Reply With QuoteHonda halts Japan car plant after WannaCry virus hits computer network
http://reut.rs/2sU6jvK
South Korean hosting co. pays $1m ransom to end eight-day outage
Criminals were talked down from 4.4M USDs...
https://www.theregister.co.uk/2017/0...a_pays_ransom/
Last edited by OUTLAW 09; 06-20-2017 at 06:54 AM.
Honda halts Japan car plant after WannaCry virus hits computer network
http://reut.rs/2sU6jvK
Nuclear war fears had a public component of "duck and cover".
Cyber war fears should have a public component of "patch and update".
Here in NZ, due to our recent and serious seismic activity, we've had a national resilience campaign for personal preparation in case of a future disaster.
I believe strongly that we are well past the point where we should be conducting national continuous "patch and update" campaigns, to the point of aggressive nudging behaviour in perpetual pursuit of herd device immunity.
"Loose lips sink ships" for the age of interconnectivity.
Quantum entanglement as a means of potential cyber/coms resilience:
https://www.scientificamerican.com/a...ntum-internet/
I knew quantum computing would be an eventual game changer with even recent 1024 bit encryption, but was unaware of quantum entanglement being used as a potential tool to defend against hacking and cracking.
It's way over my head, but Moore's Law continues on its 52 year relentless journey.
A cyber attack the world isn't ready for
https://www.nytimes.com/2017/06/22/t...erweapons.html
Wannacry is the focus, but Doublepulsar backdoor may be a bigger threat
BTW...while the US Congress approved 200M USDs to fight Russian info warfare BUT US social media FB, Twitter, Instagram and others seem to be unable to control hate, violence and propaganda being posted minute by minute EVEN though they admit they could....
BTW...the Trump government has promised a propaganda pushback but not spent a single cent of the 200M USD...
BTW...the Germans have effectively told the US social media companies to either control what they know they can actually control and if not then 50K Euros per violation.....ACTUALLY not a problem for them to pay the fines as they make billions.....
At least the Germans are doing something compared to the apparent inaction of Trump who has 200M USDs to spend in this effort....
Last edited by davidbfpo; 06-25-2017 at 12:33 PM. Reason: brevity
Snapchat launches new feature that lets people know where you are at any moment
Not good for your own personal safety....
A former employee was sentenced to one year and one day in prison for damaging the IT networks of several water utility providers across the US East Coast.
http://securityaffairs.co/wordpress/...ks-hacked.html
Adam Flanagan (42) of Bala Cynwyd, PA was sentenced to#one year and one day in prison by a Pennsylvania court#for#damaging the IT networks of several water utility providers across the US East Coast.
The news was reported by#Bleeping Computer, the man#worked between November 2007 and November 2013 as engineer for an unnamed company that manufactured smart water, electric, and gas readers.
Among the Flanagan’s tasks, there was the set up#of Tower Gateway Basestations (TGB) for the customers, which were mainly water utility networks.
The Tower Gateway Basestations#are essential components for water facility networks composed of smart meters installed at people’s homes that exchange data with water facility operators’ systems.
These networks allow water facility operators to collect consumption#data and check the status of the installs at the customers’ homes.
On November 16, 2013, the company fired#Flanagan for undisclosed reasons, then the man decided to punish the company by shutting down the TGB stations paralyzing the water facility networks of the company customers. Flanagan also changed passwords on some TGBs, using offensive words.
The utility providers had to send out employees at customer homes to collect monthly readings about their consumption.
“According to court documents, the FBI tracked down Flanagan’s actions to six incidents in five cities across the US East Coast: Aliquippa (Pennsylvania), Egg Harbor (New Jersey), Kennebec (Maine), New Kensington (Pennsylvania), and Spotswood (New Jersey).”reported#Catalin Cimpanu#from#Bleepingcomputer.
The investigators were able to identify the former employee as the responsible of the incidents, then the US authorities filed charges on November 22, 2016.#Flanagan faced a maximum sentence of 90 years in prison, plus a $3 million fine. He pleaded guilty on March 7, 2017, before receiving his sentence on June 14, 2017.
Flanagan faced a maximum sentence of 90 years in prison, plus a $3 million fine. He pleaded guilty on March 7, 2017#and on June 14, 2017 he was sentenced to one year in the jail, let me say that judges were clement.
Last edited by OUTLAW 09; 06-26-2017 at 11:11 AM.
Pinkslipbot banking Trojan exploiting infected machines as control servers
http://securityaffairs.co/wordpress/...ng-trojan.html
Pinkslipbot banking Trojan is a banking Trojan that uses a complicated multistage proxy for HTTPS-based control server communication. Security researchers at McAfee Labs have spotted a new strain of the Pinkslipbot banking malware (also known as QakBot/QBot)
!!! Zero-day Skype flaw causes crashes, remote code execution (CVE-2017-9948) -
NOTE
All of the running information on the Russian deliberate cyber attack on Ukraine is being threaded on the Russian propaganda thread....as it is in fact a Russian targeted cyber attack...especially when one "sees" the control servers sitting deep inside Russia.....
Useful analyses on Petya, the camouflaged wiper targeting Ukraine
https://tisiphone.net/2017/06/28/why...uld-worry-too/ … https://medium.com/@thegrugq/pnyetya...47c-1498684536 … https://securelist.com/expetrpetyano...somware/78902/ …
Puppet Strings - Dirty Secret for Free Windows Ring 0 Code Execution https://zerosum0x0.blogspot.com/2017...-for-free.html …
Petya’s kill-chain diagram in Windows 10. Device Guard, Credential Guard, UEFI Secure Boot, AppLocker, KASLR, HALNX
https://blogs.technet.microsoft.com/...form=hootsuite …
ThreadContinue - Reflective Injection Using SetThreadContext() and NtContinue()
https://zerosum0x0.blogspot.com/2017...injection.html …
One interesting item is the limited execution time of 60 minutes.Originally Posted by OUTLAW 09
I'm not a cyber SME, but I wonder where 60 minutes sits on the continuum?
If on the low end, and assuming it was done so intentionally, does that mean this might have been meant as both an intentional attack(not ransomware) on Ukraine as well as a message NATO/EU/US unlikely to draw a direct cyber counterattack?
To me, if the 60 minute execution time is quite short, then it would seem to be designed to burn out like digital Ebola with a limited incubation period, instead of lingering like the Plague.
You have some interesting comments....there is nothing by accident on this malware....appears to be sloppy in coding but highly destructive when unleashed...appears to be ransomware but it is really a wiper of MBF of computer...and interestingly when detected by say AV or MS Defender software it immediately starts to destroy the MBF with no hesitation whatsoever...
Coupled with a LASDump hacking tool designed to collect all passwords laterally from the infected pc as well as all lateral domain servers and pass that info via exfil then this was in fact a highly thought through cyber attack...setting up the network for future easier attacks...
BTW..you are correct..by appearing to be at first a ransomware they slide under the Article 5 radar......that was intentional...
Alone the damage to Maersk Shipping was a total of 480M USDs...that is a lot of damage for a so called ransomware.
PLUS the choice of targets were exactly what you would expect from a direct cyber invasion...banks and ATMs, fuel points, food stores, radio and TV and social media, transportation ground and air and the central bank....all designed to create panic and confusion in the first hours...
https://www.theguardian.com/technolo...ukraine-russia
A ransomware attack that affected at least 2,000 individuals and organisations worldwide on Tuesday appears to have been deliberately engineered to damage IT systems rather than extort funds, according to security researchers.
The attack began in Ukraine, and spread through a hacked Ukrainian accountancy software developer to companies in Russia, western Europe and the US. The software demanded payment of $300 (£230) to restore the user’s files and settings.
The malware’s advanced intrusion techniques were in stark contrast with its rudimentary payment infrastructure, according to a pseudonymous security researcher known as “the grugq”.
The researcher said the software was “definitely not designed to make money” but “to spread fast and cause damage, [using the] plausibly deniable cover of ‘ransomware’”.
This analysis was supported by UC Berkley academic Nicholas Weaver, who told the infosec blog Krebs on Security: “I’m willing to say with at least moderate confidence that this was a deliberate, malicious, destructive attack or perhaps a test disguised as ransomware.”
Last edited by OUTLAW 09; 07-06-2017 at 05:40 PM.
https://www.bloomberg.com/news/artic...-intelligence#In early May six U.S. intelligence and law enforcement agency chiefs were asked in an open Senate hearing whether they’d let their networks use Kaspersky software, often found on Best Buy shelves. The answer was a unanimous and resounding no. The question, from Florida Republican Marco Rubio, came out of nowhere, often a sign a senator is trying to indirectly draw attention to something learned in classified briefings.
Eugene Kaspersky took to Reddit to respond. Claims about Kaspersky Lab’s ties to the Kremlin are “unfounded conspiracy theories” and “total BS,” the company’s boisterous, barrel-chested chief executive officer wrote.
A scrimmage in a Border Station
A canter down some dark defile
Two thousand pounds of education
Drops to a ten-rupee jezail
http://i.imgur.com/IPT1uLH.jpg
WARNING
Russian trolls are attacking twitter users with an app that makes Twitter think you're trying to approve a malicious third party app, causing Twitter to lock your account for safety reasons.
Don't fret, you've not been hacked, this is part... of an intense pro-active troll-farm op designed to keep users from discussing the crumbling Trump presidency.
Russia sees their asset (Trump) falling apart and are doing everything to control the news. It's a hail-mary pass.
Today we have seen over 2.5M Russian controlled Twitter bots swarming out to block as many anti Trump twitter accounts that are reporting on anything pertaining to Trump, Trump Jr. and Russians.
Currently Trump Followers have climbed to 1.8M in just under four weeks AND all are non human bots that is averaging 450K per week and that costs a lot of money to create even on the criminal side of twitter.
This is a concentrated attack against non Trump supporters on Twitter AND Twitter Support has remained largely silent.....WHY is that.
This is the third type of Russian twitter attack in the last ten days...
There is now a true Russian social media info war and it is up front and in your face and the US government also says nothing.
WARNING
Private Email of Top U.S. Russia Intelligence Official Hacked http://foreignpolicy.com/2017/07/14/...cial-hacked/#…
Some are saying APT28 GRU again.
Posting Permissions
Bookmarks