Tuesday, March 24, 2020

What I am reading 3/24/2020

Books -

Network Forensics Tracking Hackers Through Cyberspace

Blogs / News - 

Help Net Security - Widely available ICS attack tools lower the barrier for attackers -
“As ICS are a distinct sub-domain to information and computer technology, successful intrusions and attacks against these systems often requires specialized knowledge, establishing a higher threshold for successful attacks. Since intrusion and attack tools are often developed by someone who already has the expertise, these tools can help threat actors bypass the need for gaining some of this expertise themselves, or it can help them gain the requisite knowledge more quickly,” FireEye researchers point out.
Cyberscoop -  Kaspersky finds a new APT campaign targeting engineers in the Middle East -
A mysterious set of hackers last year began a targeted campaign to breach industrial organizations in the Middle East, antivirus firm Kaspersky said Tuesday.
Attackers have sought to breach engineers, particularly in a single, unnamed Middle Eastern country, adding to a long history of cyber operations in the region. They’re relying on a strain of malicious software that’s tailored for espionage, and does not appear to match any code the researchers have seen before. Exactly who is behind the effort remains unclear.
CNN-  China to lift lockdown on Wuhan, ground zero of coronavirus pandemic -
China has announced it will lift the lockdown on Wuhan, the city at the epicenter of the coronavirus pandemic, on April 8, marking a significant milestone in its battle against the deadly outbreak.
...
The easing of travel restrictions follows a significant reduction in new infections in Hubei, with new cases dropping to zero for five consecutive days from March 19 -- down from thousands of daily new cases at the height of the epidemic in February. On Tuesday, the province reported one new case in Wuhan, a doctor at the Hubei General Hospital.
 Stratechery - Compaq and Coronavirus -
That was taken by me, outside of my apartment building; apparently one of my neighbors just returned from America and the police were checking on his home quarantine. In fact, look more closely at what Taiwan has done to contain SARS-CoV-2 to-date — you can reframe everything in a far more problematic way:
  • Restrict international movement and close borders (including banning all non-resident foreigners this week)
  • Integrate and share private data across government agencies and with hospitals.
  • Track private individual movements via their smartphones.
Even the mask production I praised required requisitioning private property by the government, and the refusal of local businesses to serve customers without masks or insist on taking their temperature is probably surprising to many in the West.
And yet, life here is normal. Kids are in school, restaurants are open, the grocery stores are well-stocked. I would be lying if I didn’t admit that the rather shocking assertions of government authority and surveillance that make this possible, all of which I would have decried a few months ago, feels pretty liberating even as it is troubling. We need to talk about this!
DefCon Forums - Book Club

Yahoo - With China gunning for aircraft carriers, US Navy says it must change how it fights -
Just because China might be able to hit U.S. Navy aircraft carriers with long-range anti-ship missiles doesn’t mean carriers are worthless, the service’s top officer said Thursday.
The chorus of doom and gloom over China’s anti-access weapons is too simplistic, Chief of Naval Operations Adm. Michael Gilday said, but that doesn’t mean the Navy should refrain from adjusting the way it fights.
“Let’s look at this like a physics problem,” Gilday proposed. “[People will say]: ‘Hypersonics go really fast and they travel at long ranges. Carriers can only travel [‘X’ distance], so carriers are going to have to go away.’ That’s a very simplistic way to look at the problem.
Github - An introduction to Python and programming for wanna-be data scientists

ZDNet -  Microsoft warns of Windows zero-day exploited in the wild -
The zero-day is located in the Adobe Type Manager Library (atmfd.dll), a library that Microsoft uses to render PostScript Type 1 fonts inside Windows.
Microsoft says there are two remote code execution (RCE) vulnerabilities in this built-in library that allow attackers to run code on a user's system and take actions on their behalf.

No comments: