Forwarded from: Vic Vandal
Forwarded from: Vic Vandal
Forwarded from: Vic Vandal
http://breakingdefense.com/2015/09/wireless-hacking-in-flight-air-force-demos-cyber-ec-130/ By SYDNEY J. FREEDBERG JR. Breaking Defense September 15, 2015 NATIONAL HARBOR: Matthew Broderick in his basement, playing Wargames over a landline, is still the pop culture archetype of a hacker. But as wireless networks became the norm, new-age cyber warfare and traditional electronic warfare are starting to merge. Hackers can move out of the basement to the sky. In a series of experiments, the US Air Force has successfully modified its EC-130 Compass Call aircraft, built to jam enemy transmissions, to attack enemy networks instead. “We’ve conducted a series of demonstrations,” said Maj. Gen. Burke Wilson, commander of the 24th Air Force, the service’s cyber operators. “Lo and behold! Yes, we’re able to touch a target and manipulate a target, [i.e.] a network, from an air[craft].” What’s more, Wilson told reporters at the Air Force Association conference here, this flying wireless attack can “touch a network that in most cases might be closed” to traditional means. While he didn’t give details, many military networks around the world are deliberately disconnected from the Internet (“air-gapped”) for better security. You can try to get an agent or dupe to bring a virus-infected thumb drive to work, as reportedly happened with Stuxnet’s penetration of the Iranian nuclear program, but that takes time and luck. You unlock a lot more virtual doors if you can just hack a network wirelessly from the air. Israeli aircraft using BAE’s Suter system reportedly did just this to Syrian air defenses in 2007’s Operation Orchard, and the Navy is interested in the capability, but this is the first I’ve heard an Air Force general discuss it. Digital AESA radar can do much the same thing, as we’ve reported about the F-35. […]
https://blogs.oracle.com/maryanndavidson/entry/no_you_really_can_t Mary Ann Davidson Blog By User701213-Oracle Aug 10, 2015 I have been doing a lot of writing recently. Some of my writing has been with my sister, with whom I write murder mysteries using the nom-de-plume Maddi Davidson. Recently, we’ve been working on short stories, developing a lot of fun new ideas for dispatching people (literarily speaking, though I think about practical applications occasionally when someone tailgates me). Writing mysteries is a lot more fun than the other type of writing I’ve been doing. Recently, I have seen a large-ish uptick in customers reverse engineering our code to attempt to find security vulnerabilities in it.
http://www.zdnet.com/article/islamic-state-has-best-cyber-offence-of-any-terrorist-group/ By Stilgherrian ZDNet News June 5, 2015 “ISIS [also known as Islamic State] came onto the scene very quickly, but they already have arguably the best cyber offensive capability of any extremist movement out there, and it’s still early days,” Mikko Hypponen, chief research officer at F-Secure said. “We still haven’t seen real physical damage being done by any extremist group, and it’s probably going to take a while until we see it. But these guys are the first ones that actually have some existing hackers who have joined them and moved in from the West,” Hypponen told the AusCERT Information Security Conference on Australia’s Gold Coast in his keynote address on Friday morning. “It’s not yet really a big problem, but obviously this isn’t getting better, this is getting worse,” he said. One such hacker is Abu Hussain Al Britani, a British citizen that F-Secure had been tracking as a traditional hacker three years ago. They lost track of him two years ago, but found him again last summer in Syria. Al Britani has been kicked off Twitter around 20 times, but appears to be tweeting again this week. […]
http://www.defenseone.com/politics/2014/10/house-intel-chief-wants-increase-cyber-attacks-against-russia/95675/ By Patrick Tucker defenseone.com October 2, 2014 The United States should be conducting more disruptive cyber attacks against nations like Russia, according to Rep. Mike Rogers, R-Mich., chairman of the House Intelligence Committee. “I don’t think we are using all of our cyber-capability to disrupt” actors in Russia targeting U.S. interests, he said at The Washington Post’s cybersecurity summit on Thursday. Rogers cited attacks out of Russia on the U.S. financial sector, specifically against JP Morgan Chase in August, as an example of nation states targeting U.S. companies and financial interests. The FBI is currently investigating whether or not the attacks were a response to the financial sanctions that the United States placed on Russia in March. He didn’t directly implicate Putin’s government in the attack on JP Morgan Chase, but he called the attempted breaches a “decision [made] on the basis of sanctions,” and asked whether the intent was “to monitor transactions or go in destroy enough data to cause harm to transactions?” […]
http://www.bloomberg.com/news/2014-06-22/cybersecurity-skills-shortage-looms-in-singapore-southeast-asia.html By Brian Leonal Bloomberg.com June 22, 2014 Singapore’s ability to fight a rising threat from hackers is hindered by a skills shortage and lack of awareness among companies, according to the computer security firm that runs a state-supported training center. “We do see a lack of capability and capacity in skilled professionals, and that’s partly due to massive demand across the world that stretches an already small, existing pool of people,” Bryce Boland, Asia Pacific chief technology officer at Milpitas, California-based FireEye Inc. (FEYE), a cybersecurity firm, said in an interview in Singapore last week. Singapore, a global financial center which relies on its image as a safe and stable location to lure business, has suffered high-profile online attacks on government websites and security breaches involving companies’ client data in recent months. Cybersecurity risks pose a challenge as the government steps up efforts to link public facilities and infrastructure for real-time data in Southeast Asia’s only developed nation. “Organizations increasingly recognize that the approach toward cyber security must be organization-wide,” said Lyon Poh, head of IT Assurance and Security at KPMG LLP in Singapore. “However, they lack people with the experience to set up a comprehensive cyber security defense system to promptly detect and respond to cyber threats.” […]
http://www.networkworld.com/news/2014/032714-solutionary-280149.html By Ellen Messmer Network World March 27, 2014 Failures in patch management of vulnerable systems have been a key enabler of cybercrime, according to the conclusions reached in Solutionary’s annual Global Threat Intelligence Report out today, saying it sees botnet attacks as the biggest single threat. The managed security services provider, now part of NTT, compiled a year’s worth of scans of customers’ networks gathered through 139,000 network devices, such as intrusion-detections systems, firewall and routers, and analyzed about 300 million events, along with 3 trillion collected logs associated with attacks. Solutionary says it relies on several types of vendor products for these scans, including Qualys, Nessus, Saint, Rapid7, nCircle and Retina. Solutionary also looked at the latest exploit kits used by hackers, which include exploits from as far back as 2006. Solutionary found that half of the vulnerability scans it did on NTT customers last year were first identified and assigned CVE numbers between 2004 and 2011. “That is, half of the exploitable vulnerabilities we identified have been publicly known for at least two years, yet they remain open for an attacker to find and exploit,” Solutionary said in its Global Threat Intelligence Report. “The data indicates many organizations today are unaware, lack the capability, or don’t perceive the importance of addressing these vulnerabilities in a timely manner.” […]
… security enforcement mechanisms toward a sharing of security intelligence to improve security. Not all security technologies are currently capable of sharing intelligence, and many currently lack significant intelligence-sharing maturity and response-orchestration capability. The most important benefits ofintelligence sharing will come from sharing and the subsequent …
Gartner clients may access this research by clicking here.
This management book focuses on the crucial knowledge you'll need to become a great manager and leader. It will teach you the important management and leadership skills so others will call you "great"!