Tag Archives: October

[ISN] Word up: BlackEnergy SCADA hackers change tactics

www.theregister.co.uk/2016/01/28/blackenergy_tv_station_attack/ By John Leyden The Register 28 Jan 2016 A new BlackEnergy spear-phishing campaign is targeting more Ukrainian firms, including a television channel. A spear-phishing document found by Kaspersky Lab analysts mentions the far-right Ukrainian nationalist political party “Right Sector” and appears to have been used in an attack against a popular television channel in Ukraine. Ukrainian TV station “STB” was previously named as a victim of the BlackEnergy Wiper attacks in October 2015. The Russian-speaking BlackEnergy APT group are notoriously blamed for malware-based attacks against utilities that led to short power outages in the days before Christmas. The BlackEnergy APT group has been actively using spear-phishing emails carrying malicious Excel documents with macros to infect computers in a targeted network since the middle of last year. However, in January this year, Kaspersky Lab researchers discovered a new malicious document which infects the system with a BlackEnergy Trojan. Unlike the Excel documents used in previous attacks, this was a Microsoft Word document. […]




Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Hacked at sea: Researchers find ships’ data recorders vulnerable to attack

arstechnica.com/information-technology/2015/12/hacked-at-sea-researchers-find-ships-data-recorders-vulnerable-to-attack/ By Sean Gallagher Ars Technica Dec 10, 2015 When the freighter El Faro was lost in a hurricane on October 1, one of the goals of the salvage operation was to recover its voyage data recorder (VDR)—the maritime equivalent of the “black box” carried aboard airliners. The VDR, required aboard all large commercial ships (and any passenger ships over 150 gross tons), collects a wealth of data about the ship’s systems as well as audio from the bridge of the ship, radio communications, radar, and navigation data. Writing its data to storage within a protective capsule with an acoustic beacon, the VDR is an essential part of investigating any incident at sea, acting as an automated version of a ship’s logbook. Sometimes, that data can be awfully inconvenient. While the data in the VDR is the property of the ship owner, it can be taken by an investigator in the event of an accident or other incident—and that may not always be in the ship owner’s (or crew’s) interest. The VDRs aboard the cruise ship Costa Concordia were used as evidence in the manslaughter trial of the ship’s captain and other crewmembers. Likewise, that data could be valuable to others—especially if it can be tapped into live. It turns out that some VDRs may not be very good witnesses. As a report recently published by the security firm IOActive points out, VDRs can be hacked, and their data can be stolen or destroyed. The US Coast Guard is developing policies to help defend against “transportation security incidents” caused by cyber-attacks against shipping, including issuing guidance to vessel operators on how to secure their systems and reviewing the design of required marine systems—including VDRs. That’s promising to be a tall order, especially taking the breadth of systems installed on the over 80,000 cargo and passenger vessels in the world. And given the types of criminal activity recently highlighted by the New York Times’ “Outlaw Ocean” reports, there’s plenty of reason for some ship operators to not want VDRs to be secure—including covering up environmental issues, incidents at sea with other vessels, and sometimes even murder. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] DHS Contract Expands Anti-Hacker EINSTEIN Protection to Every Agency

www.nextgov.com/cybersecurity/2015/12/dhs-contract-expands-anti-hacker-einstein-protection-every-agency/124308/ By Aliya Sternstein Nextgov.com December 8, 2015 Internet Service Provider CenturyLink has won a multiyear contract worth up to $10.8 million dollars to fill gaps in a governmentwide firewall, according to the Department of Homeland Security. The deal was inked to complete a goal of making so-called EINSTEIN 3A network protections available to all civilian agencies by Dec. 31, a DHS official told Nextgov on Tuesday. It also conforms to a sweeping cyber shape-up plan the White House launched in October, following an Office of Personnel Management hack that exposed background check records on 21.5 million Americans applying for access to classified materials and their families. Right now, EINSTEIN 3A’s intrusion-blocking services are only offered to agencies receiving telecommunications services from CenturyLink, AT&T or Verizon. Agencies that connect to the Internet through Sprint, Level 3 or other providers are not protected. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Iran said to step up cyber-attacks on US officials

www.timesofisrael.com/iran-said-to-step-up-cyber-attacks-on-us-officials/ BY TIMES OF ISRAEL STAFF November 5, 2015 Iranian regime hackers have reportedly been targeting US officials involved in formulating American policy toward Tehran. The cyber warfare unit of the Iranian Revolutionary Guard Corps, an Iranian military force separate from the main and close to the regime’s supreme leader, Ayatollah Ali Khamenei, has engaged in a “flurry” of hacking efforts against the email and social-media accounts of senior officials in the Obama administration, The Wall Street Journal reported Wednesday. That surge has included policymakers at the US State Department’s Bureau of Near Eastern Affairs and Bureau of Iranian Affairs, the report said, citing unnamed American officials. Academics and journalists linked to Iranian issues were also targeted. The timing of the hacks may be linked to the October arrest in Iran of the Iranian-American dual citizen Siamak Namazi, an advocate of normalization, and to a broader battle analysts believe is taking place within the Iranian regime over fears by hardliners close to Khamenei that the nuclear deal reached with world powers in July could herald liberalization and a warming of ties with the West. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Canberra APS worker jailed for leaking ‘top secret’ documents

