Tag Archives: EDD

[ISN] Some hackers make more than $80,000 a month — here’s how

http://www.businessinsider.com/we-found-out-how-much-money-hackers-actually-make-2015-7 By CALE GUTHRIE WEISSMAN Business Insider Jul. 14, 2015 It’s a known fact that hacking makes money. But how much money? And how do hackers carry out their internal dealings with one another so as not to step on each other’s toes? Much like the fine-tuned systems of mafias and gangs that act almost identically to businesses, hackers have also created their own extremely intricate systems — and the scale of their operations is astounding. Security researchers have been embedding themselves into these online underbellies to see precisely what’s going on. This way they can get an early look at the malware hackers are cooking up, while also learning just how the system works. The information security company Trustwave has been doing just this for years. It now has a lot to show for it, including discovering how much money a hacking gang makes and how precisely the cybercrime ecosystem works. Trustwave’s VP of Security Research Ziv Mador has put together a presentation he gives to customers so they can get a better handle on how to protect themselves. As he put it, it’s just a “glance of what we find.” But Mador has given Business Insider an exclusive look at the wheeling and dealing of hackers inside this secretive world — check it out below. […]




Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Massive leak reveals Hacking Team’s most private moments in messy detail

http://arstechnica.com/security/2015/07/massive-leak-reveals-hacking-teams-most-private-moments-in-messy-detail/ By Dan Goodin Ars Technica July 6, 2015 Privacy and human rights advocates are having a field day picking through a massive leak purporting to show spyware developer Hacking Team’s most candid moments, including documents that appear to contradict the company’s carefully scripted PR campaign. “Imagine this: a leak on WikiLeaks showing YOU explaining the evilest technology on earth! :-),” Hacking Team CEO David Vincenzetti wrote in a June 8 e-mail to company employees including Walter Furlan, whose LinkedIn profile lists him as the international sales engineer of the spyware developer. “You would be demonized by our dearest friends the activists, and normal people would point their fingers at you.” Other documents suggested the US FBI was among the customers paying for software that allowed targets to be surreptitiously surveilled as they used computers or smartphones. According to one spreadsheet first reported by Wired, the FBI paid Hacking Team more than $773,226.64 since 2011 for services related to the Hacking Team product known as “Remote Control Service,” which is also marketed under the name “Galileo.” One spreadsheet column listed simply as “Exploit” is marked “yes” for a sale in 2012, an indication Hacking Group may have bundled some sort of attack code that remotely hijacked targets’ computers or phones. Previously, the FBI has been known to have wielded a Firefox exploit to decloak child pornography suspects using Tor. Security researchers have also scoured leaked Hacking Team source code for suspicious behavior. Among the findings, the embedding of references to child porn in code related to the Galileo. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Why Cyber War Is Dangerous for Democracies

http://www.theatlantic.com/international/archive/2015/06/hackers-cyber-china-russia/396812/ By MOISÉS NAÍM The Atlantic June 25, 2015 This month, two years after his massive leak of NSA documents detailing U.S. surveillance programs, Edward Snowden published an op-ed in The New York Times celebrating his accomplishments. The “power of an informed public,” he wrote, had forced the U.S. government to scrap its bulk collection of phone records. Moreover, he noted, “Since 2013, institutions across Europe have ruled similar laws and operations illegal and imposed new restrictions on future activities.” He concluded by asserting that “We are witnessing the emergence of a post-terror generation, one that rejects a worldview defined by a singular tragedy. For the first time since the attacks of Sept. 11, 2001, we see the outline of a politics that turns away from reaction and fear in favor of resilience and reason.” Maybe so. I am glad that my privacy is now more protected from meddling by U.S. and European democracies. But frankly, I am far more concerned about the cyber threats to my privacy posed by Russia, China, and other authoritarian regimes than the surveillance threats from Washington. You should be too. Around the time that Snowden published his article, hackers broke into the computer systems of the U.S. Office of Personnel Management and stole information on at least 4 million (and perhaps far more) federal employees. The files stolen include personal and professional data that government employees are required to give the agency in order to get security clearances. The main suspect in this and similar attacks is China, though what affiliation, if any, the hackers had with the Chinese government remains unclear. According to the Washington Post, “China is building massive databases of Americans’ personal information by hacking government agencies and U.S. health-care companies, using a high-tech tactic to achieve an age-old goal of espionage: recruiting spies or gaining more information on an adversary.” […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Report: Hack of government employee records discovered by product demo

http://arstechnica.com/security/2015/06/report-hack-of-government-employee-records-discovered-by-product-demo/ By Sean Gallagher Ars Technica June 11, 2015 As officials of the Obama administration announced that millions of sensitive records associated with current and past federal employees and contractors had been exposed by a long-running infiltration of the networks and systems of the Office of Personnel Management on June 4, they claimed the breach had been found during a government effort to correct problems with OPM’s security. An OPM statement on the attack said that the agency discovered the breach as it had “undertaken an aggressive effort to update its cybersecurity posture.” And a DHS spokesperson told Ars that “interagency partners” were helping the OPM improve its network monitoring “through which OPM detected new malicious activity affecting its information technology systems and data in April 2015.” Those statements may not be entirely accurate. According to a Wall Street Journal report, the breach was indeed discovered in April. But according to sources who spoke to the WSJ’s Damian Paletta and Siobhan Hughes, it was in fact discovered during a sales demonstration of a network forensics software package called CyFIR by its developer, CyTech Services. “CyTech, trying to show OPM how its cybersecurity product worked, ran a diagnostics study on OPM’s network and discovered malware was embedded on the network,” Paletta and Hughes reported. And, according to federal investigators, that malware may have been in place for over a year. US intelligence agencies have joined the investigation into the breach. But it’s still not even clear what data was accessed by the attackers. Meanwhile, the breach has triggered outrage from unions representing federal employees. In a letter to OPM Director Katherine Archuleta, American Federation of Government Employees president J. David Cox expressed displeasure at the way OPM had handled the breach, calling the 18 months of credit monitoring and $1 million liability insurance OPM is offering federal employees “entirely inadequate, either as compensation or protection from harm.” […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] This Article Was Written With the Help of a ‘Cyber’ Machine

