Cyber Security

User avatar
ZekeB
Posts: 14717
Joined: Mon Oct 12, 2009 10:07 pm
Location: Northwest part of Semi Blue State

Re: Cyber Security

#126

Post by ZekeB » Tue Oct 17, 2017 7:25 am

pipistrelle wrote:
Tue Oct 17, 2017 7:20 am
dubious marketing tactics
This sounds like one.
Anytime someone wants to sell or give me a program that will remove a virus that I may or may not have, I get suspicious. They may be attaching something of their own that will infect your computer in their own way.


Ano, jsou opravdové. - Stormy Daniels

Nech mě domluvit! - Orly Taitz

User avatar
RTH10260
Posts: 17671
Joined: Tue Mar 02, 2010 8:52 am
Location: Near the Swiss Alps

Re: Cyber Security

#127

Post by RTH10260 » Tue Oct 17, 2017 8:49 am

MsDaisy wrote:
Tue Oct 17, 2017 7:02 am
Does this Coinhive thing affect Mac as well as PCs? :confused:
Yes, as it is coded in the browser scripting language Javascript and runs within the browser.



User avatar
RTH10260
Posts: 17671
Joined: Tue Mar 02, 2010 8:52 am
Location: Near the Swiss Alps

Re: Cyber Security

#128

Post by RTH10260 » Tue Oct 17, 2017 2:43 pm

More headache:
Key Reinstallation Attacks
Breaking WPA2 by forcing nonce reuse

Discovered by Mathy Vanhoef of imec-DistriNet, KU Leuven

We discovered serious weaknesses in WPA2, a protocol that secures all modern protected Wi-Fi networks. An attacker within range of a victim can exploit these weaknesses using key reinstallation attacks (KRACKs). Concretely, attackers can use this novel attack technique to read information that was previously assumed to be safely encrypted. This can be abused to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos, and so on. The attack works against all modern protected Wi-Fi networks. Depending on the network configuration, it is also possible to inject and manipulate data. For example, an attacker might be able to inject ransomware or other malware into websites.

The weaknesses are in the Wi-Fi standard itself, and not in individual products or implementations. Therefore, any correct implementation of WPA2 is likely affected. To prevent the attack, users must update affected products as soon as security updates become available. Note that if your device supports Wi-Fi, it is most likely affected. During our initial research, we discovered ourselves that Android, Linux, Apple, Windows, OpenBSD, MediaTek, Linksys, and others, are all affected by some variant of the attacks. For more information about specific products, consult the database of CERT/CC, or contact your vendor.

The research behind the attack will be presented at the Computer and Communications Security (CCS) conference, and at the Black Hat Europe conference. Our detailed research paper can already be downloaded.
https://www.krackattacks.com/

Note: links in text not carried over, please check article.

Note: Microsoft has just released a fix with the very recent monthly Patch Day release for their WiFi protocoll stack.



User avatar
Addie
Posts: 28055
Joined: Mon Jun 15, 2009 6:22 am
Location: downstairs

Re: Cyber Security

#129

Post by Addie » Tue Nov 21, 2017 7:13 pm

Bloomberg
Uber Concealed Cyberattack That Exposed 57 Million Peoples Data

Hackers stole the personal data of 57 million customers and drivers from Uber Technologies Inc., a massive breach that the company concealed for more than a year. This week, the ride-hailing company ousted Joe Sullivan, chief security officer, and one of his deputies for their roles in keeping the hack under wraps.

Compromised data from the October 2016 attack included names, email addresses and phone numbers of 50 million Uber riders around the world, the company told Bloomberg on Tuesday. The personal information of about 7 million drivers were accessed as well, including some 600,000 U.S. driver’s license numbers. No Social Security numbers, credit card details, trip location info or other data were taken, Uber said.
Adding:
WaPo: Uber waits a year to reveal major hack of customer data


¡Sterngard! come home.

User avatar
RTH10260
Posts: 17671
Joined: Tue Mar 02, 2010 8:52 am
Location: Near the Swiss Alps

Re: Cyber Security

#130

Post by RTH10260 » Tue Nov 21, 2017 9:18 pm

Addie wrote:
Tue Nov 21, 2017 7:13 pm
:snippity:
Adding:
WaPo: Uber waits a year to reveal major hack of customer data
According to the WaPo article an insider job by two (now former) employees. They were paid a ransom money to delete the data.



User avatar
RTH10260
Posts: 17671
Joined: Tue Mar 02, 2010 8:52 am
Location: Near the Swiss Alps

Re: Cyber Security

#131

Post by RTH10260 » Sat Dec 16, 2017 6:55 pm

ROBOT Attack: RSA TLS crypto attack worked against Facebook, PayPal, and tens of 100 top domains
December 13, 2017 By Pierluigi Paganini

ROBOT ATTACK – Security experts have discovered a 19-year-old flaw in the TLS network security protocol that affects many software worldwide.
The security researchers Hanno Böck and Juraj Somorovsky of Ruhr-Universität Bochum/Hackmanit, and Craig Young of Tripwire VERT, have discovered a 19-year-old vulnerability in the TLS network security protocol in the software several tech giants and open-source projects.

The flaw in RSA PKCS #1 v1.5 encryption affects the servers of 27 of the top 100 web domains, including Facebook and PayPal, it could be exploited by an attacker to decrypt encrypted communications.

The researchers dubbed the flaw ROBOT, which stands for Return Of Bleichenbacher’s Oracle Threat.

“ROBOT is the return of a 19-year-old vulnerability that allows performing RSA decryption and signing operations with the private key of a TLS server.” the researchers explained.

“In 1998, Daniel Bleichenbacher discovered that the error messages given by SSL servers for errors in the PKCS #1 1.5 padding allowed an adaptive-chosen ciphertext attack; this attack fully breaks the confidentiality of TLS when used with RSA encryption.

We discovered that by using some slight variations this vulnerability can still be used against many HTTPS hosts in today’s Internet.”


Today we are still discussing the ROBOT attack because the mitigations drawn up at the time were not enough and many software vendors did not properly implement these protections.

“The real underlying problem here is that the protocol designers decided (in 1999) to make workarounds for using an insecure technology rather than replace it with a secure one as recommended by Bleichenbacher in 1998.” said Young.

http://securityaffairs.co/wordpress/666 ... ttack.html



User avatar
RTH10260
Posts: 17671
Joined: Tue Mar 02, 2010 8:52 am
Location: Near the Swiss Alps

Re: Cyber Security

#132

Post by RTH10260 » Sat Dec 16, 2017 7:03 pm

RTH10260 wrote:
Sat Dec 16, 2017 6:55 pm
ROBOT Attack: RSA TLS crypto attack worked against Facebook, PayPal, and tens of 100 top domains
:snippity:
This website offers a tool to check your visited websites on this soft spot. 15 free tests offered, then requires a license. Win Mac versions.

https://sslrobot.io/



User avatar
RTH10260
Posts: 17671
Joined: Tue Mar 02, 2010 8:52 am
Location: Near the Swiss Alps

Re: Cyber Security

#133

Post by RTH10260 » Sat Dec 16, 2017 7:05 pm

RTH10260 wrote:
Sat Dec 16, 2017 6:55 pm
ROBOT Attack: RSA TLS crypto attack worked against Facebook, PayPal, and tens of 100 top domains
:snippity:
A technical descritpion of this attack (for nerds only) in this PDF:
https://eprint.iacr.org/2017/1189.pdf
Return Of Bleichenbacher’s Oracle Threat
(ROBOT)
https://robotattack.org/

This link contains also a test feature for your target web site



User avatar
Addie
Posts: 28055
Joined: Mon Jun 15, 2009 6:22 am
Location: downstairs

Re: Cyber Security

#134

Post by Addie » Thu Jan 25, 2018 3:12 pm

Reuters
Tech firms let Russia probe software widely used by U.S. government

WASHINGTON/MOSCOW (Reuters) - Major global technology providers SAP (SAPG.DE), Symantec (SYMC.O) and McAfee have allowed Russian authorities to hunt for vulnerabilities in software deeply embedded across the U.S. government, a Reuters investigation has found.

