, JPMorgan Chase, and Citigroup—have witnessed traffic surges and disruptions. Not all have confirmed they were the victims of an online onslaught, but such surges are a hallmark of denial-of-service attacks, which work by drowning target websites with streams of junk data.
  • Such attacks are fairly common and generally don't compromise sensitive data or do any lasting damage. Still, they can be a huge headache for companies that rely on their websites to interact with customers.
  • Most say the recent spate of attacks has been unusually powerful. PNC bank, which was hit on Thursday, has never seen such a strong surge in traffic, spokesman Fred Solomon said in a telephone interview. Smith said he estimated the flow of data at 60 to 65 gigabits per second.
John Lemke

Java-based malware driving DDoS botnet infects Windows, Mac, Linux devices | Ars Technica - 0 views

arstechnica.com/...ects-windows-mac-linux-devices

2014 malware ddos windows mac linux technology tech security botnet

shared by John Lemke on 29 Jan 14 - No Cached
  • takes hold of computers by exploiting CVE-2013-2465, a critical Java vulnerability that Oracle patched in June. The security bug is present on Java 7 u21 and earlier. Once the bot has infected a computer, it copies itself to the autostart directory of its respective platform to ensure it runs whenever the machine is turned on. Compromised computers then report to an Internet relay chat channel that acts as a command and control server.
  • The botnet is designed to conduct distributed denial-of-service attacks on targets of the attackers' choice. Commands issued in the IRC channel allow the attackers to specify the IP address, port number, intensity, and duration of attacks.
John Lemke

Stepson of Stuxnet stalked Kaspersky for months, tapped Iran nuke talks | Ars Technica - 0 views

arstechnica.com/...-months-tapped-iran-nuke-talks

2015 kaspersky iran ars stuxnet malware cyber warfare espionage blackhat attack virus zero-day

shared by John Lemke on 10 Jun 15 - No Cached
  • Since some time in the second half of 2014, a different state-sponsored group had been casing their corporate network using malware derived from Stuxnet, the highly sophisticated computer worm reportedly created by the US and Israel to sabotage Iran’s nuclear program.
  • the malware was more advanced than the malicious programs developed by the NSA-tied Equation Group that Kaspersky just exposed. More intriguing still, Kaspersky antivirus products showed the same malware has infected one or more venues that hosted recent diplomatic negotiations the US and five other countries have convened with Iran over its nuclear program.
  • We see this battle or arms race emerging and now it involves some kind of confrontation between the security industry and nation-state sponsored spies
  • ...3 more annotations...
  • Kaspersky officials first became suspicious their network might be infected in the weeks following February's Security Analyst Summit, where company researchers exposed a state-sponsored hacking operation that had ties to some of the developers of Stuxnet. Kaspersky dubbed the highly sophisticated group behind the 14-year campaign Equation Group. Now back in Moscow, a company engineer was testing a software prototype for detecting so-called advanced persistent threats (APTs), the type of well-organized and highly sophisticated attack campaigns launched by well-funded hacking groups. Strangely enough, the developer's computer itself was having unusual interactions with the Kaspersky network. The new APT technology under development, it seemed, was one of several things of interest to the Duqu attackers penetrating the Kaspersky fortress. "For the developer it was important to find out why" his PC was acting oddly, Kamluk said. "Of course, he did not consider that machine could be infected by real malware. We eventually found an alien module that should not be there that tried to mask behind legitimate looking modules from Microsoft. That was the point of discovery."
  • What they found was a vastly overhauled malware operation that made huge leaps in stealth, operational security, and software design. The Duqu actors also grew much more ambitious, infecting an estimated 100 or so targets, about twice as many as were hit by the 2011 version.
  • So the Duqu 2.0 attackers pulled an audacious feat that Kaspersky researchers had never seen before. Virtually all of the malware resided solely in the memory of the compromised computers or servers. When one of them was restarted, the infection would be purged, but as the rebooted machine reconnected to the network, it would be infected all over again by another compromised computer in the corporate network. The secret lynchpin making this untraceable reinfection scheme possible was the Windows vulnerability Microsoft patched only Tuesday, which has been designated
John Lemke

Destructive cyber attack inevitable: NSA chief - 0 views

www.physorg.com/...yber-inevitable-nsa-chief.html

2011 writeabout writeatlockergnome attack destructive cyber cyberattack malware security NSA USA threat wroteatindienation

shared by John Lemke on 01 Mar 11 - No Cached
  • John Lemke on 01 Mar 11
     
    The US National Security Agency (NSA) chief General Keith Alexander, pictured here in 2010, on Thursday urged top computer security specialists to harden the nation's critical infrastructure against inevitable destructive cyber attacks. LUMPY HAS NOTES BELOW THISQUOTE Ties in with Stuxnet and Anonymous and Antonymous having Stuxnet.  Might make a nice security and malware 30 news shows
John Lemke

Leaked Snowden documents detail NSA's plans for 'millions' of malware attacks | The Verge - 0 views

www.theverge.com/...or-millions-of-malware-attacks

2014 leaked documents nsa malware attacks security privacy yourroights surveillance spying indienationnews law legal

shared by John Lemke on 12 Mar 14 - No Cached
  • A program known as TURBINE, first revealed last year, is meant to dramatically speed the process: one document says it will "allow the current implant network to scale to large size (millions of implants) by creating a system that does automated control implants by groups instead of individually."
  • The scaling process, according to Greenwald, started in 2004, when the NSA operated only 100 to 150 software implants. The number of implants used in the years between 2010 to 2012, by contrast, is described as numbering in the tens of thousands.
John Lemke

Active malware operation let attackers sabotage US energy industry | Ars Technica - 0 views

arstechnica.com/...rs-sabotage-us-energy-industry

2014 indienationnews malware energy industry cuberattack hacking security

shared by John Lemke on 30 Jun 14 - No Cached
  • Researchers have uncovered a malware campaign that gave attackers the ability to sabotage the operations of energy grid owners, electricity generation firms, petroleum pipelines, and industrial equipment providers.
  • the hacking group managed to install one of two remote access trojans (RATs) on computers belonging to energy companies located in the US and at least six European countries, according to a
  • Called Dragonfly
  • ...3 more annotations...
  • "This campaign follows in the footsteps of Stuxnet, which was the first known major malware campaign to target ICS systems," the Symantec report stated. "While Stuxnet was narrowly targeted at the Iranian nuclear program and had sabotage as its primary goal, Dragonfly appears to have a much broader focus with espionage and persistent access as its current objective with sabotage as an optional capability if required."
  • been in operation since at least 2011
  • "The Dragonfly group is technically adept and able to think strategically," the Symantec report stated. "Given the size of some of its targets, the group found a 'soft underbelly' by compromising their suppliers, which are invariably smaller, less protected companies."
John Lemke

Stealing Encryption Keys Just by Touching a Laptop - 0 views

thehackernews.com/...g-encryption-keys-just-by.html

2014 encryption laptop indienationnews security news

shared by John Lemke on 27 Aug 14 - No Cached
  • A team of computer security experts at Tel Aviv University (Israel) has come up with a new potentially much simpler method that lets you steal data from computers — Just Touch it — literally.
  • In order to victimize any computer, all you need to do is wear a special digitizer wristband and touch the exposed part of the system. The wristband will measure all the tiny changes in the ground electrical potential that can reveal even stronger encryption keys, such as a 4,096-bit RSA key.
  • in some cases, you don't even have to touch the system directly with your bare hands. You can intercept encryption keys from attached network and video cables as well. Researchers called it a side-channel attack.
  • ...1 more annotation...
  • The actual attack can be performed quickly. According to the research, "despite the GHz-scale clock rate of the laptops and numerous noise sources, the full attacks require a few seconds of measurements using medium frequency signals (around 2 MHz), or one hour using low frequency signals (up to 40 kHz)."
John Lemke

The NSA Uses Powerful Toolbox in Effort to Spy on Global Networks - SPIEGEL ONLINE - 0 views

www.spiegel.de/...-global-networks-a-940969.html

2013 nsa spy yourrights surveillance spying IN-Pub

shared by John Lemke on 30 Dec 13 - No Cached
  • According to internal NSA documents viewed by SPIEGEL, these on-call digital plumbers are involved in many sensitive operations conducted by American intelligence agencies. TAO's area of operations ranges from counterterrorism to cyber attacks to traditional espionage. The documents reveal just how diversified the tools at TAO's disposal have become -- and also how it exploits the technical weaknesses of the IT industry, from Microsoft to Cisco and Huawei, to carry out its discreet and efficient attacks. The unit is "akin to the wunderkind of the US intelligence community," says Matthew Aid, a historian who specializes in the history of the NSA. "Getting the ungettable" is the NSA's own description of its duties. "It is not about the quantity produced but the quality of intelligence that is important," one former TAO chief wrote, describing her work in a document. The paper seen by SPIEGEL quotes the former unit head stating that TAO has contributed "some of the most significant intelligence our country has ever seen." The unit, it goes on, has "access to our very hardest targets."
  • John Lemke on 30 Dec 13
     
    Page One of a good three page read on just how extensive the government's illegal spying operations actually are... the worst part is it is just how extensive the portions of it we know about are!
John Lemke

