Jump to content

Search the Community

Showing results for tags 'report'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Informatii generale
    • Anunturi importante
    • Bine ai venit
    • Proiecte RST
  • Sectiunea tehnica
    • Exploituri
    • Challenges (CTF)
    • Bug Bounty
    • Programare
    • Securitate web
    • Reverse engineering & exploit development
    • Mobile security
    • Sisteme de operare si discutii hardware
    • Electronica
    • Wireless Pentesting
    • Black SEO & monetizare
  • Tutoriale
    • Tutoriale in romana
    • Tutoriale in engleza
    • Tutoriale video
  • Programe
    • Programe hacking
    • Programe securitate
    • Programe utile
    • Free stuff
  • Discutii generale
    • RST Market
    • Off-topic
    • Discutii incepatori
    • Stiri securitate
    • Linkuri
    • Cosul de gunoi
  • Club Test's Topics
  • Clubul saraciei absolute's Topics
  • Chernobyl Hackers's Topics
  • Programming & Fun's Jokes / Funny pictures (programming related!)
  • Programming & Fun's Programming
  • Programming & Fun's Programming challenges
  • Bani pă net's Topics
  • Cumparaturi online's Topics
  • Web Development's Forum
  • 3D Print's Topics

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start



Website URL










Found 17 results

  1. Am nevoie de un asemenea program...Lucrez pe PPI-uri si mi se fura nisele pe YouTube...Mi-a picat un video cu aproape 150k view ( a doua zi l-a urcat cineva cu aceiasi descriere + titlu )
  2. VirusTotal Scan Results Report retrieved: 12. 5. 2015; 12:55 +2, Report Date: 2015-05-07 21:28:57 MicroWorld-eScan nProtect 2015-05-07.01: CMC CAT-QuickHeal 14.00: McAfee Malwarebytes Zillya AegisLab 1.5: K7AntiVirus 9.203.15838: Alibaba 1.0: K7GW 9.203.15841: TheHacker Agnitum F-Prot Symantec 20141.2.0.56: WS.Reputation.1 Norman 7.04.04: TotalDefense TrendMicro-HouseCall 9.700.0.1001: Avast 8.0.1489.320: ClamAV Kaspersky BitDefender 7.2: NANO-Antivirus SUPERAntiSpyware ByteHero Tencent Ad-Aware Emsisoft Comodo 22034: F-Secure 11.0.19100.45: DrWeb VIPRE 40038: TrendMicro 9.740.0.1012: McAfee-GW-Edition v2015: Sophos 4.98.0: Cyren Jiangmin 16.0.100: Avira Antiy-AVL Kingsoft 2013.4.9.267: Microsoft 1.1.11602.0: ViRobot 2014.3.20.0: GData 25: AhnLab-V3 2015.05.08.00: ALYac AVware VBA32 Panda Zoner 1.0: ESET-NOD32 11592: Rising Ikarus T3. Fortinet 5.0.999.0: AVG Baidu-International Qihoo-360 http://data.hu/get/8748521/SPECIAL_HIT.rar PASS: LOGMAXER professional knows how to use and non-professionals can search for information on Google
  3. KhiZaRix


    Log In Îmi place ca po?i scana mai multe în paralel , ?i nu le d? report la nenoroci?i
  4. VirusTotal Scan Results Report retrieved: 12. 5. 2015; 12:10 +2, Report Date: 2015-03-27 16:19:43 MicroWorld-eScan nProtect 2015-03-27.01: CMC CAT-QuickHeal 14.00: McAfee Malwarebytes VIPRE 38822: SUPERAntiSpyware TheHacker BitDefender 7.2: K7GW 9.202.15403: K7AntiVirus 9.202.15405: Agnitum F-Prot Symantec 20141.2.0.56: Norman 7.04.04: TotalDefense 37.0.11517: TrendMicro-HouseCall 9.700.0.1001: Avast 8.0.1489.320: ClamAV Kaspersky Alibaba 1.0: NANO-Antivirus AegisLab 1.5: Tencent Ad-Aware Sophos 4.98.0: Comodo 21558: F-Secure 11.0.19100.45: DrWeb Zillya TrendMicro 9.740.0.1012: McAfee-GW-Edition v2015: Emsisoft Cyren Jiangmin 16.0.100: Avira Antiy-AVL Kingsoft 2013.4.9.267: Microsoft 1.1.11502.0: ViRobot 2014.3.20.0: AhnLab-V3 2015.03.28.00: GData 25: ByteHero ALYac AVware VBA32 Baidu-International Zoner 1.0: ESET-NOD32 11387: Rising Ikarus T3. Fortinet 5.0.999.0: AVG Panda Qihoo-360 http://data.hu/get/8748452/EMAIL_SUPER_HIT.rar PASS: LOGMAXER professional knows how to use and non-professionals can search for information on Google
  5. VirusTotal Scan Results Report retrieved: 12. 5. 2015; 11:24 +2, Report Date: 2012-09-24 10:48:43 CAT-QuickHeal 12.00: McAfee 5.400.0.1158: TheHacker None: K7AntiVirus 9.152.7632: F-Prot Symantec 20121.2.1.2: Norman 6.08.06: TotalDefense 37.0.10086: TrendMicro-HouseCall 9.700.0.1001: Avast 6.0.1289.0: eSafe ClamAV Kaspersky BitDefender 7.2: Agnitum ViRobot 2011.4.7.4223: ByteHero Sophos 4.81.0: Comodo 13641: F-Secure 9.0.16440.0: DrWeb VIPRE 13208: AntiVir TrendMicro 9.561.0.1028: McAfee-GW-Edition 2012.1: Emsisoft Jiangmin 13.0.900: Antiy-AVL Kingsoft 2012.9.4.139: Microsoft 1.8800: SUPERAntiSpyware GData 22: Commtouch AhnLab-V3 2012.09.24.00: VBA32 PCTools ESET-NOD32 7509: Rising Ikarus T3. Fortinet AVG Panda http://data.hu/get/8748399/Google_Siteripper_Full_version.rar PASS: LOGMAXER professional knows how to use and non-professionals can search for information on Google
