Site Overlay

The New Attack: Penetrate and Tailor

In its latest security report Cisco identifies a trend I hadn’t heard of before with malware writers: Closer inspection of those computers they’ve successfully penetrated to see whether there’s something interesting there, and then if there is targeting that company (or organisation) with a more tailored follow-up attack: Attackers can—and do— segregate infected computers into interest areas and modify their methods accordingly. For example, after initial infection by a common downloader Trojan, subsequent information may be collected from infected machinesto identify those systems more likely to lead to sensitive information. Subsequently, those “interesting” machines may be delivered an entirely different set of malware than wouldContinue readingThe New Attack: Penetrate and Tailor

Taking Shady RAT to the Next Level

I know I’ve drawn attention to this before, but the timeline of McAfee’s Operation Shady RAT by Dmitri Alperovitch raises questions again about WikiLeaks’ original data. Alperovitch points out that their data goes back to mid-2006: We have collected logs that reveal the full extent of the victim population since mid-2006 when the log collection began. Note that the actual intrusion activity may have begun well before that time but that is the earliest evidence we have for the start of the compromises. This was around the time that Julian Assange was building up the content that, he recounted in emails at the time, that his hardContinue readingTaking Shady RAT to the Next Level

Libya’s Stuxnet?

A group of security professionals who have good credentials and strong links to the U.S. government have outlined a Stuxnet-type attack on Libyan infrastructure, according to a document released this week. But is the group outlining risks to regional stability, or is it advocating a cyber attack on Muammar Gadhafi? The document, Project Cyber Dawn (PDF), was released on May 28 2011 by CSFI – the Cyber Security Forum Initiative, which describes itself as non-profit organization headquartered in Omaha, NE and in Washington DC with a mission “to provide Cyber Warfare awareness, guidance, and security solutions through collaboration, education, volunteer work, and training to assist theContinue readingLibya’s Stuxnet?

The Gmail Phish: Why Publicize, and Why Now?

This Google Gmail phishing case has gotten quite a bit of attention, so I thought I’d throw in my two cents’ worth. (These are notes I collated for a segment I did for Al Jazeera earlier today. I didn’t do a particularly good job of getting these points across, and some of the stuff came in after it was done. ) Google says the attack appears to originate from Jinan, but doesn’t offer evidence to support that. I think it would be good if they did. Jinan is the capital of Shandong Province, but it’s also a military region and one of at least sixContinue readingThe Gmail Phish: Why Publicize, and Why Now?

Osama bin Laden’s Death on Twitter

(Updated timeline to include subsequent accounts) There was, by all accounts, no Internet or phone access to Bin Laden’s compound. Had there been, might he have known about the attack in advance from social media? This depends on what was being said on twitter, and when. Although lots of people in Pakistan are on Facebook, twitter would have been more useful. There’s no clear timeline yet about when the US launched its attack on the compound. But had Osama’s people been monitoring the keyword ‘abbottabad’ (or people who had previously mentioned the word), which would have been smart, they would have known that something wasContinue readingOsama bin Laden’s Death on Twitter

Jeremy Wagstaff: Technology Shapes Revolution – WSJ.com

Was social media the driving force behind the uprisings in Tunisia and Egypt? Commentators in the West are divided. Some insist that Hosni Mubarak would never have fallen without Facebook and Twitter. To which others respond that these tools promote only weak forms of organization and were incidental to the protests gaining momentum. The question is of more than academic interest to those either trying to predict when the next regime fall will come or, perhaps, trying to help it along. via online.wsj.com An oped piece I wrote for the Journal. I’ll post my original text later.

“One Technician Unplugged The Estonian Internet”

In all the hoo-ha about the Arab Revolutions some interesting WikiLeaks cables seem to be slipping through the net. Like this one from 2008 about Estonia’s view of the cyberattack on Georgia. Estonia had learned some tough lessons from Russia’s cyberattack on its defenses the previous year, so was quick to send cyber-defense experts to “help stave off cyber-attacks emanating in Russia”, according to the Baltic Times at the time. The cable, dated Sept 22 2008, reports on meetings with Estonian officials on both the lessons from its own experience and some candid commentary on Georgia’s preparedness and response. Here are some of the points:Continue reading“One Technician Unplugged The Estonian Internet”

Podcast: Social Media and Social Conflict

The BBC World Service Business Daily version of my piece on the relationship between communications and political change .  (The Business Daily podcast is here.)    Loose Wireless 110216 To listen to Business Daily on the radio, tune into BBC World Service at the following times, or click here.  Australasia: Mon-Fri 0141*, 0741  East Asia: Mon-Fri 0041, 1441  South Asia: Tue-Fri 0141*, Mon-Fri 0741  East Africa: Mon-Fri 1941  West Africa: Mon-Fri 1541*  Middle East: Mon-Fri 0141*, 1141*  Europe: Mon-Fri 0741, 2132  Americas: Tue-Fri 0141*, Mon-Fri 0741, 1041, 2132 Thanks to the BBC for allowing me to reproduce it as a podcast.

Data, WikiLeaks and War

I’m not going to get into the rights and wrongs of the WikiLeaks thing. Nor am I going to look at the bigger implications for the balance of power between governed and governing, and between the U.S. and its allies and foes. Others have written much better than I can on these topics. I want to look at what the cables tell us about the sorting, sifting and accessing of this information. In short, what does this tell us about how the world’s most powerful nation organized some of its most prized data? To start, with, I want to revisit a conversation I had sittingContinue readingData, WikiLeaks and War

Copyright © 2020 loose wire blog. All Rights Reserved. | Catch Sketch by Catch Themes