Cyber SA from the Queensland Police Cyber Crime & Fraud Symposium…

Good day from Queensland Australia;

Today your are receiving Cyber SA from the 2013 Queensland Police Cyber Crime & Fraud Symposium…

Heard a variety of scintillating cyber fraud case histories from international law enforcement today as the 2013 Queensland Police Cyber Crime & Fraud Symposium Day One kicked off…other topics presented included data breach handling and online reputation remediation suggestions from some of Australia’s cyber duty experts in the field…

Enjoy today edition, albeit abbreviated, of Cyber Situational Awareness!

People’s Republic of Corruption Control…Discipline bodies launch website Globaltimes.cn |
The Central Commission for Discipline Inspection (CCDI) of the Communist Party of China (CPC) and theMinistry of Supervision on Monday jointly opened an official website, offering the public a new online channel to report corrupt officials
http://www.globaltimes.cn/content/808182.shtml#.UiWHQmSG1JE
People’s Republic of China’s quest for world-beating brand held back by regime
http://wanderingchina.org/2013/09/03/chinas-quest-for-world-beating-brand-held-back-by-regime-guardian-risingchina-branding/
Jiang Jiemin removed from office: authority – People’s Daily Online
http://english.peopledaily.com.cn/90785/8387285.html
Yahoo Kills Chinese Services
http://www.techweekeurope.co.uk/news/yahoo-pulling-out-of-china-126178
Targeted Attacks Deliver Disassembled Malware |
http://www.symantec.com/connect/blogs/targeted-attacks-deliver-disassembled-malware

Chinese look for greater influence in UK nuclear programme
http://www.powerengineeringint.com/articles/2013/09/chinese-look-for-greater-influence-in-uk-nuclear-programme.html
People’s Republic of China’s Lenovo CEO to Share $3 Million Bonus With 10,000 Employees The Diplomat |
http://thediplomat.com/tech-biz/2013/09/03/lenovo-ceo-to-share-3-million-bonus-with-10000-employees/
People’s Republic of China-Russia Ties Deepen
http://thediplomat.com/china-power/china-russia-ties-deepen/

Citadel Makes a Comeback, Targets Japan Users |
http://blog.trendmicro.com/trendlabs-security-intelligence/citadel-makes-a-comeback-targets-japan-users/
Fraud and ATM attacks hit Germany hard
http://www.net-security.org/secworld.php?id=15495
Learning From One of the Most Successful Industry Verticals — Cybercrime
http://hacksurfer.com/amplifications/253-learning-from-one-of-the-most-successful-industry-verticals-8212-cybercrime

The TAO of NSA
http://www.net-security.org/secworld.php?id=15500&
NSA tops up exploit pool with $25m in ‘grey market‘ vulnerabilities
http://www.cso.com.au/article/525241/nsa_tops_up_exploit_pool_25m_grey_market_vulnerabilities_/
Cyber Warfare: Government-Endorsed Surveillance
http://www.ibtimes.co.uk/special-reports/3338/cyber-warfare-government-endorsed-surveillance.html
More illegal NSA spying activities leaked – Xinhua | English.news.cn
http://news.xinhuanet.com/english/world/2013-09/02/c_132684366.htm

Semper Fi,

謝謝,
紅龍!

Cyber SA ~ Queensland, Australia 2400Z1SEP2013

Good day from Queensland , Australia…

Today’s cyber SA greeted the Red Dragon with a notification that his name had been used in a targeted hacking attack…data breach and data loss resulted…and BTW ‘check your travel arrangements for compromise’ as your records were violated digitally…yikes!

Nonetheless – much more in today’s issue of Cyber SA for you to enjoy…

US cyber attacks ‘targeted Russia, People’s Republic of China, Iran and North Korea’
http://www.news.com.au/technology/us-cyber-attacks-targeted-russia-china-iran-and-north-korea-according-to-washington-post/story-e6frfro0-1226708363415?f

Taiwan probes HTC staff over theft of trade secrets…destination: People’s Republic of China
http://www.scmp.com/news/china/article/1300866/taiwan-probes-htc-staff-over-secrets-theft
Cyber Kleptomaniacs: Why the People’s Republic of China Steals Our Secrets
http://www.worldaffairsjournal.org/article/cyber-kleptomaniacs-why-china-steals-our-secrets
Three HTC Employees Suspected Of Selling Design Secrets To People’s Republic of China
http://www.businessinsider.com.au/three-htc-employees-suspected-of-selling-design-secrets-to-china-2013-8?
“People’s Republic of China actively engaging in kinetic & directed -energy based weapons systems…

China Studying as US launches new rocket carrying spy satellite – SCI_TECH – Globaltimes.cn
http://www.globaltimes.cn/content/807212.shtml#.UiPF_2SG1JE
China Studies: US sends new military satellite into orbit – SCI_TECH – Globaltimes.cn
http://www.globaltimes.cn/content/802482.shtml#.UiPGEmSG1JE

People’s Republic of Cyber Espionage … Xi’an Couple Jailed for Selling Hi-Technology State Secrets
http://www.militaryy.cn/html/52/n-93052.html

People’s Republic of China’s War On Online Gossip Is Starting To Get Scary
http://www.businessinsider.com.au/china-is-waging-a-war-on-online-rumors-2013-8?
People’s Republic of China’s “seven base lines” for a clean internet
http://cmp.hku.hk/2013/08/27/33916/
Canadian fellow tracks China’s censored words
http://www.cbc.ca/news/canada/toronto/story/2013/08/29/toronto-university-munk-school-sina-weibo-censor.html
Netizens & companies behind People’s Republic of China’s $39 billion search engine market (INFOGRAPHIC)
http://www.techinasia.com/china-39-billion-dollar-search-engine-market-in-2013/?
Chinese “black PR” firm controlled hundreds of verified Weibo users, raked in millions
http://www.techinasia.com/chinese-black-pr-firm-controlled-hundreds-verified-weibo-users-raked-millions/?
An Inside Look at the People’s Republic of China’s Censorship Tools
http://blogs.wsj.com/chinarealtime/2013/08/30/an-inside-look-at-chinas-censorship-tools/?
Top microbloggers must well handle discourse power – People’s Daily Online
http://english.peopledaily.com.cn/90782/207872/8385107.html

Beijing security expert calls for greater openness and transparency in Xinjiang
Says Chinese Government should stop information blockades…

http://www.scmp.com/news/china/article/1301450/beijing-security-expert-calls-greater-openness-and-transparency-xinjiang
Attack on rumours a step backwards for transparency in People’s Republic of China
http://www.scmp.com/news/china/article/1301448/attack-rumours-step-backwards-transparency

China investigating corruption allegations against state asset regulator Jiang Jiemin
A move to bring down Zhou Yongkang, the widely-feared former head of China’s security apparatus, has claimed the scalp of one of his senior lieutenants, the former chairman of the giant oil monopoly China National Petroleum Company (CNPC)

http://www.telegraph.co.uk/news/worldnews/asia/china/10278672/China-investigating-corruption-allegations-against-state-asset-regulator-Jiang-Jiemin.html
People’s Republic of China’s Army Day Coverage Stresses Winning Battles with “Dream of a Strong Military”
http://www.jamestown.org/programs/chinabrief/single/?tx_ttnews%5Btt_news%5D=41300&cHash=d9441328a6f257f9f39db71ae6815333#.UiOh3WSG1JE

Mesh networks can help Asia avoid censorship and recover from disasters
http://www.techinasia.com/mesh-networking-asia-avoid-censorship-recover-disasters/?