http://www.wsj.com/articles/is-the-prefix-cyber-overused-1425427767 By DANNY YADRON and JENNIFER VALENTINO-DEVRIES The Wall Street Journal March 4, 2015 These days, CyberPatriots go to CyberCamps. Washington wonks ponder a Cyber Red Cross. Last week, the Director of National Intelligence told Congress a “cyber Armageddon” is unlikely. This week, CBS Corp. will premiere the latest iteration of its long-running cops and crime franchise, “CSI: Cyber,” whose protagonist describes herself as cybercop and is based, the network says, on a real-life cyberpsychologist. For some, it is cyber-overload. Stop using the word,” Alex Stamos, the chief information security officer at Yahoo Inc. told a “Cybersecurity for a New America” conference in Washington last week. Earlier, Mr. Stamos quipped on Twitter that he had won “CyberBingo” at his table after a conference speaker warned of a “Cyber Pearl Harbor,” a term popularized by former Defense Secretary Leon Panetta in 2012. Mr. Stamos isn’t brushing off computer intrusions in his quest to hack away at “cyber” usage. As the guy in charge of keeping prying eyes out of one of the world’s most popular websites, you could say he is obsessed with them. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Australian politicians are reportedly using top-secret messaging app Wickr

http://mashable.com/2015/03/01/australia-politicians-wickr/ By Jenni Ryall mashable.com March 1, 2015 Australian politicians are reportedly using the secret messenging app Wickr to communicate with each other on the sly. According to The Australian, Communications Minister Malcolm Turnbull and Minister for Social Services Scott ­Morrison have been using the service to communicate about their dissatisfaction with Prime Minister Tony Abbott and the ongoing leadership crisis. It follows months of speculation regarding instability within the Liberal-National Coalition Government, which culminated in a vote on whether to declare Abbott’s position vacant. That motion was defeated, but it has not quelled the rumours that members of his government are secretly pushing for a change of leadership. Wickr has a secure file-shredding feature that destroys all communication on your device and claims it has “military-grade encryption.” On the app’s website, the company claims that no conversations can be tracked or monitored using the app, which may mean that The Australian received a tip regarding the top-secret communications between the two politicians. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] How hackers could attack hard drives to create a pervasive backdoor

http://arstechnica.com/information-technology/2015/02/how-hackers-could-attack-hard-drives-to-create-a-pervasive-backdoor/ By Sean Gallagher Ars Technica Feb 18, 2015 News that a hacking group within or associated with the National Security Agency compromised the firmware of hard drive controllers from a number of manufacturers as part of a 14-year cyber-espionage campaign has led some to believe that the manufacturers were somehow complicit in the hacking—either by providing source code to controller firmware or other technical support. But it’s long been established that hard drive controllers can be relatively easily reverse-engineered without any help from manufacturers—at least, without intentional help. Despite keeping hardware controller chip information closed, hard drive manufacturers’ use of standard debugging interfaces makes it relatively simple to dump their firmware and figure out how it works—even inserting malicious code that can trigger specific behaviors when files are accessed. Reverse-engineering it to the point of creating a stable alternative set of firmware for multiple vendors’ hard disk controllers that also includes persistent malware, however, is a significant feat of software development that only the most well-funded attacker could likely pull off on the scale that the “Equation group” achieved. Hard drive controller boards are essentially small embedded computers unto themselves—they have onboard memory, Flash ROM storage, and a controller chip that is essentially a custom CPU (usually based on the ARM architecture). They also generally have diagnostic serial ports, or other interfaces on the board, including some based on the JTAG board debugging interface. Using software such as Open On Chip Debugger (OpenOCD), you can even dump the “bootstrap” firmware from the controller and analyze it with an ARM disassembler. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] BMW patches security flaw that could have allowed hackers to unlock car doors

http://mashable.com/2015/02/03/bmw-connecteddrive-locks/ By Rex Santus Mashable.com 2/3/2015 BMW has mended a security flaw in its ConnectedDrive car connectivity system that affected 2.2 million cars, including Rolls-Royce and Mini cars, the company announced on Friday. It concerned software in the car that would have allowed hackers to open car doors. It highlights a oft-voiced concern around connected home products — sometimes called the Internet of Things — that household items would become vulnerable to malware or hacking. The update happens automatically, as soon as the vehicle connects to BMW’s servers, and includes the addition of HTTPS — the secure version of hypertext transfer protocol — to data transmissions via the ConnectedDrive system. A German automobile group called ADAC discovered the security flaw last year, opting to wait to disclose the discovery until BMW worked out a fix. The flaw has not been used in any attempted cyberattacks, according to both ADAC and BMW. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail