Skip to main content

Home/ Indie Nation/ Group items tagged campaign

Rss Feed Group items tagged

Filter: All | Bookmarks | Topics Simple Middle
John Lemke

Active malware operation let attackers sabotage US energy industry | Ars Technica - 0 views

arstechnica.com/...rs-sabotage-us-energy-industry

2014 indienationnews malware energy industry cuberattack hacking security

shared by John Lemke on 30 Jun 14 - No Cached
  • Researchers have uncovered a malware campaign that gave attackers the ability to sabotage the operations of energy grid owners, electricity generation firms, petroleum pipelines, and industrial equipment providers.
  • the hacking group managed to install one of two remote access trojans (RATs) on computers belonging to energy companies located in the US and at least six European countries, according to a
  • Called Dragonfly
  • ...3 more annotations...
  • "This campaign follows in the footsteps of Stuxnet, which was the first known major malware campaign to target ICS systems," the Symantec report stated. "While Stuxnet was narrowly targeted at the Iranian nuclear program and had sabotage as its primary goal, Dragonfly appears to have a much broader focus with espionage and persistent access as its current objective with sabotage as an optional capability if required."
  • been in operation since at least 2011
  • "The Dragonfly group is technically adept and able to think strategically," the Symantec report stated. "Given the size of some of its targets, the group found a 'soft underbelly' by compromising their suppliers, which are invariably smaller, less protected companies."
John Lemke

Stepson of Stuxnet stalked Kaspersky for months, tapped Iran nuke talks | Ars Technica - 0 views

arstechnica.com/...-months-tapped-iran-nuke-talks

2015 kaspersky iran ars stuxnet malware cyber warfare espionage blackhat attack virus zero-day

shared by John Lemke on 10 Jun 15 - No Cached
  • Since some time in the second half of 2014, a different state-sponsored group had been casing their corporate network using malware derived from Stuxnet, the highly sophisticated computer worm reportedly created by the US and Israel to sabotage Iran’s nuclear program.
  • the malware was more advanced than the malicious programs developed by the NSA-tied Equation Group that Kaspersky just exposed. More intriguing still, Kaspersky antivirus products showed the same malware has infected one or more venues that hosted recent diplomatic negotiations the US and five other countries have convened with Iran over its nuclear program.
  • We see this battle or arms race emerging and now it involves some kind of confrontation between the security industry and nation-state sponsored spies
  • ...3 more annotations...
  • Kaspersky officials first became suspicious their network might be infected in the weeks following February's Security Analyst Summit, where company researchers exposed a state-sponsored hacking operation that had ties to some of the developers of Stuxnet. Kaspersky dubbed the highly sophisticated group behind the 14-year campaign Equation Group. Now back in Moscow, a company engineer was testing a software prototype for detecting so-called advanced persistent threats (APTs), the type of well-organized and highly sophisticated attack campaigns launched by well-funded hacking groups. Strangely enough, the developer's computer itself was having unusual interactions with the Kaspersky network. The new APT technology under development, it seemed, was one of several things of interest to the Duqu attackers penetrating the Kaspersky fortress. "For the developer it was important to find out why" his PC was acting oddly, Kamluk said. "Of course, he did not consider that machine could be infected by real malware. We eventually found an alien module that should not be there that tried to mask behind legitimate looking modules from Microsoft. That was the point of discovery."
  • What they found was a vastly overhauled malware operation that made huge leaps in stealth, operational security, and software design. The Duqu actors also grew much more ambitious, infecting an estimated 100 or so targets, about twice as many as were hit by the 2011 version.
  • So the Duqu 2.0 attackers pulled an audacious feat that Kaspersky researchers had never seen before. Virtually all of the malware resided solely in the memory of the compromised computers or servers. When one of them was restarted, the infection would be purged, but as the rebooted machine reconnected to the network, it would be infected all over again by another compromised computer in the corporate network. The secret lynchpin making this untraceable reinfection scheme possible was the Windows vulnerability Microsoft patched only Tuesday, which has been designated
John Lemke

A small-town theater campaign's larger projections - latimes.com - 0 views

www.latimes.com/...eater-20121231,0,6750234.story

2013 campaign theater business businessmodel newmediaorder film movieindustry newbusinessmodel

shared by John Lemke on 07 Jan 13 - No Cached
  • They ran models of Nelson's subscription-based theater idea, showing that to break even they would need 3,000 people, or 15% of the mountain communities, to sign up. For $19.95 per month, a member would be able to see each movie one time and buy individual tickets for friends. Non-members could buy a $16 day pass.
  • While researching the theater business, Nelson learned that studios are transitioning to digital distribution. Thousands of independent theaters that couldn't afford equipment upgrades have closed over the last 10 years, according to industry experts. Hundreds of others — which, like the Met, still show print films — remain on the brink. The subscription business model could pay for the new equipment.
  • The tricky part of the membership-model calculation is that box-office totals are based on ticket sales, and distribution deals for a movie include a percentage of each ticket sold. But Met members would scan magnetic cards to record attendance totals for each film. In the end, the success of the venture may come down to whether major studios are willing to negotiate contracts without traditional tickets being sold. But first, success depends on signing up members.
  • John Lemke on 07 Jan 13
     
    "They ran models of Nelson's subscription-based theater idea, showing that to break even they would need 3,000 people, or 15% of the mountain communities, to sign up. For $19.95 per month, a member would be able to see each movie one time and buy individual tickets for friends. Non-members could buy a $16 day pass."
John Lemke

Paul Foot award: Guardian wins special investigation prize for Snowden files | Media | ... - 0 views

www.theguardian.com/...t-award-guardian-snowden-files

2014 indienationnews guardian award Paul Foot Award Snowden

shared by John Lemke on 26 Feb 14 - No Cached
  • Guardian journalists have been recognised at the Paul Foot award 2013 for their work on the investigation into what files leaked by Edward Snowden revealed about the extent of mass surveillance by British and US intelligence agencies.
  • The £2,000 special investigation award,
  • Private Eye and the Guardian set up the Paul Foot award in 2005 in memory of the campaigning journalist, who died in 2004.
  • ...1 more annotation...
  • Ian Hislop, the editor of Private Eye, said: "The results of the Paul Foot award are a closely kept secret. Unless you work in GCHQ when you presumably have known for weeks. However what is not a secret is how impressive the entries are this year, how resilient investigative journalism is proving to be and how optimistic this made the judges feel."
John Lemke

Uroburos Rootkit: Most sophisticated 3-year-old Russian Cyber Espionage Campaign - The ... - 0 views

thehackernews.com/...tkit-most-sophisticated-3.html

rootkit russian espionage 2014 indienationnews hacker technology tech security malware

shared by John Lemke on 05 Mar 14 - No Cached
  • The researchers claimed that the malware may have been active for as long as three years before being discovered and appears to have been created by Russian developers.
  • The two main components of Uroburos are - a driver and an encrypted virtual file system, used to disguise its nasty activities and to try to avoid detection. Its driver part is extremely complex and is designed to be very discrete and very difficult to identify.
  • The virtual file system can’t be decrypted without the presence of drivers, according to the Gdata’s analysis explained in the PDF.
  • ...2 more annotations...
  • we assume that the group behind Uroburos is the same group that performed a cyberattack against the United States of America in 2008 with a malware called Agent.BTZ
  • The attacks carried out with Uroburos are targeting government institutions, research institutions, intelligence agencies, nation states, research institutions or companies dealing with sensitive information as well as similar high-profile targets. The oldest drivers identified by the researchers was compiled in 2011 is the evidence that the malware was created around three years ago and was undetected.
1 - 5 of 5
Showing 20 items per page