Items Tagged with "Attacks"
September 11, 2012 Added by:Richard Stiennon
Forcing utility operators, banks, and earth resources companies to comply with frameworks based on outmoded asset and vulnerability methodologies will distract them from implementing threat based defenses. The Executive Order, if issued, will do much more harm than good...
September 10, 2012 Added by:Brent Huston
Our testing of the “rdp-sec-check” tool showed it to be quite useful in determining the configuration of exposed Terminal Services and in hardening them. Keep in mind, it is likely useful to harden the Terminal Services implementations internally to critical systems as well...
September 10, 2012 Added by:Pierluigi Paganini
The attacks appeared to be originated in China and aimed at dozens of other organizations who were hit, of which Adobe Systems and Juniper Networks confirmed the incident. The press is also convinced that other companies were targeted such as Morgan Stanley, Northrop Grumman and Yahoo...
September 07, 2012 Added by:Scot Terban
Pandora’s box has been opened. All the players are taking the field, and many of them may not be ready to play a proper game… Shamoon did it’s thing, but it seems to be more a brute force tool than an elegant piece of code and a slick plan. The blowback though is yet to be determined...
September 05, 2012 Added by:Rafal Los
Only after many years of beating the drum that non-security professionals are waking up to the fact that security cannot be an after-thought in development. It'll take another five years before business executives are comfortable with the notion that they will be breached...
September 04, 2012 Added by:Pierluigi Paganini
We can continue to the bitter end, but the lesson we must learn is that Anonymous has now become a part of our daily life, an element with which every security expert will have to face sooner or later. Continuing to ignore the phenomenon of hacktivism is very dangerous...
August 30, 2012 Added by:Richard Stiennon
An international treaty and regulatory body will not gain much traction in the military academies and think tanks around the world. Why restrict a nation’s options in war fighting – especially when cyber weapons are inexpensive and could reduce the overall level of force required to achieve an end goal?
August 30, 2012 Added by:Infosec Island Admin
W32.DistTrack, also known as “Shamoon,” is an information-stealing malware that also includes a destructive module. Shamoon renders infected systems useless by overwriting the Master Boot Record (MBR), the partition tables, and most of the files with random data. Once overwritten, the data are not recoverable...
August 29, 2012 Added by:Dan Dieterle
With all the media hype over Stuxnet, cyber war and cyber weapons – should US citizens be legally allowed to own and use these weapons in accordance with their 2nd Amendment rights? Why shouldn’t Americans be allowed to actively defend themselves against online electronic risks as well as physical threats?
August 28, 2012 Added by:Jeffrey Carr
Iran is at the center of every significant aspect of this attack. It is the only nation with access to the original Wiper virus from which Shamoon was copied. Perhaps Iran has learned something from Russia about the strategy of misdirection via the government's recruitment of patriotic hackers...
August 28, 2012 Added by:Pierluigi Paganini
“As a commander in Afghanistan in the year 2010, I was able to use my cyber operations against my adversary with great impact... I was able to get inside his nets, infect his command-and-control, and in fact defend myself against his almost constant incursions to get inside my wire, to affect my operations...”
August 28, 2012 Added by:Joel Harding
So what is cyberwar? Most people feel that some country is going to launch attacks against another, trying to blind their military, mute the government and make life incredibly miserable for their citizens. If the attack is successful, part of the economic base will probably be permanently destroyed...
August 28, 2012 Added by:Infosec Island Admin
ICS-CERT onsite analysis included a search for host-based and network-based indicators to identify additional hosts for further analysis. ICS-CERT hashed files from approximately 1700 machines and compared them to hashes of known malicious files and examined proxy logs to identify any suspicious network activity...
August 27, 2012 Added by:Don Eijndhoven
XDocCrypt/Dorifel is a new trojan that encrypts executables, Excel- and Word files that it finds on USB drives and network disks, causing companies to come to a grinding halt after infection. What worries me most is it’s being delivered by systems previously infected with the Citadel/Zeus trojan...
August 27, 2012 Added by:Jeffrey Carr
Most security operations centers are monitoring for an APT-style attack and their defensive tactics are geared towards interrupting it by use of an "intrusion kill chain". The attack on Saudi Aramco didn't fit this model, and hence would have been completely missed by most of the world's largest companies...
August 27, 2012 Added by:Scot Terban
As the complexity of attacks grow at a rate outstripping the pace of Moores Law, defenders have to take up a more nuanced approach to protecting their environments. Reliance on technical solutions alone is not tenable, you have to look at the creature behind the keyboard to get a better picture of the attack...