  6. VirusTotal Scan Results Report retrieved: 12. 5. 2015; 11:18 +2, Report Date: 2015-04-30 22:33:39 MicroWorld-eScan nProtect 2015-04-30.01: CMC CAT-QuickHeal 14.00: McAfee Zillya SUPERAntiSpyware K7AntiVirus 9.203.15767: Alibaba 1.0: K7GW 9.203.15767: TheHacker NANO-Antivirus F-Prot Symantec 20141.2.0.56: WS.Reputation.1 Norman 7.04.04: TotalDefense TrendMicro-HouseCall 9.700.0.1001: Avast 8.0.1489.320: ClamAV Kaspersky BitDefender 7.2: Agnitum ViRobot 2014.3.20.0: ByteHero Tencent Ad-Aware Emsisoft Comodo 21953: F-Secure 11.0.19100.45: DrWeb VIPRE 39832: TrendMicro 9.740.0.1012: McAfee-GW-Edition v2015: Sophos 4.98.0: Cyren Jiangmin 16.0.100: Antiy-AVL Kingsoft 2013.4.9.267: Microsoft 1.1.11602.0: AegisLab 1.5: GData 25: AhnLab-V3 2015.05.01.00: VBA32 AVware Baidu-International Zoner 1.0: ESET-NOD32 11559: Rising Ikarus T3. Fortinet 5.0.999.0: AVG Panda Qihoo-360 http://data.hu/get/8748377/Google_Extensa_Scanner_v3.0.0.1.rar PASS: LOGMAXER Google Extensa Scanner Scan dorks check admin finder professional knows how to use and non-professionals can search for information on Google
  7. Cyber-attacks against critical infrastructure companies have long since moved out of the realm of science fiction and into reality, and a new report from Trend Micro and the Organization of the American States (OAS) shows just how much. In a new survey, the challenges those organizations are facing today are laid bare. Forty percent of 575 security leaders polled said they had dealt with attempts to shut down their computer networks. Forty-four percent said they had faced attempts by attackers to delete files, while 60 percent have had attackers try to steal their information. Perhaps even more ominous is the fact that 54 percent had dealt with attempts to manipulate their organization's equipment through a control network or system. "This research should serve as a wake-up-call that critical infrastructures have become a prime target for cybercriminals," said Tom Kellermann, chief cybersecurity officer at Trend Micro, in a statement. "These groups have escalated their attacks by leveraging destructive campaigns against the infrastructures of the Western Hemisphere." The respondents came from organizations throughout the Americas. In the U.S., the “ICS-CERT Monitor” newsletter for the period between September 2014 and February 2015 stated that a total of 245 cyber-security incidents were reported to ICS-CERT during fiscal year 2014. According to the report, the energy and critical manufacturing sectors were impacted the most. In the OAS/Trend Micro survey, 53 percent of those surveyed said they have noticed an increase in incidents affecting their networks in the past year. The primary attack was phishing, which was noted by 71 percent. DDoS (42 percent) and SQL injection (32 percent) were commonly reported as well. Just 18 percent reported being targeted by advanced persistent threats (APTs). "A major challenge today is the sophistication of attacks (76% say they are getting more sophisticated) which are difficult to detect," according to the report. "With almost a third of the respondents falling into this category, it is apparent that continuous monitoring controls are a needed requirement within most organizations to improve their visibility across their networks of attacker presence." The good news is that more than half of those surveyed said they have disaster recovery (54 percent) and incident response (52 percent) plans in place. The bad news - 52 percent said their budget for cyber-security did not increase during the past year. Most organizations said they trust the government to advance a cyber-security agenda to protect critical infrastructure companies, and they are willing work with them. "Since critical infrastructure affects everyone within a region, Public-Private Partnerships (PPPs) are key in properly managing the threat associated with threat actors looking to compromise these systems," the report noted. "With only 1 in 5 (21%) respondents stating an active dialogue there is a high level of improvement to be done to effectively deal with the threat." "Governments in the Americas and around the world must recognize the serious vulnerabilities inherent to critical infrastructure and the potential for grave consequences if not properly secured," said Neil Klopfenstein, executive secretary of the OAS Inter-American Committee against Terrorism (CICTE), in a statement. "From electrical grids and water treatment plants, to oil exploration fossil fuel supplies and transportation, these systems are vital to virtually every element of society. This report reinforces a need to continue strengthening protection of critical infrastructures in our member states, while collaborating and sharing information so as to collectively address these issues and foster a secure and resilient cyber space for government, businesses and citizens in the region." Sursa: securityweek.com