First free, public malware database launched in Taiwan|
http://www.wantchinatimes.com/news-subclass-cnt.aspx?id=20130831000004&cid=1103

People’s Republic of China’s Huawei spokesman tells Intelligence Committee chair to ‘stow it’
http://www.bizjournals.com/sanjose/news/2013/08/30/huawei-spokesman-tells-intelligence.html
People’s Republic of China’s ZTE steps up lobbying after spy fears block US contracts
http://www.scmp.com/business/china-business/article/1300810/zte-steps-lobbying-after-spy-fears-block-us-contracts
EXCLUSIVE TEST: People’s Republic of China’s Huawei switch: Good first effort
http://www.itworld.com/networking/371054/exclusive-test-huawei-switch-good-first-effort
People’s Republic of China’s quest for world-beating brand held back by regime
OP Middle Kingdom…

http://www.theguardian.com/business/2013/sep/01/chinese-brands-thinking-west
Corrupt, anonymous and in thrall to the party – People’s Republic of China is not the new Japan
http://www.theguardian.com/world/2013/sep/01/china-japan-corrupt-anonymous-party
People’s Republic of China Pakistan pledge to further boost military ties Lastupdate:- Sun, 1 Sep 2013 18:30:00
http://www.greaterkashmir.com/news/2013/Sep/1/china-pakistan-pledge-to-further-boost-military-ties-68.asp
Policy resolves foreigners’ visa extension issue: China
http://www.chinapost.com.tw/china/national-news/2013/09/01/387847/Policy-resolves.htm
People’s Republic of China Moves to Isolate Philippines, Japan
http://thediplomat.com/the-editor/2013/08/30/china-moves-to-isolate-philippines-japan/

An American Cyberoperations Offensive
http://www.nytimes.com/2013/09/01/world/americas/documents-detail-cyberoperations-by-us.html?
Feds plow $10 billion into “groundbreaking” crypto-cracking program
Consolidated Cryptologic Program has 35,000 employees working to defeat enemy crypto.
http://arstechnica.com/security/2013/08/feds-plow-10-billion-into-groundbreaking-crypto-cracking-program/
US Intelligence Community: The World’s 4th Largest Military?
http://thediplomat.com/flashpoints-blog/2013/08/30/us-intelligence-community-the-worlds-4th-largest-military/

Iran plays key role in global campaign against terrorism: intelligence minister
http://www.tehrantimes.com/politics/110416-iran-plays-key-role-in-global-campaign-against-terrorism-intelligence-minister
Why the U.S. Should Use Cyber Weapons Against Syria
http://www.defenseone.com/technology/2013/08/why-us-should-use-cyber-weapons-against-syria/69776/
Drums of cyber war grow louder
http://www.arabnews.com/news/463050
Syria’s largest city just dropped off the Internet
http://www.washingtonpost.com/blogs/the-switch/wp/2013/08/30/syrias-largest-city-just-dropped-off-the-internet/
Syrian Electronic Army: If U.S. Attacks ‘We Will Target All of It’
http://mashable.com/2013/08/30/syrian-electronic-army-interview/
Attacking Syria may lead to missile strikes, cyber warfare and terror attacks on US soil, warn military experts
http://www.dailymail.co.uk/news/article-2405362/Attacking-Syria-lead-terror-attacks-cyber-warfare-missile-attacks-US-soil-warn-military-experts.html

Report: Spy Agencies’ ‘Black Budget’ Reveals Intelligence Gaps : NPR
http://www.npr.org/blogs/thetwo-way/2013/08/29/216873944/report-spy-agencies-black-budget-reveals-intelligence-gaps?f
These are the companies alleged to have links to the NSA surveillance scandal
http://gigaom.com/2013/08/30/these-are-the-companies-alleged-to-have-links-to-the-nsa-surveillance-scandal/
Exclusive: Army Admits To Major Computer Security Flaw
Army’s Deputy of Cybersecurity says a security failure can allow unauthorized access to computer files. Instead of fixing it, they are telling soldiers to be more careful.

http://www.buzzfeed.com/justinesharrock/exclusive-army-admits-to-major-computer-security-flaw
NSA misused PRISM – Spied on Al Jazeera, bugged UN headquarters and used for personal spying
http://thehackernews.com/2013/08/nsa-misused-prism-spied-on-al-jazeera.html

Semper Fi ~

謝謝,
紅龍!

CYBER SA ~ 1300Z27AUG2013

Good Morning Cyber SA Fans;

Relentless reports from many countries regarding the largest DDoS attack to hit the Internet in the People’s Republic of China…say don’t they have the Cisco-powered Great Firewall? Lots of cyber SA to enjoy this Tuesday the 27th of August 2013…relish in today’s cyber news…there’s more waiting on you for tomorrow!

Enjoy!

中国互联网络信息中心 National Nodes DNS DDOS attacks suffered in the history of the largest
http://www.cnnic.net.cn/gjymaqzx/aqgg/aqggaqsj/201308/t20130826_41325.htm

People’s Republic of China Internet hit by ‘largest ever’ attack…uh oh, let loose the dogs of war…
http://www.france24.com/en/20130827-china-internet-hit-largest-ever-attack
Chinese internet hit by largest ever DDoS attack
http://www.v3.co.uk/v3-uk/news/2290946/chinese-internet-hit-by-largest-ever-ddos-attack
Chinese Internet Hit by Attack Over Weekend
http://blogs.wsj.com/chinarealtime/2013/08/26/chinese-internet-hit-by-attack-over-weekend/
People’s Republic of China’s internet hit by the country’s “largest ever” attack
http://gigaom.com/2013/08/26/chinas-internet-hit-by-the-countrys-largest-ever-attack/

Emerging markets drive Chinese browser firm UCWeb’s global expansion – Xinhua | English.news.cn
http://news.xinhuanet.com/english/sci/2013-08/24/c_132658921.htm

PLA Cavalry: Use the Beidou satellite system to good effect -…
http://english.peopledaily.com.cn/90786/8378444.html
Chinese satellite movements alarm experts
http://www.i24news.tv/en/news/international/asia-pacific/130820-chinese-satellite-movements-baffle-experts
PLA stresses goal of stronger military – People’s Daily Online
http://english.peopledaily.com.cn/90786/8377139.html
PLA command confrontation drill concludes – People’s Daily Online
http://english.peopledaily.com.cn/90786/8373718.html