NSA's bulk phone data collection ruled unconstitutional, 'almost Orwellian,' by federal... - 0 views

boingboing.net/...s-bulk-phone-data-collect.html

2013 law legal Court+Rulings NSA spying yourrights litigation constitutional

shared by John Lemke on 16 Dec 13 - No Cached
  • “The government does not cite a single case in which analysis of the NSA’s bulk metadata collection actually stopped an imminent terrorist attack,” the judge wrote.
  • “Given the limited record before me at this point in the litigation – most notably, the utter lack of evidence that a terrorist attack has ever been prevented because searching the NSA database was faster than other investigative tactics – I have serious doubts about the efficacy of the metadata collection program as a means of conducting time-sensitive investigations in cases involving imminent threats of terrorism.”
  • “I acted on my belief that the NSA's mass surveillance programs would not withstand a constitutional challenge, and that the American public deserved a chance to see these issues determined by open courts,” Snowden wrote. “Today, a secret program authorized by a secret court was, when exposed to the light of day, found to violate Americans’ rights. It is the first of many.”
John Lemke

Shellshock: Code injection vulnerability found in Bash | LIVE HACKING - 0 views

www.livehacking.com/...on-vulnerability-found-in-bash

2014.09.29-TNN code bash hacking indienationnews 2014 technology tech security

shared by John Lemke on 26 Sep 14 - No Cached
  • A code injection vulnerability in the Bourne again shell (Bash) has been disclosed on the internet. If exploited then arbitrary commands can be executed, and where Bash is used in relation to a network service, for example in CGI scripts on a web server, then the vulnerability will allow remote code execution.
  • The problem is that Bash does not stop after processing the function definition; it continues to parse and execute any shell commands following the function definition
  • The vulnerability is deemed as critical because Bash is used widely on many types of UNIX-like operating systems including Linux, BSD, and Mac OS X.
  • ...1 more annotation...
  • The most prominent attack vector is via HTTP requests sent to CGI scripts executed by Bash. Also, if SSH has been configured to allow remote users to run a set of restricted commands, like rsync or git, this bug means that an attacker can use SSH to execute any command and not just the restricted command.
John Lemke

Hackers Using 'Shellshock' Bash Vulnerability to Launch Botnet Attacks - 0 views

thehackernews.com/...ash-Vulnerability-exploit.html

2014.09.29-TNN indienationnews vulnerability bash hackers security vunerability

shared by John Lemke on 27 Sep 14 - No Cached
  • Researchers on Thursday discovered a critical remotely exploitable vulnerability in the widely used command-line shell GNU Bourne Again Shell (Bash), dubbed "Shellshock" which affects most of the Linux distributions and servers worldwide, and may already have been exploited in the wild to take over Web servers as part of a botnet that is currently trying to infect other servers as well.
  • the vulnerability is already being used maliciously by the hackers.
  • There is as of yet no official patch that completely addresses both vulnerabilities, including the second, which allows an attacker to overwrite files on the targeted system.
  • ...3 more annotations...
  • It's things like CGI scripts that are vulnerable, deep within a website (like CPanel's /cgi-sys/defaultwebpage.cgi)," Graham wrote in a blog post. "Getting just the root page is the thing least likely to be vulnerable. Spidering the site and testing well-known CGI scripts (like the CPanel one) would give a lot more results—at least 10x." In addition, Graham said, "this thing is clearly wormable and can easily worm past firewalls and infect lots of systems. One key question is whether Mac OS X and iPhone DHCP service is vulnerable—once the worm gets behind a firewall and runs a hostile DHCP server, that would be 'game over' for large networks."
  • 32 ORACLE PRODUCTS VULNERABLE
  • PATCH ISSUED, BUT INCOMPLETE
  • John Lemke on 27 Sep 14
     
    "Researchers on Thursday discovered a critical remotely exploitable vulnerability in the widely used command-line shell GNU Bourne Again Shell (Bash), dubbed "Shellshock" which affects most of the Linux distributions and servers worldwide, and may already have been exploited in the wild to take over Web servers as part of a botnet that is currently trying to infect other servers as well."
John Lemke

FBI pushes for surveillance backdoors in Web 2.0 tools - 0 views

arstechnica.com/...-backdoors-in-web-20-tools.ars

fbi surveillance cyberattack 2011 writeabout writeatlockergnome privacy spying monitoring

shared by John Lemke on 01 Mar 11 - No Cached
  • John Lemke on 01 Mar 11
     
    The FBI pushed Thursday for more built-in backdoors for online communication, but beat a hasty retreat from its earlier proposal to require providers of encrypted communications services to include a backdoor for law enforcement wiretaps. LUMPY HAS NOTES BELOW ties in with securirty and cyber attack.. use it as excuse
1 - 20 of 26 Next ›
Showing 20 items per page