The practice potentially jeopardizes the security of computer networks in at least a dozen federal agencies, U.S. lawmakers and security experts said. It involves more companies and a broader swath of the government than previously reported.

In order to sell in the Russian market, the tech companies let a Russian defense agency scour the inner workings, or source code, of some of their products. Russian authorities say the reviews are necessary to detect flaws that could be exploited by hackers. (Graphic: tmsnrt.rs/2sZudWT)

But those same products protect some of the most sensitive areas of the U.S government, including the Pentagon, NASA, the State Department, the FBI and the intelligence community, against hacking by sophisticated cyber adversaries like Russia.

Reuters revealed in October that Hewlett Packard Enterprise (HPE.N) software known as ArcSight, used to help secure the Pentagon’s computers, had been reviewed by a Russian military contractor with close ties to Russia’s security services.


¡Sterngard! come home.

User avatar
Lani
Posts: 4048
Joined: Fri Nov 16, 2012 4:01 pm
Location: Some island in the Pacific

Re: Cyber Security

#135

Post by Lani » Thu Jan 25, 2018 5:40 pm

:shock:

Does this mean the coup this complete?


Insert signature here: ____________________________________________________

User avatar
Judge Roy Bean
Posts: 381
Joined: Mon Aug 15, 2016 12:26 pm
Location: West of the Pecos
Occupation: Isn't it obvious?

Re: Cyber Security

#136

Post by Judge Roy Bean » Sat Jan 27, 2018 1:14 pm

I suspect many here are of an age where this might be relevant:

https://krebsonsecurity.com/2018/01/reg ... -guard-up/ :shock:


“Where all think alike, no one thinks very much.”
Walter Lippmann

User avatar
Addie
Posts: 28055
Joined: Mon Jun 15, 2009 6:22 am
Location: downstairs

Re: Cyber Security

#137

Post by Addie » Mon Jan 29, 2018 10:22 am

Thank you :geezerette:
Judge Roy Bean wrote:
Sat Jan 27, 2018 1:14 pm
I suspect many here are of an age where this might be relevant:

https://krebsonsecurity.com/2018/01/reg ... -guard-up/ :shock:


¡Sterngard! come home.

User avatar
Addie
Posts: 28055
Joined: Mon Jun 15, 2009 6:22 am
Location: downstairs

Re: Cyber Security

#138

Post by Addie » Mon Jan 29, 2018 10:32 am

Axios
Scoop: Trump team considers nationalizing 5G network ...

Between the lines: A source familiar with the documents' drafting says Option 2 is really no option at all: a single centralized network is what's required to protect America against China and other bad actors. ...

Why it matters: Option 1 would lead to federal control of a part of the economy that today is largely controlled by private wireless providers. In the memo, the Trump administration likens it to "the 21st century equivalent of the Eisenhower National Highway System" and says it would create a “new paradigm” for the wireless industry by the end of Trump's current term. ...

The PowerPoint presentation says that the U.S. has to build superfast 5G wireless technology quickly because “China has achieved a dominant position in the manufacture and operation of network infrastructure,” and “China is the dominant malicious actor in the Information Domain.” To illustrate the current state of U.S. wireless networks, the PowerPoint uses a picture of a medieval walled city, compared to a future represented by a photo of lower Manhattan.

The best way to do this, the memo argues, is for the government to build a network itself. It would then rent access to carriers like AT&T, Verizon and T-Mobile. (A source familiar with the document's drafting told Axios this is an "old" draft and a newer version is neutral about whether the U.S. government should build and own it.)
Adding:
The Hill: FCC chair opposes nationalizing 5G network
Business Insider: The Trump administration is exploring a nationalized 5G wireless network — which would throw the future of the wireless industry into question
Bloomberg: FCC Head and Wireless Lobby Oppose U.S. Bid to Build a 5G Network


¡Sterngard! come home.

User avatar
RTH10260
Posts: 17671
Joined: Tue Mar 02, 2010 8:52 am
Location: Near the Swiss Alps

Re: Cyber Security

#139

Post by RTH10260 » Mon Jan 29, 2018 1:07 pm

Addie wrote:
Mon Jan 29, 2018 10:32 am
Axios
Scoop: Trump team considers nationalizing 5G network ...