Chinese shipbuilder reveals breakthrough technology – People’s Daily Online
http://english.peopledaily.com.cn/202936/8370062.html

Sina, People’s Republic of China’s answer to Twitter, enters the mobile messaging battle with its own app
http://thenextweb.com/asia/2013/08/26/sina-chinas-answer-to-twitter-enters-the-mobile-messaging-battle-with-its-own-app/
People’s Republic of China’s ‘new relationship’ trap
http://www.washingtontimes.com/news/2013/aug/26/fisher-chinas-new-relationship-trap/?
People’s Republic of China Bans a Law Professor From Classroom | Inside Higher Ed
http://www.insidehighered.com/quicktakes/2013/08/26/china-bans-law-professor-classroom
Kenya and People’s Republic of China sign $5bn deals
http://www.bbc.co.uk/news/world-africa-23768488
Australia’s mining boom rolls on for Chinese entrepreneur in the outback
http://www.reuters.com/article/2013/08/25/us-australia-mining-idUSBRE97O03R20130825
European Equipment Suppliers Win Third Of £2bn China Mobile 4G Contract
http://www.techweekeurope.co.uk/news/china-mobile-4g-european-equipment-125662?
People’s Republic of China launches its first air-to-air missile from helicopter – The Times of India
http://timesofindia.indiatimes.com/world/china/China-launches-its-first-air-to-air-missile-from-helicopter/articleshow/22063826.cms
45 Signs That the People’s Republic of China Is Colonizing America
http://wanderingchina.org/2013/08/25/45-signs-that-china-is-colonizing-america-the-american-dream-online-risingchina-colonizingamerica/

U.S. spied on UN: German weekly – Xinhua | English.news.cn
http://news.xinhuanet.com/english/world/2013-08/26/c_125242562.htm

DPRK offers mobile internet access for foreigners – Xinhua |
http://news.xinhuanet.com/english/world/2013-02/25/c_132191596.htm

Koobface worm-flinging gangster linked to pharma spam ops • The Register
http://www.theregister.co.uk/2013/08/26/koobface_carder_pharma_spam_tieup/

MoleRats Hackers Hitting Israeli Government With Poison Ivy Malware
http://www.techweekeurope.co.uk/news/molerats-attacks-israel-egypt-125668?

Semper Fi;

謝謝
紅龍

Cyber SA for 1302Z26AUG2013

Good Monday Morning Fans!

Extraordinary amount of Cyber Situational Awareness (SA) news from around the globe today!

The People’s Republic of China suffers a massive DDoS attack; Chinese military modernization of information warfare doctrine circa 2000 & 2008 – There are also stories about Russian Cybercrime; India’s cyber architecture and much other relevant good stuff to share in the variety of news posts below!

Enjoy!

People’s Republic of China suffers major DDoS attack on .cn domain
http://www.pcworld.com/article/2047427/china-suffers-major-ddos-attack-on-cn-domain.html#
People’s Republic of China’s Internet hit by biggest cyberattack in its history
http://money.cnn.com/2013/08/26/technology/china-cyberattacks/index.html?

Information Defense: An Important Part of Information Warfare…解放军报网络版-军事沙龙
This is Chinese Military (中國人民解放軍) Information Warfare (信 息战争) Doctrine Circa 2000

http://www.pladaily.com.cn/item/vote/houqing/content/7-015.htm
Chinese Military Networks also Need to Relate To Battle Strategies…网络攻防战也需讲谋略
This is Circa 2007 – 中國人民解放軍信 息作战

http://www.chinamil.com.cn/site1/xwpdxw/2007-11/06/content_1007865.htm
Cyber Warfare & the People’s Republic of China…Has the Wolf Come Yet?网络战,狼真的来了吗
This is Circa 2007 – 中國人民解放軍信 息作战

http://www.chinamil.com.cn/site1/xwpdxw/2007-11/01/content_1002668.htm
Chinese Military Active Defense: Target Enemy Critical Infrastructure信息防卫–信息化战争的重要一环
This is Chinese Military (中國人民解放軍) Information Warfare (信 息战争) Doctrine Circa 2008

http://www.chinamil.com.cn/site1/2008b/2008-06/17/content_1320115.htm

U.S., China and an unthinkable war
Both have planned for a conflict they hope to avoid.
http://www.latimes.com/opinion/commentary/la-oe-gompert-kelly-war-china-u-s–20130826,0,6126914.story?
US Navy seeks more cooperation with China in counter-piracy exercise
http://www.stripes.com/news/navy/us-navy-seeks-more-cooperation-with-china-in-counter-piracy-exercise-1.237354?
John McCain, China Trade Barbs Over Senkaku Islands
http://thediplomat.com/the-editor/2013/08/26/john-mccain-china-trade-barbs-over-senkaku-islands/?
China’s worried elites
Not since Mikhail Gorbachev began speaking of ‘Glasnost’ and ‘Perestroika’ has there been such a ferment among policy intellectuals.

http://www.upi.com/Top_News/Analysis/Walker/2013/08/26/Walkers-World-Chinas-worried-elites/UPI-48771377490260/

China IP Rights. The Lackey View.
http://www.chinalawblog.com/2013/08/china-ip-rights-the-lackey-view.html

Sinopec profits surge as China eases pricing rules
http://www.bbc.co.uk/news/business-23838922
China to investigate vice president of oil firm CNPC
http://uk.reuters.com/article/2013/08/26/uk-china-oil-cnpc-idUKBRE97P01V20130826?
China’s Military Says Pacific Rim Is American Propaganda
http://kotaku.com/chinas-military-says-pacific-rim-is-american-propagand-1196612758
PH, Vietnam hold talks to boost defense amid China tension

PH, Vietnam hold talks to boost defense amid China tension

Top Japanese firms’ classified info leaked on People’s Republic of China’s Baidu
http://www.japantimes.co.jp/news/2013/08/08/national/leading-japanese-firms-confidential-documents-leaked-on-chinese-website/

People’s Republic of China Wants to Rise Peacefully, But So What?
http://thediplomat.com/flashpoints-blog/2013/08/22/china-wants-to-rise-peacefully-but-so-what/?

