At last week’s Black Hat 2011 conference, the Central Intelligence Agency’s former director of operations, Cofer Black, made the claim that the security community has a unique opportunity to influence and educate government decision makers about cybersecurity because awareness of the issue among power players in Washington has never been higher.
Proof of Black’s point has perhaps never been more evident than it was Thursday night during the Republican presidential debate. During the lively two-hour debate, which aired on Fox News Channel, moderator Bret Baier of FNC asked presidential candidate Jon Huntsman, former Utah governor and former ambassador to China under President Barack Obama, whether he would consider cyberattacks acts of war.
In his question, Baier seemed to reference Operation Shady RAT, the McAfee Inc. research effort revealed last week that led to the identification of 72 compromised, intruded parties, all relevant to the national security posture of the U.S. or other nations, broken down into 32 unique organization categories in 14 different countries over a five-year period. While McAfee’s report stops short of naming China as the perpetrator or addressing the China cyberwar issue specifically, experts believe China to be the source behind the attacks, which involved the theft of closely guarded and classified national secrets, negotiation plans and exploration details for new oil and gas field auctions, SCADA configurations, design schematics and numerous other pieces of sensitive information. Of course speculation in the industry has been rampant for years that China has been behind numerous other cyberattacks.
“Absolutely,” Huntsman said in response to whether a cyberattack should be considered an act of war. “This is the new warfield.” He added that the U.S. should use the cyberespionage issue as not only an economic development tool, but also a national security tool to improve early warning capabilities, safeguards and countermeasures.
“We need a strategic dialogue at the highest levels between the United States and China. That is not happening,” Huntsman said. “This is a relationship – the United States and China – we are both on the world stage. As far as you can see into the 21st century, we are going to have to deal with the Chinese. We better get it right.”
by Robert Westervelt
The update to the Microsoft Malicious Software Removal Tool (MSRT) includes the removal of FakeSysdef, a pesky Trojan that poses as a system performance tool.
Microsoft has bolstered its Malicious Software Removal Tool this month to include a signature that detects and removes FakeSysdef, a Trojan that has been successfully tricking people by posing as a system performance tool. According to engineers at Microsoft’s Malware Protection Center blog, the Trojan masqueraded as a program called System Defragmenter last December. It’s also surfaced under different names including Scan Disk and Check Disk.
Victim’s run across the program in poisoned search engine results. As Microsoft explains, the malware spread fairly easily thanks to the multitude of exploit toolkits that have the search engine poisoning built in as a feature.
Creators of the Trojan and rogue security software are notorious for using exploit kits and “search result poisoning”, or Black SEO, to launch installers of their malware. For example, malware creators could use an image search poisoning scheme to deliver poisoned search results to users that search for a photo of a popular or public person. When opening a (malicious) returned search results page, the user could become infected by way of a drive-by download that executes
The bad news for victims is that the Trojan can be really pesky. If the message to purchase performance improvements is ignored, the malware “reboots the machine repeatedly until they activate the fake fix.”
FakeSysdef is very much like rogue antivirus programs, which latch onto potential victims by poisoning search engine results. We’ve been keeping track of the highs and lows of rogue antivirus. Brian Krebs of KrebsonSecurity reported last month that international law enforcement was making some headway against Russian cybercriminal gangs peddling rogue antivirus.
There’s no doubt that the game of wack-a-mole will continue in this area.
"Anonymous" vows to "kill" Facebook
Some of these so-called whitehat infosec firms are working for authoritarian governments, such as those of Egypt and Syria. Everything you do on Facebook stays on Facebook regardless of your "privacy" settings, and deleting your account is impossible, ...
New York Daily News
Anonymous threatens Facebook with Guy Fawkes Day attack
Some of these so-called whitehat infosec firms are working for authoritarian governments, such as those of Egypt and Syria," the news release detailed. One of the scariest quotes from Anonymous' message is when they stated: "This is our world now. ...
Anonymous: Facebook's going down November 5
Anonymous To "Destroy" Facebook On 5th November
Anonymous vows to 'destroy' Facebook on Nov5
Posted by InfoSec News on Aug 10http://www.darkreading.com/security/vulnerabilities/231300312/getting-root-on-the-human-body.html
Posted by InfoSec News on Aug 10http://www.informationweek.com/news/cloud-computing/infrastructure/231300449
Posted by InfoSec News on Aug 10http://www.computerworld.com/s/article/9219056/Booz_Allen_CEO_downplays_effect_of_Anonymous_hack
Posted by InfoSec News on Aug 10http://news.cnet.com/8301-31921_3-20090434-281/security-flaw-found-in-feds-digital-radios/
Posted by InfoSec News on Aug 12http://www.darkreading.com/security/attacks-breaches/231400084/operation-shady-rat-attackers-employed-steganography.html
Posted by InfoSec News on Aug 12http://www.theregister.co.uk/2011/08/11/cyberwar_fallacies_revealed/
Posted by InfoSec News on Aug 12========================================================================
Posted by InfoSec News on Aug 12http://www.eweek.com/c/a/Security/Security-Breach-Hits-Wisconsin-University-Server-with-Student-Faculty-SSNs-842032/
Posted by InfoSec News on Aug 11http://www.massdevice.com/news/medtronic-insulin-pump-hacker-not-big-deal
Posted by InfoSec News on Aug 11http://fcw.com/articles/2011/08/08/home-page-tech-briefing-apt-cybersecurity.aspx
Posted by InfoSec News on Aug 11http://www.theregister.co.uk/2011/08/10/gprs_cellphone_call_snooping/
Posted by InfoSec News on Aug 11https://www.fas.org/blog/secrecy/2011/08/af_cyber.html
Posted by InfoSec News on Aug 11http://www.computerworld.com/s/article/9219081/Microsoft_patches_final_Pwn2Own_IE_bug
Posted by InfoSec News on Aug 10http://news.xinhuanet.com/english2010/china/2011-08/10/c_131041172.htm
Posted by InfoSec News on Aug 12http://www.computerworlduk.com/news/security/3296294/uk-admins-lack-skills-to-spot-hackers-says-pentest-expert/