:snippity:
:snippity:
:brickwallsmall: :brickwallsmall: :brickwallsmall:

So a Republican adminsitration that ought to be following the political guidelines of a "small government", one that has started to decimate its department leadership and engouraged an exodus from its staffer, wants to build a telecomm network from scratch? They intend to build a new agency at the bleeding edge of the telecomm industry? Techies under the guidance of bloviating politicians in leading positions? Those that will ask for funds that nobody wants and block what line management asks for development? Create an agency where all the tech knowlege is missing and the only knowlege in R&D are to be located at the existing telecomm companies, where they already have been working for five years on the foundations and implementation of 5G wireless networks. How does one lure those creative minds into a government structure with limited pay and career options?

:brickwallsmall: :brickwallsmall: :brickwallsmall:

PS. yes - I did see the term "nationalizing" - better not think about it when one hears the outcry by Americans who lost their cash when other countires suddenly nationalized their investment.



User avatar
Addie
Posts: 28055
Joined: Mon Jun 15, 2009 6:22 am
Location: downstairs

Re: Cyber Security

#140

Post by Addie » Sat Feb 10, 2018 10:35 am

New York Times
U.S. Spies, Seeking to Retrieve Cyberweapons, Paid Russian Peddling Trump Secrets

BERLIN — After months of secret negotiations, a shadowy Russian bilked American spies out of $100,000 last year, promising to deliver stolen National Security Agency cyberweapons in a deal that he insisted would also include compromising material on President Trump, according to American and European intelligence officials.

The cash, delivered in a suitcase to a Berlin hotel room in September, was intended as the first installment of a $1 million payout, according to American officials, the Russian and communications reviewed by The New York Times. The theft of the secret hacking tools had been devastating to the N.S.A., and the agency was struggling to get a full inventory of what was missing.

Several American intelligence officials said they made clear that they did not want the Trump material from the Russian, who was suspected of having murky ties to Russian intelligence and to Eastern European cybercriminals. He claimed the information would link the president and his associates to Russia. Instead of providing the hacking tools, the Russian produced unverified and possibly fabricated information involving Mr. Trump and others, including bank records, emails and purported Russian intelligence data.

The United States intelligence officials said they cut off the deal because they were wary of being entangled in a Russian operation to create discord inside the American government. They were also fearful of political fallout in Washington if they were seen to be buying scurrilous information on the president.


¡Sterngard! come home.

User avatar
gupwalla
Posts: 2779
Joined: Sun Jul 07, 2013 12:57 pm
Location: The mind of Cassandra

Re: Cyber Security

#141

Post by gupwalla » Sat Feb 10, 2018 10:48 am

Hrm. :?:

1. Spies talking to the press. Always worth asking whether the talking is about the spying or part of the spying.

2. You can't 'retrieve' stolen software. You'll maybe get a copy of it, which would confirm who has access to it. That's the most you get.

3. It might be worth $100k to 'make' a suspected spy in hopes he'll be taken out of circulation.

That's the best I've got. Because at face value it's a stupid plan stupidly executed.


In a wilderness of mirrors, what will the spider do beyond the circuit of the shuddering Bear in fractured atoms? -TS Eliot (somewhat modified)

All warfare is based on deception. - Sun Tzu

User avatar
gupwalla
Posts: 2779
Joined: Sun Jul 07, 2013 12:57 pm
Location: The mind of Cassandra

Re: Cyber Security

#142

Post by gupwalla » Sat Feb 10, 2018 2:12 pm

Statement from CIA office of public affairs:

"The people swindled here were James Risen and Matt Rosenberg. The fictional story that CIA was bilked out of $100,000 is patently false."



Rosenberg is doubling down in the comments. We didn't say CIA was source of the funds, said it was back channels, etc etc blah blah.

Spooks who talk to the press are working an agenda, and good reporters ought to reflect on that before publishing.


In a wilderness of mirrors, what will the spider do beyond the circuit of the shuddering Bear in fractured atoms? -TS Eliot (somewhat modified)

All warfare is based on deception. - Sun Tzu

User avatar
Addie
Posts: 28055
Joined: Mon Jun 15, 2009 6:22 am
Location: downstairs

Re: Cyber Security

#143

Post by Addie » Sat Feb 10, 2018 2:38 pm

Thanks, Guppy.


¡Sterngard! come home.

User avatar
RTH10260
Posts: 17671
Joined: Tue Mar 02, 2010 8:52 am
Location: Near the Swiss Alps

Re: Cyber Security

#144

Post by RTH10260 » Sat Feb 10, 2018 3:58 pm

gupwalla wrote:
Sat Feb 10, 2018 10:48 am
Hrm. :?:

1. Spies talking to the press. Always worth asking whether the talking is about the spying or part of the spying.

2. You can't 'retrieve' stolen software. You'll maybe get a copy of it, which would confirm who has access to it. That's the most you get.

3. It might be worth $100k to 'make' a suspected spy in hopes he'll be taken out of circulation.

That's the best I've got. Because at face value it's a stupid plan stupidly executed.
The article also notes:
and the agency was struggling to get a full inventory of what was missing.



User avatar
Addie
Posts: 28055
Joined: Mon Jun 15, 2009 6:22 am
Location: downstairs

Re: Cyber Security

#145

Post by Addie » Sun Feb 11, 2018 10:25 pm

I don't have this straight in my head and it's past my thinking time :yawn: , but according to this DU thread, there's twitter buzz going on about this story connecting to the Trump boyz and Trump Tower.

---------------

Associated Press
Russian accused of running Dark Web market nabbed in Thailand

BANGKOK -- Police in Thailand announced Friday they have arrested a Russian national accused by U.S. authorities of running an online cybercrime marketplace where everything from stolen credit card information to hardware for compromising ATM machines could be purchased.

Police said that Sergey Medvedev was arrested at his Bangkok apartment on Feb. 2 at the request of U.S. authorities.

The U.S. Justice Department on Wednesday announced indictments against 36 people accused of being active in the Infraud Organization -- founded in 2010 and operated under the slogan "In Fraud We Trust" -- which was an anonymous online forum that the department described as a "one-stop shop for cybercriminals." It said it had nearly 11,000 members who traded more than 4.3 million credit cards, debit cards and bank accounts worldwide, leading to losses of more than $530 million for legitimate users and businesses. ...

Thai Police Maj. Nuthapong Rattanamongkolsak, the arresting officer, said U.S. officials had tracked the group for several years but only recently started to make arrests.

"Before the operation could be ready, they had to recheck their targets in various countries," Nutthapong said, adding that the case against the Infraud Organization began in 2014 when a U.S. Homeland Security officer sent an undercover agent to sign up as a member of the Dark Web forum.


¡Sterngard! come home.

User avatar
gupwalla
Posts: 2779
Joined: Sun Jul 07, 2013 12:57 pm
Location: The mind of Cassandra

Re: Cyber Security

#146

Post by gupwalla » Tue Feb 13, 2018 10:58 pm

For the sake of completeness, here is a rundown of the CIA side of the "CIA got duped" story reported upthread. This is based on Director Pompeo's testimony before the SSCI on 2/13:
* From the CIA standpoint, these were two separate incidents. One, the CIA was attempting to trace materials stolen from the US government. (Pompeo does not describe the nature of the materials.) Two, the CIA was approached by two individuals proferring allegedly compromising material about President Trump. Pompeo describes the two activities as "unrelated."

* The CIA believes these same two individuals also proferred the compromising materials to Risen and Rosenberg, and I must assume a cover story linking the separate CIA stolen materials investigation. (And hey, there are two of them with similar stories, so there's your Journalistic Standard Two Source Verification.)

* The CIA denies making or offering any payments to those two individuals, either directly or indirectly.

* The CIA denies the stories as written and calls the reporting "ridiculous" and "totally inaccurate."
The stories - as written - are patently ridiculous, so I have to give the upper hand here to the CIA's public version.

I could spin off a few wild speculative guesses as to what is really going on here, but I'm confident that (a) the Risen and Rosenberg stories do not reflect reality and (b) Pompeo's testimony is probably a reflection of the truth. Such is the nature of spycraft.

(Pompeo, for what it is worth, came across as one of the Good Guys at today's SSCI hearing. I was pleasantly surprised.)


In a wilderness of mirrors, what will the spider do beyond the circuit of the shuddering Bear in fractured atoms? -TS Eliot (somewhat modified)

All warfare is based on deception. - Sun Tzu

User avatar
DejaMoo
Posts: 4062
Joined: Tue Jan 25, 2011 1:19 pm
Occupation: Agent of ZOG

Re: Cyber Security

#147

Post by DejaMoo » Wed Feb 14, 2018 7:40 am

Given that the average Jane/Joe doesn't distinguish between the CIA and the FBI, I wonder if the real goal behind this caper was to make US intelligence agencies look even worse (stupid, incompetent, politically compromised) in the eyes of the American public.



User avatar
pipistrelle
Posts: 5385
Joined: Wed Oct 19, 2016 11:26 am

Re: Cyber Security

#148

Post by pipistrelle » Wed Feb 14, 2018 7:49 am

DejaMoo wrote:
Wed Feb 14, 2018 7:40 am
Given that the average Jane/Joe doesn't distinguish between the CIA and the FBI, I wonder if the real goal behind this caper was to make US intelligence agencies look even worse (stupid, incompetent, politically compromised) in the eyes of the American public.
I know the difference. Ammon Bundy told me the FBI investigates bureaus.



User avatar
Addie
Posts: 28055
Joined: Mon Jun 15, 2009 6:22 am
Location: downstairs

Re: Cyber Security

#149

Post by Addie » Wed Feb 21, 2018 9:44 am

The Guardian
Study reveals North Korean cyber-espionage has reached new heights

An increasingly sophisticated North Korean cyber-espionage unit is using its skills to widen spying operations to aerospace and defence industries, a new study has revealed.

FireEye, a US private security company that tracks cyber-attackers around the world, has identified a North Korean group, which it names APT37 (Reaper) and which it says is using malware to infiltrate computer networks.

The report suggests the group has been active since 2012, but has now graduated to the level of an advanced persistent threat.

Until now, the group has substantially focused its cyber-espionage efforts on South Korea, but FireEye outlines evidence that it “has expanded its operations in both scope and sophistication”.

“We assess with high confidence that this activity is carried out on behalf of the North Korean government,” the report says.

The group’s cyber operation is now said to be targeting Japan, Vietnam and the Middle East and is attempting to steal secrets from companies and organisations involved in the chemical, electronics, manufacturing, aerospace, automotive and healthcare industries.


¡Sterngard! come home.

User avatar
Addie
Posts: 28055
Joined: Mon Jun 15, 2009 6:22 am
Location: downstairs

Re: Cyber Security

#150

Post by Addie » Sun Feb 25, 2018 5:50 pm

Business Insider
New York is quietly working to prevent a major cyber attack that could bring down the financial system ...

In 2016, hackers attacked companies in the financial services sector more than companies in any other industry, according to IBM. Over 200 million financial records were breached that year, a 937% increase from 2015. And that's not including the incidents that were never made public.

As hackers become more sophisticated and cyber attacks more routine, New York is on notice. Home to the most valuable stock exchange on Earth, New York City is the financial capital of the world. When the market moves here, it moves everywhere.

So it was no surprise when in September 2016, Gov. Andrew Cuomo announced that the New York State Department of Financial Services (NYDFS) was gearing up to implement sweeping, first-of-their-kind cybersecurity regulations to protect the state's financial services industry — an unprecedented move no other state or federal agency had taken anywhere in the US.

Cybersecurity in New York's financial industry was previously governed by voluntary frameworks and suggested best practices. But the NYDFS introduced, for the first time, regulations that would be mandatory, including charging firms fines if they didn't comply. ...

"My big criticism of the regulations is there's no clear consequence for non-compliance," Tom Boyden, a cybersecurity expert who helps companies defend against cyber attacks, told Business Insider. "If companies don't feel like there's going to be any consequence for any action on their part, companies aren't going to take [the regulations] seriously."


¡Sterngard! come home.

Post Reply

Return to “Computers & Internet”