Network Forensics Tracking Hackers Through Cyberspace
Wired for War: The Robotics Revolution and Conflict in the 21st Century
Blogs / News -
Threatpost - Emerging APT Mounts Mass iPhone Surveillance Campaign -
A recently discovered, mass-targeted watering-hole campaign has been aiming at Apple iPhone users in Hong Kong – infecting website visitors with a newly developed custom surveillance malware. The bad code – the work of a new APT called “TwoSail Junk” – is delivered via a multistage exploit chain that targets iOS vulnerabilities in versions 12.1 and 12.2 of Apple’s operating system, according to researchers.As I read it Kaspersky believe this APT is Chinese in origin with ties to other older Chinese APTs.
SEL Inc - Solving Performance and Cybersecurity Challenges in Substation and Industrial Networks With Software-Defined Networking -
Academic paper but interesting
Wired - An Elite Spy Group Used 5 Zero-Days to Hack North Koreans -
Cybersecurity researchers at Google's Threat Analysis Group revealed on Thursday that an unnamed group of hackers used no fewer than five zero-day vulnerabilities, or secret hackable flaws in software, to target North Koreans and North Korea-focused professionals in 2019. The hacking operations exploited flaws in Internet Explorer, Chrome, and Windows with phishing emails that carried malicious attachments or links to malicious sites, as well as so-called watering hole attacks that planted malware on victims' machines when they visited certain websites that had been hacked to infect visitors via their browsers.
Google declined to comment on who might be responsible for the attacks, but Russian security firm Kaspersky tells WIRED it has linked Google's findings with DarkHotel, a group that has targeted North Koreans in the past and is suspected of working on behalf of the South Korean government.Art of Manliness - How to Clean Your Entire House in 30 Minutes
Medium - The five pillars of cyber security -
Protecting our critical infrastructure is essential. Such is our reliance on the efficient supply of power that any loss of electricity would carry heavy implications for a wide range of vital services. The new IEC report advocates using a risk-based systems approach founded on best practices, as well as the ability to demonstrate the effective and efficient implementation of the security measures. This means combining the right international standards with conformity assessment to assess the components of the system, the competencies of the people designing, operating and maintaining it, and the processes and procedures used to run it. In a world where cyber threats are becoming increasingly common, being able to apply a specific set of international standards combined with a dedicated and worldwide certification programme, is a proven and highly effective approach to ensuring long-term cyber resilience.Wired - The Secret History of a Cold War Mastermind -
That alternative plan is at the core of the legend of Gus Weiss. The best-known version of the tale goes like this: High up on the Soviet tech shopping list was software to regulate the pressure gauges and valves for the critical Siberian gas pipeline. According to Tim Weiner’s Legacy of Ashes, the Soviets sought the software on the open market. American export controls prohibited its sale from the US. However, a small industrial software company located in Calgary called Cov-Can produced what the Soviets wanted. As Weiner writes, “The Soviets sent a Line X officer to steal the software. The CIA and the Canadians conspired to let them have it.”
The faulty software “weaved” its way through Soviet quality control. The pipeline software ran swimmingly for months, but then pressure in the pipeline gradually mounted. And one day—the date remains unclear, though most put it in June 1982—the software went haywire, the pressure soaring out of control. The pipeline ruptured, igniting a blast in the wilds of Siberia so massive that, according to Thomas C. Reed’s At the Abyss, “at the White House, we received warning from our infrared satellites of some bizarre event out in the middle of Soviet nowhere. NORAD feared a missile liftoff from a place where no rockets were known to be based. Or perhaps it was the detonation of a nuclear device. The Air Force chief of intelligence rated it at three kilotons.”
The pipeline explosion is said to have cost Moscow tens millions of dollars it could ill-afford to waste.The Gus Weiss Monograph mentioned in the article is here
No comments:
Post a Comment