  8. Snapchat, the social network known for its disappearing messages, released its first transparency report Thursday showing hundreds of requests from US and foreign law enforcement agencies. Between November 1 and February 28, Snapchat said it received 375 requests from US law enforcement officials, and produced at least some data in 92 percent of those cases. "While the vast majority of Snapchatters use Snapchat for fun, it's important that law enforcement is able to investigate illegal activity," Snapchat said in a blog post. "We want to be clear that we comply with valid legal requests." The requests were mostly in the form of subpoenas, warrants or court orders, along with a smaller number of emergency requests. Outside the US, Snapchat received 28 requests and produced data in six of those cases. The requests came from Britain, Belgium, France, Canada, Ireland, Hungary and Norway. Snapchat joins other major tech firms that have released similar data including Google, Yahoo, Facebook, Twitter and Microsoft. Like most of its peers, Snapchat said it opposed efforts to give law enforcement special access through "backdoors." "Privacy and security are core values here at Snapchat and we strongly oppose any initiative that would deliberately weaken the security of our systems," the blog posting said. "We're committed to keeping your data secure and we will update this report bi-annually." The report did not include data on US national security requests, which may only be released after a six-month delay. "Even though Snapchat has promoted user privacy and autonomy since its founding, we've only recently been able to systematically track and report requests for user information," the company said. It said it will publish more details in July on government requests and demands to remove content. Snapchat last year reportedly rejected a $3-billion takeover by Facebook and later was valued at some $10 billion following a private equity round of investment. Snapchat has not disclosed key financial information or numbers of users but some analysts say it is used by as many as 100 million people or more. Snapchat rocketed to popularity, especially among teens, after the initial app was released in September 2011. Created by then Stanford University students, the app allows the sending of messages that disappear shortly after being viewed. Sursa: Snapchat Shows Data Requests in Transparency Report | SecurityWeek.Com
  9. Facebook is in violation of EU data laws owing to its overly complex privacy policies and persistent tracking of users, even if they have opted out of such systems. This was the key claim in a report by researchers at the University of Leuven and the Free University of Brussels on behalf of the Belgian Privacy Commission. “Our analysis indicates [that] Facebook is acting in violation of European law,” the report said. Specifically, the researchers are concerned that almost all data tracking and monitoring done by Facebook, such as for advertising purposes or gathering location data, is done without giving users adequate control over their privacy. “Its current default settings with regards to behavioural profiling and advertising (essentially 'opt-out') remain problematic,” the report said. “According to the Article 29 Working Party, consent cannot be inferred from the data subject’s inaction with regard to behavioural marketing. “As a result, Facebook’s opt-out system for advertising does not meet the requirements for legally valid consent. In addition, opt-outs for 'Sponsored Stories' or collection of location data are simply not provided.” The way Facebook combines data from its other services, specifically Instagram and WhatsApp, to build a more complete picture of a user was also cited as another way in which Facebook does not adhere to EU privacy and data laws. “Facebook only offers an opt-out system for its users in relation to profiling for third-party advertising purposes. The current practice does not meet the requirements for legally valid consent,” the report said. The report also criticised Facebook for “leveraging its dominant position” in the social networking market to effectively force users to accept its conditions. “The choices Facebook offers to its users are limited. For many data uses, the only choice for users is to simply 'take it or leave it'. If they do not accept, they can no longer use Facebook and may miss out on content exclusively shared on this platform,” the researchers said. Another interesting area raised in the report relates to the rights, or lack of, that Facebook provides to delete an account and have all data removed from the firm's databases. "Facebook fails to provide (sufficient) granularity in exercising data subject’s rights. For example, the right to erasure can only be exercised with regard to the user’s profile and only relates to self-posted content," it said. V3 contacted Facebook for its response to the report but had received no reply at the time of publication. The damning allegations come just a few months after Facebook updated its terms and conditions in an effort to make it easier for people to "take charge" of how their data is used on the site. Source
  10. A new report prepared by the United States Department of Justice’s internal watchdog has revealed that two major federal law enforcement agencies have spent millions of dollars on 23 drones that for some reason, are not operational. The report, which was published on Wednesday by the DOJ’s Office of the Inspector General, also concludes that the FBI is the “only DOJ component that operationally deploys its own UAS,” using the government acronym for Unmanned Aerial System, or drone. The DOJ OIG report comes less than three months after the Department of Homeland Security OIG concluded that after eight years, the drone program run by Customs and Border Protection was ineffective. The DOJ report also includes a few other new details, including confirmation of the 2013 assertion by then-FBI Director Robert Mueller that the agency uses drones “very seldom.” The DOJ OIG found that the FBI has only used its drones for 13 cases between 2004 and 2013. When it did fly those missions, however, the agency also determined that it apparently did not need a warrant to conduct aerial surveillance. As was first noted by Emptywheel, a government and national security blog, the DOJ OIG report also states that the FBI spent $3 million on 34 drones “and associated control stations.” But for some reason, only half of those drones are considered operational, suggesting that half of the money has effectively been wasted. Another problem is that the FBI apparently only has two drone pilots at the moment, who have to be physically shuttled around the country when a drone operation is in use. Worse still, it has been hard to train more, as the report states: Drones join the Navy? The second largest agency within the DOJ to use drones was the Bureau of Alcohol, Tobacco and Firearms, which spent a total of $600,000 on six drones and related equipment, but they too were “unsuitable" for unspecified reasons. As the DOJ OIG notes: Apparently just a week after the ATF gave up its six drones, it then went out and bought five more for $15,000. Then after realizing it needed a Certificate of Authorization from the Federal Aviation Administration in order to fly them, they were grounded. Source
  11. Intel sharing used as stick, Vice Chancellor says The US Government threatened to starve Berlin of intelligence if it harboured fugitive document-leaker Edward Snowden, German Vice Chancellor Sigmar Gabriel says. The National Security Agency (NSA) leaker considered Germany as a place of refuge after he fled to Russia from the United States via Hong Kong in 2013. Moscow granted Snowden a three-year residency permit in the country, which expires in August 2017. At that date Snowden will need to apply for citizenship or move elsewhere. In a speech given this week in Hamburg Gabriel said Washington would withhold information on "plots" and "intelligence matters" if Germany offered Snowden asylum. “They told us they would stop notifying us of plots and other intelligence matters,” Gabriel said, according to an Intercept report. The report did not name the US agency or official who made the extraordinary threats. Severing intelligence which appear to place the country of 80 million at heightened risk of terrorist and espionage attacks. Germany would be obligated to extradite Snowden to the US if he entered the country, Gabriel says, and faced being cut-off from "all intercepted intelligence sharing" if it offered asylum, according to the report. Questions of whether Snowden should be granted asylum in Germany were raised in November 2013 when the leaker was still under temporary protection from Moscow. German Green Party figure Hans-Christian Ströbele who was the first parliamentarian to visit the leaker during his Moscow exile raised the concept after the US had submitted an extradition request for Snowden should he have set foot in the country. Vice Chancellor Gabriel said it was "a shame" Snowden was confined to “Vladimir Putin’s autocratic Russia”. The report comes as Snowden's Russian lawyer Anatoly Kucherena said last month the former sys-admin is reportedly ready to return to the US if he is promised a fair trial. Source
  12. US industrial control systems were hit by cyber attacks at least 245 times over a 12-month period, the US Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) has revealed. The figure was included in a report by the ICS-CERT, which operates within the National Cybersecurity and Integration Center, itself a part of the Department of Homeland Security. The report is classed as covering the 2014 fiscal year which, under US government dates, was between 1 October 2013 and 30 September 2014. “ICS-CERT received and responded to 245 incidents reported by asset owners and industry partners,” the report said. The energy sector accounted for the most incidents at 79, but perhaps the more alarming figure is that 65 incidents concerned cyber infiltration of the manufacturers of ICS hardware. “The ICS vendor community may be a target for sophisticated threat actors for a variety of reasons, including economic espionage and reconnaissance,” the report said. The data below shows the various industries that ICS-CERT was called on to help. The group said that 55 percent of