[ISN] Chinese Hackers Suspected in Cyber Attack on Council on Foreign Relations

http://freebeacon.com/chinese-hackers-suspected-in-cyber-attack-on-council-on-foreign-relations/ By Bill Gertz Washington Free Beacon December 27, 2012 Computer hackers traced to China carried out an advanced cyberespionage attack against one of America’s most elite foreign policy web groups — the website of the Council on Foreign Relations (CFR). According to private computer-security forensic specialists, the hacking incident involved a relatively new type of ploy called a “drive-by” website cyber attack that was detected around 2:00 p.m. on Wednesday. The specialists, who spoke on condition of anonymity, said the attack involved penetrating the computer server that operates the New York City-based CFR’s website and then using the pirated computer system to attack CFR members and others who visited or “drove by” the site. The activity ended on Thursday and the specialists believe the attackers either removed their malicious software to prevent further details of the attack from being discovered, or CFR was able to isolate the software and remove it. […]
______________________________________________ Visit the InfoSec News Security Bookstore Best Selling Security Books and More! http://www.shopinfosecnews.org



Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] MI6 spy found dead in bag ‘DID lock himself in holdall’ say police as they claim codebreaker was responsible for his own death

http://www.dailymail.co.uk/news/article-2253606/MI6-spy-dead-bag-DID-lock-holdall-say-police-claim-codebreaker-responsible-death.html By Hugo Gye Mail Online 27 December 2012 The MI6 codebreaker who was found dead inside a holdall probably locked himself inside the bag, according to police. An inquest into the death of Gareth Williams found that he could have been the victim of foul play, as the coroner expressed doubts that he could have locked the bag himself. However, Scotland Yard detectives investigating the case discovered that it is possible to lock the type of holdall he was found in from the inside, and now say it is likely that no one else was involved in Mr Williams’ death. The body of the codebreaker, who was on secondment to MI6 from GCHQ, was discovered in a bathtub in his flat in Pimlico, central London, in August 2010. […] ______________________________________________ Visit the InfoSec News Security Bookstore Best Selling Security Books and More! http://www.shopinfosecnews.org

Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Shin Bet allows sneak peek at new cyber warfare unit

Forwarded from: Simon Taplin http://www.ynetnews.com/articles/0,7340,L-4322499,00.html By Ronen Bergman Ynetnews 12.20.12 Iran is actively trying to hack Israel’s critical online systems, the head of the Shin Bet’s new SIGINT (Signals Intelligence) unit told Yedioth Ahronoth in an exclusive interview. The Israel Security Agency officials said that aside from the hundreds of thousands of low-grade cyber attacks by Islamist hackers, who try to breach Israel’s cyber infrastructure on a daily basis, the past three years have seen a “single-digit number” of high-grade attacks. “High-grade attacks” are highly sophisticated cyber-assaults which usually indicate government-level involvement; and target critical infrastructure. When these attempted cyber attacks were detected, the Shin Bet’s teams were called to immediately see to the targeted servers. […] ______________________________________________ Visit the InfoSec News Security Bookstore Best Selling Security Books and More! http://www.shopinfosecnews.org

Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Korea

http://koreajoongangdaily.joinsmsn.com/news/article/Article.aspx?aid=2964605 By Han Yeong-ik Korea JoongAng Daily Dec 28, 2012 The end of the line for a famed fugitive Korean hacker surnamed Shin came in mid-December, when police in the Philippines found him in Batangas Province, led to him by the earlier arrest of one of his accomplices. Shin, 39, who became famous for hacking the servers of Hyundai Capital in the first half of 2011, was repatriated to Korea Dec. 14 and is being investigated for hacking. His history is virtually the history of hacking corporations for fun and profit in Korea. Shin originally wanted to become a pop singer, and started to learn about computer hacking as a hobby starting in 2000. […] ______________________________________________ Visit the InfoSec News Security Bookstore Best Selling Security Books and More! http://www.shopinfosecnews.org

Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Iranian official disputes report that power station was hit by virus attack

http://www.computerworld.com/s/article/9235039/Iranian_official_disputes_report_that_power_station_was_hit_by_virus_attack By Peter Sayer IDG News Service December 26, 2012 A power station in the south of Iran has been hit by a cyberattack, an Iranian news agency reported Tuesday, citing a local civil defense official. But now agency and official are in dispute over whether he really made the remarks. The Iranian Students News Agency (ISNA) initially reported that cyberattackers had struck industrial infrastructure in the southern province of Hormuzgan, which overlooks the Straits of Hormuz. The widely circulated report quoted Ali Akbar Akhavan as saying in a news conference that a virus had penetrated some manufacturing industries in Hormuzgan province, but that skilled hackers had helped halt its progress, according to a translation of the ISNA report published by Agence France Presse. The attack, targeting Bandar Abbas Tavanir Co., an electrical utility, among other installations, had happened in the past few months and was “Stuxnet-like,” the AFP report quoted Akhavan as saying. […] ______________________________________________ Visit the InfoSec News Security Bookstore Best Selling Security Books and More! http://www.shopinfosecnews.org

Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Poor SCADA security will keep attackers and researchers busy in 2013

http://www.computerworld.com/s/article/9234968/Poor_SCADA_security_will_keep_attackers_and_researchers_busy_in_2013 By Lucian Constantin IDG News Service December 21, 2012 An increasing number of vulnerability researchers will focus their attention on industrial control systems (ICS) in the year to come, but so will cyberattackers, security experts believe. Control systems are made up of supervisory software running on dedicated workstations or servers and computer-like programmable hardware devices that are connected to and control electromechanical processes. These systems are used to monitor and control a variety of operations in industrial facilities, military installations, power grids, water distribution systems and even public and private buildings. Some are used in critical infrastructure — the systems that large populations depend on for electricity, clean water, transport, etc. — so their potential sabotage could have far-reaching consequences. Others, however, are relevant only to their owners’ businesses and their malfunction would not have widespread impact. The security of SCADA (supervisory control and data acquisition) and other types of industrial control systems has been a topic of much debate in the IT security industry since the Stuxnet malware was discovered in 2010. […] ______________________________________________ Visit the InfoSec News Security Bookstore Best Selling Security Books and More! http://www.shopinfosecnews.org

Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Anonymous a threat to critical infrastructure? Expert says no

http://www.canada.com/news/national/Anonymous+threat+critical+infrastructure+Expert+says/7734843/story.html By Jordan Press Postmedia News December 21, 2012 OTTAWA — One year ago, three federal security agencies focused their eyes on Anonymous. One labelled the collective the modern face of hacktivism. Another warned Anonymous could soon have the ability to take down critical infrastructure such as water systems and the electricity grid. The reports were written at a time when it was easier to study and understand how members of the collective operated. A year later, Anonymous members have gone deeper underground. The arrest of Jeremy Hammond, who faces life in prison for his alleged role in leaking credit card information and internal emails from security firm Strategic Forecasting Inc., and the hacker-turned-informant Hector Xavier Monsegur, have forced hacker groups that form part of the Anonymous collective to become “more scattered and secretive,” said Gabriella Coleman, an international expert on Anonymous from McGill University. “They’re the type of phenomena that can slip away, vanish and recede,” Coleman said. “On the other hand, everything is in place for other strong strings of attacks because it doesn’t take long to bring them (anons) into being.” […]
______________________________________________ Visit the InfoSec News Security Bookstore Best Selling Security Books and More! http://www.shopinfosecnews.org

Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Report: U.S., Israel Fingered In Latest Data-Annihilation Attack

http://www.darkreading.com/advanced-threats/167901091/security/attacks-breaches/240145251/report-u-s-israel-fingered-in-latest-data-annihilation-attack.html By Kelly Jackson Higgins Dark Reading Dec 21, 2012 Remember that rudimentary data-wiping malware found on a few computers in Iran this month? Most security experts pegged it as a simple, unsophisticated copycat of more sophisticated data-destruction malware attacks. But in the latest twist, Industrial Safety and Security Source reported this week that the malware was courtesy of a U.S.-Israel attack, citing unnamed CIA sources who also say the attacks preceded the August Shamoon attack that hit Saudi Aramco and Iran’s oil ministry. Security researchers are unconvinced, however, noting that malware attribution—especially when it comes to espionage and sabotage—is difficult. And Chester Wisniewski, a senior security adviser for Sophos who has studied the so-called Batchwiper/GrooveMonitor attack, says it’s “highly unlikely” that a CIA official would confirm such an attack if it were true. The real problem is “attribution obfuscation,” says Roel Schouwenberg, senior researcher for global research and analysis at Kaspersky Lab. “Following Shamoon, I stated we’d likely start seeing a trend where supposed nation-state malware would become more simplistic. Only top teams can develop top malware, such as Stuxnet and Flame. So it’s quite clear what type of entity is likely behind it. Simplistic attacks can come from anyone,” he says. […]
______________________________________________ Visit the InfoSec News Security Bookstore Best Selling Security Books and More! http://www.shopinfosecnews.org

Facebooktwittergoogle_plusredditpinterestlinkedinmail