www.canberratimes.com.au/act-news/canberra-aps-worker-jailed-for-leaking-top-secret-documents-20151104-gkr7tz.html By Michael Inman COURTS REPORTER FOR THE CANBERRA TIMES November 5, 2015 A former junior Defence bureaucrat has been jailed for uploading secret information online. But Australia’s former army chief, Peter Leahy, says Michael Scerba should have been locked up for longer his “self-indulgent and selfish” security breach. Justice Richard Refshauge on Thursday sentenced Scerba, 24, to one year jail for disclosing secret information. Scerba will serve three months behind bars, with the remainder of the sentence suspended upon signing a good behaviour order and a $500 security bond. He will be released in February. Scerba pleaded guilty in the ACT Supreme Court to posting a secret Defence Intelligence Organisation report to image sharing website 4chan in October 2012. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] A New Material Promises NSA-Proof Wallpaper

www.defenseone.com/technology/2015/10/new-material-promises-nsa-proof-wallpaper/123066/ By PATRICK TUCKER defenseone.com OCTOBER 23, 2015 Your next tinfoil hat will won’t be made of tinfoil. A small company called Conductive Composites out of Utah has developed a flexible material — thin and tough enough for wallpaper or woven fabric — that can keep electronic emissions in and electromagnetic pulses out. There are a few ways to snoop on electronic communications. You can hack into a network or you can sniff out radio emissions. If you want to defend against the latter, you can enclose your electronic device or devices within a structure of electrically conductive, (probably metallic) material. The result is something like a force field. The conductive material distributes the electromagnetic energy away from the target in every direction — think of the *splat* you get when you hurl a tomato at a wall. These enclosures are sometimes called Faraday cages after the 18th-century British scientist who discovered electrolysis. Today, Faraday cages are all over the place. In 2013, as the College of Cardinals convened to elect a new Pope, the Vatican’s Sistine Chapel was converted into a Faraday cage so that news of the election couldn’t leak out, no matter how hard the paparazzi tried, and how eager the cardinals were to tweet the proceedings. The military also uses Faraday cages for secure communications: Sensitive Compartmented Information Facilities or SCIFs are Faraday cages. You’ll need to be in one to access the Joint Worldwide Intelligence Communication System, or JWICS, the Defense Department’s top-secret internet. Conductive Composites has created a method to layer nickel on carbon to form a material that’s light and moldable like plastic yet can disperse energy like a traditional metal cage. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Failure to update software left Naperville computers vulnerable: report

www.chicagotribune.com/suburbs/naperville-sun/news/ct-nvs-naperville-computer-hack-st-1025-20151023-story.html By Geoff Ziezulewicz Naperville Sun October 24, 2015 Hackers were able to break into Naperville’s computer network in an unprecedented 2012 cyberattack because of a vulnerability in the city’s Web software that had not been patched, even though an alert and update had been released roughly a month earlier, according to a Naperville police report. While city hall has declined Freedom of Information requests for some records from the attack that crippled its computer system for weeks, the narrative in the police report offers previously undisclosed details. Investigating the incident and beefing up the town’s cyber defenses has cost Naperville about $760,000, though cyber security experts say the hack used very basic, off-the-shelf tools to infiltrate Naperville’s computer network. “It’s a type of attack that is very common,” said John Miller, a cybercrime analyst with iSIGHT Partners, a global cyberthreat intelligence firm. “Nonetheless, it still has the potential to be very damaging.” […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Apple fixes 49 security bugs in iOS 9.1; kills jailbreak

www.zdnet.com/article/apple-fixes-security-bugs-in-ios-9-1-kills-jailbreak/ By Zack Whittaker Zero Day ZDNet.com October 21, 2015 Apple has fixed 49 separate security vulnerabilities in iOS 9.1. The company, which released the software on Wednesday for iPhones and iPads, detailed the flaws in its updated security documentation. Two of the fixes were credited to PanguTeam, a well-known jailbreak team based out of China, which earlier this month released the first jailbreak tool for devices running iOS 9. Jailbreaking (similar to “rooting” for Android phones) allows a user to gain access to more features on a iPhone or iPad, but it comes with additional security risks. It’s not illegal but it will void a user’s warranty. Apple said a heap based buffer overflow issue could allow a malicious app “to elevate privileges,” similar to how jailbreaking works.Another flaw allows a malicious app to exploit a memory corruption issue to “execute arbitrary code with kernel privileges,” which Apple said it fixed this flaw with improved memory handling. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail