Is Russia Behind Recent US Malware Attacks?

September 30, 2015 by admin
Filed under Computing

Comments Off on Is Russia Behind Recent US Malware Attacks?

It would appear that while the US has been blaming China for all its cyber break-ins it appears to be ignoring Tsar Putin’s elite hacking team for the last seven years.

For the past seven years, a cyberespionage group operating out of Russia on the orders of Tsar Putin have been conducting a series of malware campaigns targeting governments, political think tanks and other organizations.

Researchers at F-Secure have been looking into the antics of an outfit called “the Dukes” which has been active since at least 2008. The group has evolved into a methodical developer of “zero-day” attacks, pulling together their own research with the published work of other security firms to provide a more detailed picture of the people behind a long-running family of malware.

The Dukes specialize in “smash and grab” attacks on networks, but have also used subtle, long-term intrusions that harvested massive amounts of data from their targets.

The group’s targets do include criminal organisations operating in the Russian Federation, which suggest there is some form of policing element to it. But they are mostly interested in Western governments and related organisations, such as government ministries and agencies, political think tanks and governmental subcontractors.

F-Secure team wrote. “Their targets have also included the governments of members of the Commonwealth of Independent States; Asian, African, and Middle Eastern governments; organisations associated with Chechen terrorism; and Russian speakers engaged in the illicit trade of controlled substances and drugs.”

The group was named after its earliest-detected malware, known as PinchDuke. Its targets were associated with the Chechen separatist movement. Later that year they were going after Western governments and organisations in search of information about the diplomatic activities of the United States and the NATO.

Most of the attacks used spear phishing emails as the means of injecting malware onto targeted systems, one of their attacks have spread malware through a malicious Tor exit node in Russia, targeting users of the anonymising network with malware injections into their downloads.

The targets have always followed Russian government interests. There are a number of Russian-language artifacts in some of the malware, including an error message in PinchDuke. GeminiDuke also used timestamps that were adjusted to match Moscow Standard time.

Before the beginning of the Ukraine crisis, the group began using a number of decoy documents in spear phishing attacks that were related to Ukraine. They included a letter undersigned by the First Deputy Minister for Foreign Affairs of Ukraine.

However, after the crisis happened the attacks dropped off suggesting that it was an intelligence gathering operation. It is also a big operation, which, if operating in Russia would most likely require state acknowledgement, if not outright support.

Source-http://www.thegurureview.net/computing-category/is-russia-behind-us-malware-attacks.html

Tags: 2020 Olympics, allies, analysis, analysts, ASIA, attacks, ballistic missiles, bases, China, Computers, counter-intelligence, cyber, cyber defense, Cyber Defense Policy Working Group, defense, defense experts, defense systems, desktops, encryption, equipment, forces, Geodo, government, Hackers, infections, information, intelligence, internet, Japan, Japan Self-Defense Forces, machines, malware, military, networks, North America, North Korea, Olympics, Online, partnerships, PC's, power grids, private, protection, public, research, researchers, Security, servers, services, state-sponsored actors, systems, technology, terrorists, Tokyo, U.S. Forces, United States, USA, viruses, web, Websense

Dropbox Beefs Up Security

August 25, 2015 by admin
Filed under Around The Net

Comments Off on Dropbox Beefs Up Security

Two-factor authentication is widely regarded as a best practice for security in the online world, but Dropbox has announced a new feature that’s designed to make it even more secure.

Whereas two-step verification most commonly involves the user’s phone for the second authentication method, Dropbox’s new U2F support adds a new means of authenticating the user via Universal 2nd Factor (U2F) security keys instead.

What that means is that users can now use a USB key as an additional means to prove who they are.

“This is a very good advancement and adds extra security over mobile notifications for two-factor authentication,” said Rich Mogull, Securosis CEO.

“Basically, you can’t trick a user into typing in credentials,” Mogull explained. “The attacker has to compromise the exact machine the user is on.”

For most users, phone-based, two-factor authentication is “totally fine,” he said. “But this is a better option in high-security environments and is a good example of where the FIDO standard is headed.”

Security keys provide stronger defense against credential-theft attacks like phishing, Dropbox said.

“Even if you’re using two-step verification with your phone, some sophisticated attackers can still use fake Dropbox websites to lure you into entering your password and verification code,” the company explained in a blog post. “They can then use this information to access your account.”

Security keys, on the other hand, use cryptographic communication and will only work when the user is signing in to the legitimate Dropbox website.

Dropbox users who want to use the new feature will need a security key that follows the FIDO Alliance’s Universal 2nd Factor (U2F) standard. That U2F key can then be set up with the user’s Dropbox account along with any other U2F-enabled services, such as Google.

Source

Tags: access, accounts, addresses, analysis, analysts, applications, apps, blogging, blogs, Cellular, Computers, credentials, cyberattacks, data, defense, desktops, Dropbox, Email, features, FIDO, FIDO Alliance, file transfers, files, Google, Hackers, hardware, high-security environments, information, internet, keys, laptops, machines, mailboxes, Mobile, mobile notifications, networks, notifications, Online, Passwords, phishing, phones, researchers, Rich Mogull, Security, Securosis, services, Software, standards, subscribers, tablets, technology, tw-factor authentication, U2F, Universal 2nd Factor, USB key, users, verification, web, websites, Wireless

Google, Dropbox Team Up

July 22, 2014 by admin
Filed under Computing

Comments Off on Google, Dropbox Team Up

Google, Dropbox and a few other high-tech firms have devised a new way to help protect themselves against patent trolls.

Patent trolls, or “non-practicing entities,” are companies that buy up old patents and try to monetize them by accusing others of infringement. They usually request a one-off licensing fee to end a lawsuit, something many companies reluctantly pay because it’s cheaper than defending the claim.

The practice has become a significant problem in the high-tech field, in part because of the complex nature of modern software and hardware.

In an attempt to stop it, six high-tech companies have banded together to launch the License on Transfer Network, or LOT Network.

Members of Lotnet retain full ownership and licensing rights of their patents, but they agree to provide each other with a royalty-free license should any of the patents ever be sold.

That means if Dropbox, for instance, sells a patent on data storage to a third party, Google and the other members will first receive a license to the technology. That should insulate them from any lawsuits brought by the patent’s new owner.

Besides Google and Dropbox, the launch members include SAP, Canon, Asana and Newegg. They hope the agreement will reduce the nuisance of patent trolling.

“The LOT Network is a sort of arms control for the patent world,” said Allen Lo, deputy general counsel for patents at Google, in a statement. “By working together, we can cut down on patent litigation, allowing us to focus instead on building great products.”

The group is offering membership to other technology companies.

Source

Tags: applications, apps, Asana, attorneys, awards, browsers, businesses, Canon, cases, Cellular, claims, companies, Computers, Computing, consumers, controls, court, court cases, customers, data, data storage, defense, designs, Dropbox, firms, general counsel, Google, government, hardware, high-tech, infringement, internet, judges, lawsuits, Lawyers, liceneses, License Transfer Network, licensing rights

SecureID CRACKED?

May 31, 2012 by admin
Filed under Around The Net

Comments Off on SecureID CRACKED?

An analyst has come up with a technique that clones the secret software token that RSA’s SecurID uses to generate one-time passwords.

Sensepost senior security analyst Behrang Fouladi said that the discovery has important implications for the safekeeping of the tokens. Fouladi demonstrated another way determined attackers could circumvent protections built into SecurID. By reverse engineering software used to manage the cryptographic software tokens on computers running Windows, he found that the secret “seed” was easy for people with control over the machines to locate and copy. He provided step-by-step instructions for others to follow in order to demonstrate how easy it is to create clones that mimic verbatim the output of a targeted SecurID token.

Source…

Tags: banks, block fraudalent online transactions, Computers, consumers, contractors, customers, cybercriminals, defense, deployment, encryption, Fraud, hacking, internet, Lockheed Martin, Online, PC's, replacement program, rick tolerance, risks, RSA, RSA Chairman, RSA Transaction Monitoring service, SecureID, security breach, Sensepos, systems, technologies, technology, Theft, tokens, virtual private networks, VPN, web, Wireless

Pentagon Practices Cyberwar

June 23, 2011 by admin
Filed under Around The Net

Comments Off on Pentagon Practices Cyberwar

A mock Internet where the Pentagon can practice cyberwar games — complete with software that simulates human behavior under multiple military threat levels — is due to be up and running in a year’s time, according to a published report.

Called the National Cyber Range, the computer network mimics the architecture of the Internet so military planners can study the effects of cyberweapons by acting out attack and defense scenarios, Reuters says.

Planning for the Cyber Range was carried out by Lockheed Martin, which won a $30.8 million Defense Advanced Research Projects Agency (DARPA) grant, and Johns Hopkins University Applied Physics Laboratory, which won $24.7 million.

Cyber Range plans call for the ability to simulate offensive and defensive measures of the caliber that nations might be able to carry out. DARPA wants the range to support multiple tests and scenarios at the same time and to ensure that they don’t interfere with each other. “The Range must be capable of operating from Unclassified to Top Secret/Special Compartmentalized Information/Special Access Program with multiple simultaneous tests operating at different security levels and compartments,” according to DARPA’s announcement of the project.

RSA To Replace SecureID Tokens

June 10, 2011 by admin
Filed under Around The Net

Comments Off on RSA To Replace SecureID Tokens

In an acknowledgement of the severity of its recent systems breach, RSA Security said Monday that it will replace SecureID tokens for any customer that asks.

Customers have been left to ponder whether or not to trust RSA’s security tokens since March, when the company confirmed that it had been hacked and issued a vague warning to its customers. Then, two weeks ago, government contractor Lockheed Martin was reportedly forced to pull access to its virtual private network after hackers compromised the SecureID technology.

In a letter sent to customers Monday, RSA confirmed that the Lockheed Martin incident was related to SecureID. Information “taken from RSA in March had been used as an element of an attempted broader attack on Lockheed Martin,” RSA Executive Chairman Art Coviello stated in the letter.

Coviello said the company remains “highly confident in the RSA SecureID product,” but acknowledged that the recent Lockheed Martin attack and general concerns over hacking, “may reduce some customers’ overall risk tolerance.”

RIM’s PlayBook Gets Harsh Reviews

April 17, 2011 by admin
Filed under Around The Net

Comments Off on RIM’s PlayBook Gets Harsh Reviews

RIM’s PlayBook tablet didn’t fare so well with influential technology reviewers who called the iPad competitor a rushed job that won’t even provide RIM’s wildly popular email service unless it’s hooked up to a BlackBerry.

The overwhelmingly bad initial response to a device the company hopes will get it attached to the tablet computing explosion overshadowed a splashy coming-out party in New York Thursday evening, where co-CEOs Jim Balsillie and Mike Lazaridis played up the gadget’s attractiveness with corporate users.

There was little mention of the blistering reviews only hours before.

“RIM has just shipped a BlackBerry product that cannot do email. It must be skating season in hell,” New York Times’ David Pogue wrote in a review published on Thursday.

Research In Motion built its reputation on a BlackBerry email service that it says is so secure that it can’t bow to government requests to tap messages, winning high-profile customers in business, defense and politics before branching out to a wider consumer market.

But the PlayBook, which hits North American store shelves on Tuesday, offers that secure service only in tandem with a BlackBerry. RIM says secure email and other key services will come later, not at launch.

Advantages of Using a Consultant

Information Security

Biggest Data Breaches

News

Connect With Us

Join Our Mailing List

Latest News

Request A Quote

Contact Us