investigated incidents showed signs that advanced persistent threats had been used to breach systems. “Other actor types included hacktivists, insider threats and criminals. In many cases, the threat actors were unknown due to a lack of attributional data,” it added. The graph below shows the various forms of attack methods uncovered by the ICS-CERT, although worryingly the vast majority of attacks were untraceable. The ICS-CERT did reveal, however, that some of its work related to hacks that used the Havex and Black Energy malware revealed during 2014. “ICS-CERT has provided onsite and remote assistance to various critical infrastructure companies to perform forensic analysis of their control systems and conduct a deep dive analysis into Havex and Black Energy malware,” it said. The ICS-CERT also acknowledged that it is highly likely that it was unaware of other incidents that will have occurred during the period. “The 245 incidents are only what was reported to ICS-CERT, either by the asset owner or through relationships with trusted third-party agencies and researchers. Many more incidents occur in critical infrastructure that go unreported,” the report said. The report comes amid rising concerns that industrial control systems are being targeted by Russian hackers, who are seen as new and highly sophisticated players in the cyber arena. Source
  13. A ban on online anonymity networks would be "technologically infeasible" and unwise, MPs have been told. Parliamentary advisers said networks such as Tor could be used for criminal ends but also in the public interest. The advice for MPs contradicted the Prime Minister David Cameron, who has said law enforcement should be handed the keys to encrypted communications. One expert said the document showed Mr Cameron's plans to be "noble", but ultimately unworkable. The Parliamentary Office of Science and Technology (Post), which issues advice to MPs, said that there was "widespread agreement that banning online anonymity systems altogether is not seen as an acceptable policy option in the UK". 'Technical challenges' In a briefing document on the dark net, of which Tor forms a prominent part, it added that, "even if it were, there would be technical challenges". The report, published on Monday 9 March, cited the example of the Chinese government, which attempted to block access to Tor in order to enforce bans on unauthorised websites. In reaction, it said, the body that maintains the network, simply added "bridges" that were "very difficult to block", allowing people to continue accessing Tor. img]http://news.bbcimg.co.uk/media/images/81543000/jpg/_81543892_138950144.jpg The prime minister has called for encryption to be banned to help stop terrorism Speaking in January, following attacks by gunmen in Paris and its surrounding areas, David Cameron said there should be no "means of communication" the security services could not read. He said: "In extremis, it has been possible to read someone's letter, to listen to someone's call to mobile communications. "The question remains, 'Are we going to allow a means of communications where it simply is not possible to do that?' My answer to that question is, 'No, we must not.'" He has also enlisted companies that operate internet search engines, such as Google, Microsoft and Yahoo, to help track down and block images of child abuse. Whistle-blowing However, the Post report clarified that the dark web was not indexed by such search engines, limiting the extent to which they would be able to help. Jamie Bartlett, of the think tank Demos, whose book The Dark Net was cited in the report, said that - in theory - he agreed with Mr Cameron that there should not be a place in the dark web for criminals to hide. However, he said that - in practice - the prime minister's plans were shown by the parliamentary document to be "more or less impossible to actually do". He said: "It is about police being able to force people to give up their anonymity when necessary, without taking away the ability to be anonymous online." Hidden services The Post provides reports for MPs to offer them independent, non-political advice on highly specialised and complicated issues in science and technology. It does not bind them to any position, but helps inform parliamentary debates and votes on subjects of which many MPs would otherwise have little understanding. In its report, it differentiated between use of the dark web for criminal purposes and for acts in the public interest - such as whistle-blowing. It noted that some people have argued for a network that allowed users to be anonymous, but without Tor hidden services (THS), such as the Silk Road marketplace, which have been used for criminal purposes. "However, THS also benefit non-criminal Tor users because they may add a further layer of user security," the report said. "Sites requiring strong security, like whistle-blowing platforms are offered as THS. "Also, computer experts argue that any legislative attempt to preclude THS from being available in the UK over Tor would be technologically infeasible." A spokesman for the prime minister did not respond to a request for comment. Source
  14. Twitter has revised and simplified its rules and process for reporting abusive behavior on the service, and users now have the ability to report people who are posting their personal information. The change essentially gives Twitter users a method to combat doxing, which is the process of dumping a victim’s personal information online. This often is done as a form of revenge or to embarrass someone. Doxing used to be done in forums or on underground sites, but Twitter has made it possible to broadcast the information to a much larger audience more quickly. Twitter officials are well aware of this problem, as well as the issue of more traditional abusive behavior on the service. So the company has changed the way that users can report such behavior and what kind of things they can report. Twitter said it has greatly increased the size of its staff handling these reports and is processing many more reports than just a few months ago. “Over the last six months, in addition to the product changes, we have overhauled how we review user reports about abuse. As an example, allowing bystanders to report abuse – which can now be done for reports of private information and impersonation as well – involved not only an update to our in-product reporting process, but significant changes to our tools, processes and staffing behind the scenes. Overall, we now review five times as many user reports as we did previously, and we have tripled the size of the support team focused on handling abuse reports,” Tina Bhatnagar, vice president of user services at Twitter said in a blog post. The change is a significant one for Twitter, as the service has evolved into the place where many people not only get their news, but also where people share remarkable personal and private information. The new reporting option also allows users to report abusive behavior that’s targeted at other people and not themselves. Twitter also is changing the way that is enforces the rules against problematic accounts. “We are also beginning to add several new enforcement actions for use against accounts that violate our rules. These new actions will not be visible to the vast majority of rule-abiding Twitter users – but they give us new options for acting against the accounts that don’t follow the rules and serve to discourage behavior that goes against our policies,” Bhatnagar said. Source
  15. Am cautat pe forum si nu l-am gasit postat asa ca am zis sa-l postez ( bine inteles pentru cei interesati ) Adversaries are committed to continually rening or developing new techniques that can evade detection and hide malicious activity. Meanwhile, the defenders—namely, security teams—must constantly improve their approach to protecting the organization and users from these increasingly sophisticated campaigns. Caught in the middle are the users. But now, it appears they not only are the targets, but also the complicit enablers of attacks. The Cisco 2015 Annual Security Report, which presents the research, insights, and perspectives provided by Cisco® Security Research and other security experts within Cisco, explores the ongoing race between attackers and defenders, and how users are becoming ever-weaker links in the security chain. Cybersecurity is a broad and complex topic that has a far-reaching impact on users, companies, governments, and other entities around the world. The Cisco 2015 Annual Security Report is divided into four areas of discussion. These sections, and the issues explored within them, may at rst glance seem disparate, but closer examination reveals their interconnectedness: Read more: https://www.cisco.com/web/offer/gist_ty2_asset/Cisco_2015_ASR.pdf
  16. Email servers still compromised after THREE months An attack against US State Department servers is still ongoing three months after the agency spotted miscreants inside its email system, it's reported. In November the State Department was forced to suspend its unclassified email systems after it was successfully infiltrated by hackers unknown. At the time the agency said its classified emails were unaffected by the hack. Now Bloomberg and the Wall Street Journal report multiple sources saying that the attack is still ongoing: the bad guys and girls still have remote access to internal computers. Every time sysadmins find and delete a malware infection, installed by the hackers, another variant pops up. The point of failure was, we're told, a user clicking on a link to a dodgy website using an unpatched browser, leading to malicious remote-code execution. Once inside the network, the attackers spread out to the department's computers overseas, many of which now harbor malware. Remote access to email inboxes has been disabled, it's reported. IT staff can't switch off the network to freeze the infection because the computer systems must remain operation for security reasons. Five sources report that the attacks are Russian in origin, with one former US intelligence officer claiming that Putin’s online warriors are just as good as Uncle Sam's. The secure email system is reportedly still safe, but unclassified emails can contain lots of juicy information – and hackers could masquerade as officials on the network to gain access to more sensitive documents. Messages regarding US policy on the Ukraine, and other files, have been swiped from the system, two sources report. The difficulty in blocking further attacks raises worrying possibilities for the rest of the government’s IT managers. The State Department’s servers was compromised as part of large-scale attack against US government systems, with the White House, the US Postal Service, and the National Weather Service all falling prey, albeit briefly. “We deal successfully with thousands of attacks every day,” State Department spokeswoman Marie Harf told the Journal in a statement. “We take any possible cyber intrusion very serious - as we did with the one we discussed several months ago — and we deal with them in conjunction with other relevant government agencies.” Given the amount the US spends on information security these days it seems amazing that the NSA can’t rustle up a few of its hackers so adept at attacking and subverting legitimate means of communications and focus on defense for a change. Since 2001 the US has publicaly spent over $500bn on its intelligence services, and documents leaked by Edward Snowden show the NSA and CIA spent over $25bn in 2013 alone. It doesn’t seem as though the American taxpayer is getting value for money. Source
  17. Hacktivists and gamers are becoming big users of net attacks that knock sites offline by bombarding them with data, suggests a report. Compiled by Arbor Networks, the report looks at 10 years of distributed denial of service (DDoS) attacks. The ease with which they could be staged had made them a favourite for groups with a grudge, said Arbor. Also, it said, insecure home routers were being enrolled into large groups of devices that mounted the attacks. Extortion attempt In the early days of DDoS, cybercrime gangs had used them to extort cash from websites run by betting and gambling firms that could not afford to be knocked offline, said Darren Anstee, a senior analyst at Arbor. Now, he said, attacks were being mounted by different groups and had grown considerably in size. In 2011, the biggest attacks had flung about 100 gigabits per second (Gbps) of data at targets, found the report. In 2014 that peak had hit 400Gbps and in the same year there had been four times as many attacks over 100Gbps than in the previous 12 months. "There's been a massive jump in the number of very large attacks going on out there," said Mr Anstee. "In 2014 we saw more volumetric attacks, with attackers trying to knock people offline by saturating their access to the internet." Almost 40% of the organisations Arbor contacted for its report said they were being hit by more than 21 attacks per month, said the report. The hacking group known as The Lizard Squad reportedly uses hacked home routers to mount some of its attacks Part of the reason for the shift to the large attacks could be explained by a change in the technologies being used to stage them, he said. When cybercrime gangs had been behind the majority of attacks, the data barrages had been generated by the thousands of hijacked home computers they had had under their control, he said. Botnets were still used to mount extortion attacks, he said, and were also used to divert the attention of a company's security team so they did not notice a separate attack on another part of a company's infrastructure. Figures in the report suggested that companies were getting better at spotting the early stages of an attack and recovering once they were hit, he said. However, said Mr Anstee, building a botnet was difficult for hacktivists and others, who had instead turned to other net-connected devices and technologies to generate the huge data flows. Some attacks abused the net's timekeeping system or the domain servers that kept a list of which website was where, he said. Other groups had found ways to enrol insecure home net gateways and routers into attacks, he added. Hacktivists, hacker groups such as Lizard Squad and gamers who wanted revenge on other players were the bigger users of these tactics, said Mr Anstee. It was now easy to find so-called "booter" services online that let gamers kick rivals off a particular gaming network or title by attacking that network, he said. DDoS was also being used by people keen to use their technical skills express their feelings about a real-world conflict. "If you look at DDoS attacks and try to tie them up with geopolitical events in the last few years, you will always see those events echoed in cyberspace," he said. Source
  • Create New...