The Pervasiveness of Foreign Collection Efforts via Cyber Espionage
http://ci.speartip.com/blog/bid/329389/The-Pervasiveness-of-Foreign-Collection-Efforts-via-Cyber-Espionage
Cybersecurity Expert: Assume You’re Being Attacked Right Now
http://www.crn.com/news/security/240160280/cybersecurity-expert-assume-youre-being-attacked-right-now.htm

Local man Taiwanese gets suspended sentence spying the People’s Republic of China
http://www.chinapost.com.tw/taiwan/national/national-news/2013/08/23/387135/Local-man.htm
Chinese mainland’s Internet speed ranks 98th |Industries |chinadaily.com.cn
http://www.chinadaily.com.cn/business/2013-08/16/content_16898964.htm

People’s Republic of China’s Huawei, ZTE win bulk of China Mobile’s $3 billion 4G bonanza: sources
http://www.reuters.com/article/2013/08/23/us-chinamobile-4g-idUSBRE97M02020130823
Is Taiwan’s HTC about to get acquired by People’s Republic of China’s ZTE, Lenovo or Huawei?
http://www.networkworld.com/news/2013/082213-android-roundup-273111.html
Electric carmaker Tesla hits roadblock in People’s Republic of China over trademark
Tesla will pay dearly for not havinf read of Apple’s dillemma regarding IP & Trademark registration within the People’s Republic of China…but I’m certain they hired only the best to get them to this point 🙂

http://www.reuters.com/article/2013/08/23/us-china-autos-tesla-idUSBRE97M0D920130823
Despite denials, docs show McAuliffe company asked feds to fast-track visa for investor tied to spy list
MAKING CONNECTIONS: Chinese telecommunications company like Huawei Technologies Co. “provide a wealth of opportunities for Chinese intelligence agencies to insert malicious hardware or software implants into critical telecommunications components and systems,”

http://sayanythingblog.com/entry/despite-denials-docs-show-mcauliffe-company-asked-feds-to-fast-track-visa-for-investor-tied-to-spy-list/?
Africa’s Big Brother Lives in Beijing – Is Huawei wiring Africa for surveillance? Or just for money?
http://www.foreignpolicy.com/articles/2013/07/30/africas_big_brother_lives_in_beijing_huawei_china_surveillance?page=full
U.S. Fears People’s Republic of China’s Huawei Backed Spy Network In Africa (Update) –

U.S. Fears Huawei Backed Spy Network In Africa (Update)


People’s Republic of China’s Huawei Secures $1.5 Billion Equivalent 5-year Term Loan
http://www.cellular-news.com/story/61663.php?
People’s Republic of China’s ZTE to post third quarterly profit due to cost cuts
http://www.reuters.com/article/2013/08/21/us-zte-results-idUSBRE97K0XB20130821
People’s Republic of China’s Baidu buys majority stake in group buying site Nuomi | PCWorld
http://www.pcworld.com/article/2047322/chinas-baidu-buys-majority-stake-in-group-buying-site-nuomi.html

Multinationals in China…Guardian warriors and golden eggs
The state’s crackdowns on big firms are not all about bashing foreigners

http://www.economist.com/news/business/21584045-states-crackdowns-big-firms-are-not-all-about-bashing-foreigners-guardian-warriors-and?
Volvo building two additional assembly plants in People’s Republic of China
http://www.leftlanenews.com/volvo-to-build-assembly-plants-in-china.html
Foreign Executives Need to Exercise Due Care in the People’s Republic of China
http://www.china-briefing.com/news/2013/08/23/foreign-executives-need-to-exercise-due-care-in-china.html

Xiaomi’s new funding round skyrockets valuation to $10B
http://venturebeat.com/2013/08/22/xiaomis-new-funding-round-skyrockets-valuation-to-10b/
People’s Republic of China arrests activist who campaigned about leaders’ wealth | Reuters
http://in.reuters.com/article/2013/08/23/china-dissident-idINDEE97M05520130823

Review of US surveillance programs to be led by panel of intelligence insiders
http://www.theguardian.com/world/2013/aug/22/nsa-surveillance-review-panel-insiders
US intelligence services go ‘on the record’ with new Tumblr blog
http://www.theguardian.com/world/2013/aug/22/us-intelligence-community-tumblr-surveillance
If You’ve Ever Traveled to a “Suspicious” Country, This Secret Program May Target You

If You’ve Ever Traveled to a “Suspicious” Country, This Secret Program May Target You


How an Idealistic President Embraced Cyber Espionage
http://www.huffingtonpost.com/nikolas-kozloff/how-an-idealistic-preside_b_3799193.html

Exclusive: UK’s secret Mid-East internet surveillance base is revealed in Edward Snowden leaks
http://www.independent.co.uk/news/uk/politics/exclusive-uks-secret-mideast-internet-surveillance-base-is-revealed-in-edward-snowden-leaks-8781082.html
New Study: Senior U.S. Military Schools Struggle to Include Cyber Education in Curricula
http://pellcenter.salvereginablogs.com/files/2013/08/JPME-Cyber-Leaders-Final.pdf
http://pellcenter.salvereginablogs.com/new-study-senior-u-s-military-schools-struggle-to-include-cyber-education-in-curricula/

New figures reveal extent of cybercrime risk to UK population
http://phys.org/news/2013-08-figures-reveal-extent-cybercrime-uk.html
www.cyber.kent.ac.uk/Survey1.pdf

Nasdaq outage resembles political hacker attacks – These are not the Hackers you are looking for…

Nasdaq outage resembles political hacker attacks

Serious cyber attack hits Belgian military intelligence service
http://www.mo.be/en/article/serious-cyber-attack-hits-belgian-military-intelligence-service

FEATURE-Ex-Soviet hackers play outsized role in cyber crime world
http://www.reuters.com/article/2013/08/22/russia-cybercrime-idUSL6N0G61KM20130822

German IT officials reportedly deem Windows 8 too ‘dangerous’ to use
http://bgr.com/2013/08/21/microsoft-windows-8-nsa-back-door/

Govt to chart road map to safeguard India’s cyber security…
http://www.dnaindia.com/india/1879193/report-govt-to-chart-road-map-to-safeguard-india-s-cyber-security-architecture

Semper Fi;

謝謝
紅龍

CYBER SA for 1130Z22AUG2013

Good morning Cyber Fans –

Remember Red Dragon’s rules of cyber SA and newsworthy items – with writer deadlines both Wednesday, yesterday and the weekends are when you are likely to discover & learn about the nascent and unusual from cyber land…

In today’s edition of CYBER SA we have a decent batch of cyber related stories out of the People’s Republic of China…(中國人民共和國), news of Russia’s Cyber Initiatives; Iranian Oil going to China thanks to Hillary; proof that the United Kingdom has been definitely colonized by the Chinese under the ROE for Operation Middle Kingdom; HUAWEI’s endeavors in both Poland and Indonesia..yes and the latest silliness from our own shores…

Enjoy my friends – it is only Thursday!

Chinese Ransomlock Malware Changes Windows Login Credentials |
http://www.symantec.com/connect/blogs/chinese-ransomlock-malware-changes-windows-login-credentials
Poison Ivy RAT Spotted in Three New Attacks…ties to hackers in People’s Republic of China

Poison Ivy RAT Spotted in Three New Attacks


Revamped Aumlib, Ixeshe Malware Found in New People’s Republic of China Attacks

Revamped Aumlib, Ixeshe Malware Found in New China Attacks

In global cyber war, Silicon Valley urged to take care of own
As U.S., People’s Republic of China spar over attacks, Google others told to step up.
http://www.sltrib.com/sltrib/money/56411570-79/china-security-cyber-government.html.csp

Veterans of 2001 Sino-US cyberwar become entrepreneurs
While some veterans of the Sino-US cyberwar of 2001 remain true to the ‘spirit of geeks’, many have since carved out profitable internet businesses
http://www.scmp.com/news/china/article/1298200/hackers-entrepreneurs-sino-us-cyberwar-veterans-going-straight

People’s Republic of China: ‘An economic force to be reckoned with’ | Asia | DW.DE | 21.08.2013
http://www.dw.de/china-an-economic-force-to-be-reckoned-with/a-17036412?maca=en-rss-en-all-1573-xml-atom
People’s Republic of China Takes Aim at Western Ideas
http://www.nytimes.com/2013/08/20/world/asia/chinas-new-leadership-takes-hard-line-in-secret-memo.html?_r=1&&pagewanted=all

Surrounded: How the U.S. Is Encircling People’s Republic of China with Military Bases
US military options now must counter People’s Republic of China’s Operation Middle Kingdom in Asia Pacific….
http://killerapps.foreignpolicy.com/posts/2013/08/20/surrounded_how_the_us_is_encircling_china_with_military_bases

US, People’s Republic of China still wary of each other despite military cooperation talk
http://www.wantchinatimes.com/news-subclass-cnt.aspx?id=20130821000115&cid=1703

People’s Republic of China’s Rise, Disputed Territories & Competition Between Major Powers In Asia-Pacific Concern For Canada And Australia – Report
http://www.eurasiareview.com/21082013-chinas-rise-disputed-territories-and-competition-between-major-powers-in-asia-pacific-concern-for-canada-and-australia-report/?

The untold truth behind the US rebalancing policy|
http://www.wantchinatimes.com/news-subclass-cnt.aspx?cid=1703&MainCatID=17&id=20130811000079

A gap in U.S. sanctions law allows People’s Republic of China to import more Iranian oil
http://online.wsj.com/article/SB10001424127887324619504579026333611696094.html

UK’s BBC Strikes China Content Deal…agrees to OP Middle Kingdom ROE

BBC Strikes China Content Deal


People’s Republic of China media: Online rumours
http://www.bbc.co.uk/news/world-asia-china-23776560
Xinhua reveals People’s Republic of China’s ‘Area 51’ in Inner Mongolia
http://www.wantchinatimes.com/news-subclass-cnt.aspx?cid=1101&MainCatID=11&id=20130821000013

Security probes into foreign companies backed by People’s Republic of China’s netizens
http://www.wantchinatimes.com/news-subclass-cnt.aspx?id=20130821000139&cid=1101
People’s Republic of China’s Sinochem plans further investment in Brazil’s offshore oil
http://www.wantchinatimes.com/news-subclass-cnt.aspx?id=20130821000010&cid=1102
People’s Republic of China’s Everbright’s strategic investments keep firm afloat after errors
http://www.wantchinatimes.com/news-subclass-cnt.aspx?id=20130821000062&cid=1206
People’s Republic of China arrests Weibo users for “inciting public dissatisfaction with the government”
http://www.techinasia.com/china-arrests-weibo-users-inciting-public-dissatisfaction-government/?
A Chinese Wikipedia editor is banned from leaving People’s Republic of China until 2016
http://www.techinasia.com/wikipedia-china-editor-banned-from-leaving-country/?
Indonesia’s flagship airline Garuda spotted using People’s Republic of China’s AliPay
http://www.techinasia.com/garuda-indonesia-alipay/?
Apple’s iPad sees People’s Republic of China market share shrink to 28%
http://www.techinasia.com/apple-ipad-market-share-china-shrinks-to-28-percent-q2-2013/?

What Is the People’s Republic of China Unable To Make?
http://www.ibtimes.com/chinese-companies-struggling-gain-foothold-global-market-1392949?ft=rc480
Chinese Telecom ZTE Latches Onto Firefox for Image of Privacy – The Epoch Times
http://www.theepochtimes.com/n3/255482-chinese-telecom-latches-onto-firefox-for-image-of-privacy/
People’s Republic of china to Lead – Growth in Wind Energy to Boost Global Operations and Maintenance (O&M) Market
http://www.investorideas.com/news/2013/renewable-energy/08201.asp
ChinaSoft International and Alibaba Cloud to Build Pilot Smart Government Services Cloud for Zhejiang
http://www.istockanalyst.com/business/news/6541645/chinasoft-international-and-alibaba-cloud-to-build-pilot-smart-government-services-cloud-for-zhejiang

Apple loses ground in People’s Republic of China smartphone market
http://www.eetasia.com/ART_8800688899_499488_NT_71fe3e9a.HTM
Apple Takes A Small Step Toward Boosting Its Presence In the People’s Republic of China
http://www.businessinsider.com/apple-takes-a-small-step-toward-boosting-its-presence-in-china-2013-8?
Apple’s iPad suffers drastic decline in share of Chinese tablet market while cheap competitors grow
http://appleinsider.com/articles/13/08/20/apples-ipad-suffers-drastic-decline-in-share-of-chinese-tablet-market-while-cheap-models-grow

Japan’s nuclear crisis deepens, China expresses ‘shock’
http://www.reuters.com/article/2013/08/21/us-japan-fukushima-severity-idUSBRE97K02B20130821
Malaysia’s Celcom signs five year digital services deal with People’s Republic of China’s Huawei
http://www.telegeography.com/products/commsupdate/articles/2013/08/21/celcom-signs-five-year-digital-services-deal-with-huawei/?
People’s Republic of China’s Huawei Helps Polish Government Build
…the World’s First 3.6GHz~3.8GHz eLTE Broadband Access Network
Poland is the Operation Middle Kingdom target for colonization in Eastern Europe…

http://www.istockanalyst.com/business/news/6540174/huawei-helps-polish-government-build-the-world-s-first-3-6ghz-3-8ghz-elte-broadband-access-network

Soldier of Fortune –
Memories of army life from both sides of the Chinese Civil War to a reeducation camp after the Korean War
http://english.caixin.com/2013-08-09/100567733.html

Australia’s glittering investments from People’s Republic of China are not all gold
http://www.usatoday.com/story/news/world/2013/08/20/australia-elections-china-financial-boom/2574249/?
New Zealand spy bills key up controversy
Laws expected to pass this week anger surveillance-wary New Zealanders and irk China, a major trading partner.
http://www.aljazeera.com/indepth/features/2013/08/2013812113057818160.html

Russian Military Creating Cyber Warfare Branch | Defense | RIA Novosti
http://en.ria.ru/military_news/20130820/182856856/Russian-Military-Creating-Cyber-Warfare-Branch.html
Russia Preparing New Cyber Warfare Branch, Military Official Says
http://news.softpedia.com/news/Russia-Preparing-New-Cyber-Warfare-Branch-Military-Official-Says-376807.shtml
Russia’s FSB mulls ban on ‘Tor’ online anonymity network — RT Russian
http://rt.com/politics/russia-tor-anonymizer-ban-571/

Poison Ivy: Assessing Damage and Extracting Intelligence
http://www.fireeye.com/blog/technical/targeted-attack/2013/08/pivy-assessing-damage-and-extracting-intel.html
You Had Me at NIST…謝謝您.. Persistent Threat @AdvancedThreat

You Had Me at NIST

From Nuclear Deterrence To Cyber Deterrence – OpEd
http://www.eurasiareview.com/21082013-from-nuclear-deterrence-to-cyber-deterrence/?

Dancho Danchev’s Blog – Mind Streams of Information Security Knowledge: The Cost of Anonymizing a Cybercriminal’s Internet Activities – Part Three
http://ddanchev.blogspot.nl/2013/08/the-cost-of-anonymizing-cybercriminals.html
McAfee: ‘$1 trillion global cyber crime cost was over the top’
http://www.computing.co.uk/ctg/news/2289953/mcafee-usd1-trillion-global-cyber-crime-cost-was-over-the-top

Millions stolen from US banks after ‘wire payment switch’ targeted
http://www.scmagazine.com.au/News/354155,millions-stolen-from-us-banks-after-wire-payment-switch-targeted.aspx

In ‘cyber’ Maryland, a bid for business growth
http://articles.baltimoresun.com/2013-08-16/business/bs-bz-federal-cybersecurity-industry-20130816_1_business-growth-business-group-national-cybersecurity-center

The 2013 Cybersecurity Executive Order: Potential Impacts On The Private Sector – Strategy – United States
http://www.mondaq.com/unitedstates/x/258936/technology/The+2013+Cybersecurity+Executive+Order+Potential+Impacts+on+the+Private+Sector
Resilience of the Internet Interconnection Ecosystem — ENISA
http://www.enisa.europa.eu/activities/Resilience-and-CIIP/critical-infrastructure-and-services/inter-x/interx/report

Enjoy!

Semper Fi,

謝謝
紅龍

Wednesday Cyber SA 21AUG2013 – TREMENDOUS Amount of News!

Good Wednesday Morning Fans of Cyber Mania News…

Lots of cyber related news out of the People’s Republic of China today – ENISA & NIST sound off, Islamic Republic of Iran has some noteworthy items and of course the token Russia Cyber story for the cyber fan from Leeds, UK…enjoy!

People’s Republic of China denies role in cyber-attacks on United States; Claim themselves victim of hacking – The Economic Times
http://economictimes.indiatimes.com/tech/internet/china-denies-role-in-cyber-attacks-on-united-states-claim-themselves-victim-of-hacking/articleshow/21931101.cms
Beijing’s Rising Hacker Stars…How Does Mother China React?
http://fmso.leavenworth.army.mil/documents/Beijings-rising-hackers.pdf

People’s Republic of China monitors online chatter as users threaten state hold on the internet
http://www.theguardian.com/world/2013/aug/20/china-internet-listening-citizens-views
Chinese lawyers targeted as Xi Jinping tightens control – Telegraph
http://www.telegraph.co.uk/news/worldnews/asia/china/10254632/Chinese-lawyers-targeted-as-Xi-Jinping-tightens-control.html
Xue Manzi: How Chinese social media can be a force for good
http://www.danwei.com/xue-manzi-how-chinese-social-media-can-be-a-force-for-good/

Chinese Man Who Offered To Install “Hacker” software is arrested 男子给网吧提供“黑客”软件 获刑三年罚金十万-资讯-黑基安全网
http://www.hackbase.com/news/2013-08-20/116340.html

Conflict Breeds Cyber Attacks | Analysis Intelligence
http://analysisintelligence.com/cyber-defense/conflict-breeds-cyber-attacks/?
Mapped: The 7 Governments the U.S. Has Overthrown – By J. Dana Stuster
http://www.foreignpolicy.com/articles/2013/08/19/map_7_confirmed_cia_backed_coups?page=full

PLA (中國人民解放軍)advancing laser weapons program|
http://www.wantchinatimes.com/news-subclass-cnt.aspx?id=20130820000102&cid=1101
中國人民解放軍 (PLA) Lanzhou MAC organizes confrontation training – People’s Daily Online
http://english.people.com.cn/90786/8370233.html
More college students applying for entry into the military, Zhao Shengnan reports in Beijing.
http://english.peopledaily.com.cn/90786/8368846.html
Hagel, Chinese Defense Minister Commit To Cooperation But Tensions Clear
http://breakingdefense.com/2013/08/19/hagel-pla-leader-commit-to-cooperation-but-tensions-clear/?
People’s Republic of China, U.S. agree on new steps to enhance military cooperation – People’s Daily Online
http://english.peopledaily.com.cn/90786/8370788.html
US, People’s Republic of China (中華人民共和國) agree on new ways to enhance military cooperation|
http://www.wantchinatimes.com/news-subclass-cnt.aspx?id=20130820000123&cid=1101
Advance toward new type of China-U.S. mil-to-mil relations – People’s Daily Online
http://english.peopledaily.com.cn/90786/8370960.html
Chinese professor warns of “democracy trap” – Xinhua | English.news.cn
http://news.xinhuanet.com/english/indepth/2013-08/20/c_132646879.htm

People’s Republic of China, U.S. Ink Deal to Counter Illicit Atomic Trafficking | GSN | NTI
http://www.nti.org/gsn/article/us-inks-multiple-deals-counter-illicit-atomic-trafficking/
Chinese shipbuilder reveals breakthrough technology – Xinhua | English.news.cn
http://news.xinhuanet.com/english/china/2013-08/20/c_132646180.htm
CNOOC Gas undertakes China’s first floating LNG project – Xinhua | English.news.cn
http://news.xinhuanet.com/english/china/2013-08/15/c_132633910.htm
People’s Republic of China’s Huawei And Security: The Bigger Picture
http://www.crn.com/news/networking/240160101/huawei-and-security-the-bigger-picture.htm?
People’s Republic of China’s Huawei Exec: We Need To Be A Better Communicator
http://www.crn.com/news/networking/240160097/huawei-exec-we-need-to-be-a-better-communicator.htm?

3 reasons Baidu is aiming high in Indonesia
http://www.techinasia.com/3-reasons-why-baidu-expanding-indonesia/?

Business Insider’s Reporting on the (中華人民共和國) People’s Republic of China
http://blog.hiddenharmonies.org/2013/08/business-insiders-reporting-on-china/
JPMorgan Chase Hit With China Bribery Probe
http://www.thenewamerican.com/economy/sectors/item/16360-jpmorgan-chase-hit-with-china-bribery-probe

Apple iPad market share plummets in China as domestic vendors grow
http://www.computerworld.com/s/article/9241731/Apple_iPad_market_share_plummets_in_China_as_domestic_vendors_grow?
Apple said to be close to 4G deal with China Mobile|
http://www.wantchinatimes.com/news-subclass-cnt.aspx?cid=1204&MainCatID=12&id=20130816000097
Commentary: Well-behaved int’l firms welcomed in the People’s Republic of China – Xinhua | English.news.cn
http://news.xinhuanet.com/english/indepth/2013-08/19/c_132643309.htm
Xinhua Insight: Police reveal details of GSK China’s alleged violations – Xinhua | English.news.cn
http://news.xinhuanet.com/english/indepth/2013-07/26/c_132574386.htm

Why is China so Afraid of a Small Protest?
http://thediplomat.com/china-power/why-is-china-so-afraid-of-a-small-protest/?
With Bo Xilai on Trial, China Adopts Chongqing Model
http://thediplomat.com/china-power/with-bo-xilai-on-trial-china-adopts-chongqing-model/?

Russia Setting up Cyber Warfare Unit Under Military
http://www.ibtimes.co.uk/articles/500220/20130820/russia-cyber-war-hack-moscow-military-snowden.htm#!

Iran Trains Students to Target Drones |
http://defensetech.org/2013/08/19/iran-trains-students-to-target-drones/
Three Major Al-Qaida Forums Disrupted by DDOS Attack
http://news.softpedia.com/news/Three-Major-Al-Qaida-Forums-Disrupted-by-DDOS-Attack-376443.shtml

Digital Dao: The Cyber Kill Chain: Trademarked by Lockheed Martin?
Lockheed Martin is just angry they did not receive a $ SIX BEEELIION Cyber Contract from Uncle Sam…C’mon guys your background check would have caught the traitor Booz Allen Hamilton gave the world 🙂

http://jeffreycarr.blogspot.com/2013/08/the-cyber-kill-chain-trademarked-by.html

Infosecurity… Major Media Organizations Still Vulnerable Despite High Profile Hacks |
http://www.infosecurity-us.com/view/34043/infosecurity-exclusive-major-media-organizations-still-vulnerable-despite-high-profile-hacks/
Countering Advanced Persistent Threats with Comprehensive Network Security
http://www.infosecisland.com/blogview/23351-Countering-Advanced-Persistent-Threats-with-Comprehensive-Network-Security-.html
Total Defense | Blog | The cyber-attacks transformation
http://www.totaldefense.com/blogs/2013/08/19/the-cyber-attacks-transformation.aspx?
Angry Kitten…Electronic Warfare Development Targets Fully Adaptive Threat Response Technology
http://www.gatech.edu/newsroom/release.html?nid=228881

Thinking Differently: Unlocking the Human Domain in Support of the 21st Century Intelligence Mission | Small Wars Journal
http://smallwarsjournal.com/jrnl/art/thinking-differently-unlocking-the-human-domain-in-support-of-the-21st-century-intelligence

NIST Updates Patching and Malware Avoidance Guides
http://www.infosecurity-us.com/view/34070/nist-updates-patching-and-malware-avoidance-guides/
Thousands affected in US Energy agency breach
http://www.scmagazine.com.au/News/354011,thousands-affected-in-us-energy-agency-breach.aspx?utm_source=feedly
ENISA Report Outlines Incidents Causing Major Outages at Telcos | SecurityWeek.Com
http://www.securityweek.com/enisa-report-outlines-incidents-causing-major-outages-telcos?

Enjoy!

Semper Fi,

謝謝
紅龍

Cyber Threat SA for 20AUG2013

Good Tuesday morning Folks –

Much cyber news and situational awareness(SA) to take note of today…of mention is the extensive plan by the People’s Republic of China to increase bandwidth to consumers throughout the Middle Kingdom…Apple & Samsung get no love in China…Corruption in China’s State Owned Enterprise (SOE) China Mobile…

We also have a few stories on the Islamic Republic of Iran’s cyber plans and methodologies…ph yes, don’t forget about North Korean and Pakistan too.., for a complete discussion on the nation states – you really should view and apply to join their respective LinkedIn discussion Groups….
http://www.linkedin.com/groups/Iranian-Cyber-Warfare-4217323?trk=myg_ugrp_ovr and http://www.linkedin.com/groups/North-Korean-Cyber-Warfare-4223285?trk=myg_ugrp_ovr….

Enjoy tomorrow’s cyber news today…

Cyber – the good, the bad and the bug-free
http://www.nato.int/docu/review/2013/Cyber/EN/

中國人民共和國

China’s Report on US Military Cyber Troop Strength
http://goo.gl/0ouvjn
Broadband blueprint to facilitate China’s economic restructuring – Xinhua | English.news.cn |
http://news.xinhuanet.com/english/indepth/2013-08/19/c_132643900.htm
BEIJING: People’s Republic of China in big push against opinion-leading blogs – Technology
http://www.miamiherald.com/2013/08/19/3571859/china-in-big-push-against-opinion.html
Chang meets Hagel for Sino-US Pentagon talks
http://www.scmp.com/news/china/article/1297773/chang-meets-hagel-sino-us-pentagon-talks
Pacifying the Maoists
http://www.economist.com/blogs/analects/2013/08/bo-xilai-s-trial
Chinese Politiks…Blasts from the past
http://www.economist.com/blogs/analects/2013/08/chinese-politics
Degrees of Uncertainty in the People’s Republic of China’s Future –
http://english.caixin.com/2013-08-17/100571121.html

People’s Republic of China’s Huawei offends Pakistan with independence day message
http://www.techinasia.com/huawei-steps-political-minefield-independence-day-message-pakistan/?\
Yahoo’s email service is now closed in People’s Republic of China
http://www.techinasia.com/yahoo-china-email-service-now-shut/?
This new startup connects developers with China’s multitude of Android app stores
Significant cyber avenues of approach…

http://www.techinasia.com/appinchina-distributes-apps-to-top-china-android-app-stores/?
Philippines, Taiwan Conflict Results in Cyber Firefight | Analysis Intelligence
http://analysisintelligence.com/cyber-defense/philippines-taiwan-cyberwar/
China Steps Up Anti-Monopoly Probe in Oil and Telecom中国掀反垄断风暴 央企无豁免权_财经频道_一财网
http://www.yicai.com/news/2013/08/2942628.html
Another China Mobile Exec Investigated on Suspicion of Corruption –
http://english.caixin.com/2013-08-19/100571515.html
People’s Republic of China’s Alibaba Buys Stake in U.S. Online Vendor 阿里巴巴投资美国电商 “国际化”增加估值_财经频道_一财网
http://www.yicai.com/news/2013/08/2948460.html
People’s Republic of China’s Lenovo Continues Inexorable Rise Towards World Domination
http://www.ibtimes.co.uk/articles/499290/20130815/lenovo-continues-inexorable-rise-towards-world-domination.htm
Chinese consumers losing interest in Apple and Nokia and turn to Samsung and domestic brands
http://www.phonearena.com/news/Chinese-consumers-losing-interest-in-Apple-and-Nokia-and-turn-to-Samsung-and-domestic-brands_id46531?
Baidu Deal May Reduce App Piracy in the People’s Republic of China
http://www.nytimes.com/2013/08/19/business/global/baidu-deal-may-reduce-app-piracy-in-china.html?
US probes JP Morgan China staff
http://www.bbc.co.uk/news/business-23750199

Liaoning will serve as the commanding ship of PLA Navy:…
http://www.wantchinatimes.com/news-subclass-cnt.aspx?id=20130819000007&cid=1101

Not Really Made in China (or the United States)
http://economix.blogs.nytimes.com/2013/08/19/not-really-made-in-china-or-the-united-states/?

Cyber Security in South Korea: The Threat Within
http://thediplomat.com/2013/08/19/cyber-security-in-south-korea-the-threat-within/?all=true

Blogs begin to play a prominent political role | Russia
http://rbth.ru/politics/2013/08/19/blogs_begin_to_play_a_prominent_political_role_29015.html

MTNL’s Mumbai website hacked by Pakistani hacker:
http://www.ibtimes.co.in/articles/499648/20130817/mtnl-website-cyber-attack-pakistan-hacker-india.htm

The Convenient Timing of Iran-Linked Hacker Operations | Analysis…
http://analysisintelligence.com/cyber-defense/iran-linked-cyber-teams/?
Iran’s Top Diplomat to Take Key Nuclear Complex Post |
http://www.nti.org/gsn/article/irans-top-diplomat-takes-key-nuclear-post/
CIA Confirms Role in 1953 Iran Coup
Documents Provide New Details on Mosaddeq Overthrow and Its Aftermath
http://www2.gwu.edu/~nsarchiv/NSAEBB/NSAEBB435/

Al-Qaida Members Seen Using Chat Rooms to Plan Attacks |
http://www.nti.org/gsn/article/al-qaida-members-seen-using-chat-rooms-plan-attacks/

U.S. Dept. of Energy reports second security breach
http://www.csoonline.com/article/738230/u.s.-dept.-of-energy-reports-second-security-breach?
U.S. power plants, utilities face growing cyber vulnerability
http://www.homelandsecuritynewswire.com/dr20130819-u-s-power-plants-utilities-face-growing-cyber-vulnerability
Cyber security economics like a Ponzi scheme: Gartner
http://www.techworld.com.au/article/524067/cyber_security_economics_like_ponzi_scheme_gartner/?
ZeuS-P2P internals – understanding the mechanics: a technical report
http://www.cert.pl/news/7386/langswitch_lang/en
A Closer Look: Perkele Android Malware Kit — Krebs on Security
http://krebsonsecurity.com/2013/08/a-closer-look-perkele-android-malware-kit/
DIY automatic cybercrime-friendly ‘redirectors generating’ service spotted in the wild
http://blog.webroot.com/2013/08/19/diy-automatic-cybercrime-friendly-redirectors-generating-service-spotted-in-the-wild/

Enjoy!

Semper Fi,

謝謝
紅龍

Cyber Situational Awareness (SA) for 6AUG2013

Good day Folks;

Below are series of very interesting and relevant cyber situational articles for reading and study.

Please pay particular attention to an uptick in the news regarding two of the People’s Republic of China’s significant State Owned Enterprises (SOE) Huawei and Lenovo…

The Diversified Employment of China’s Armed Forces
http://goo.gl/kN10J8
People’s Republic of China’s C919 commercial jet to have maiden flight in 2015|
Hey Airbus & Boeing, these are not the airframe copies you are looking for…

http://www.wantchinatimes.com/news-subclass-cnt.aspx?id=20130806000083&cid=1102
Wiki reboot: Chinese Wikipedia makes comeback after early censorship
A censorship blackout lost Chinese Wikipedia many of its users. Now a new generation of mainland volunteers is resuscitating the site

http://www.scmp.com/lifestyle/arts-culture/article/1293878/wiki-reboot-chinese-wikipedia-makes-comeback-after-early
Is the People’s Republic of China’s vast Web monitoring actually helping to grow democracy?
http://www.washingtonpost.com/blogs/worldviews/wp/2013/08/05/is-chinas-vast-web-monitoring-actually-helping-to-grow-democracy/
People’s Republic of China’s Ministry of Truth: Worse Than the Soviet Union
WAR IS PEACE • FREEDOM IS SLAVERY • IGNORANCE IS STRENGTH

Ministry of Truth: Worse Than the Soviet Union


People’s Daily chief moves to State Council Information Office
http://www.wantchinatimes.com/news-subclass-cnt.aspx?cid=1601&MainCatID=16&id=20130512000014
Lu Wei, People’s Republic of China’s new internet chief
http://www.wantchinatimes.com/news-subclass-cnt.aspx?cid=1601&MainCatID=16&id=20130513000005
‘Father of Great Firewall’ steps down from Beijing university|
http://www.wantchinatimes.com/news-subclass-cnt.aspx?id=20130719000080&cid=1601
People’s Republic of China: Internet playing a major role in US military strategy|
http://www.wantchinatimes.com/news-subclass-cnt.aspx?cid=1501&MainCatID=15&id=20130620000124
French Gvmt Report Warns of Money Laundering by Chinese, Russians in Wine Deals-Caijing
http://english.caijing.com.cn/2013-08-06/113135788.html
AirSea Battle, A2/AD and the Offense-Defense Balance
http://thediplomat.com/flashpoints-blog/2013/08/06/airsea-battle-a2ad-and-the-offense-defense-balance/?all=true
Decoding Xi Jinping’s ‘China Dream’
http://www.csmonitor.com/World/Asia-Pacific/2013/0726/Decoding-Xi-Jinping-s-China-Dream
People’s Republic of China’s Huawei $44 Million Connection Between Pakistan & China; Will it Be Censored?
http://www.techinasia.com/huawei-lay-44-million-fiberoptic-cableconnecting-pakistan-china/?
Despite spy raps, Filipino DepEd taking China computers from People’s Republic of China’s Huawei

Despite spy raps, DepEd taking China computers


India…Foreign vendors (HUAWEI) won’t share design details of telecom equipment
http://www.thehindu.com/news/national/foreign-vendors-wont-share-design-details-of-telecom-equipment/article4993082.ece
US a high-risk place for data theft, second only to People’s Republic of China, say German companies
http://www.wired.co.uk/news/archive/2013-08/06/germany-fears-us-surveillance

Where Hackers and Spooks Mingle
Seeking to Boost Their Ranks, Government-Security Experts Try to Woo Tech-Minded Rebels at Two Vegas Conferences

http://online.wsj.com/article/SB10001424127887323420604578648401799914658.html
Companies ‘not aware’ of being hacked
http://www.news24.com/Technology/News/Companies-not-aware-of-being-hacked-20130802

New cyber range promotes cyber warfare…in Hawaii, closer to the People’s Republic of China…
http://www.kaleo.org/news/new-cyber-range-promotes-cyber-security/article_fea371f2-fd7b-11e2-8312-0019bb30f31a.html

The Future of US Cyber Command
http://rpdefense.over-blog.com/the-future-of-us-cyber-command

NSA Revelations Hurt Collaboration With Hackers Who Now Feel Betrayed
http://www.businessinsider.com/nsa-revelations-hurt-collaboration-with-hackers-who-now-feel-betrayed-2013-8?
XKeyscore a ‘God-terminal’ into Internet | Germany | DW.DE | 03.08.2013
http://www.dw.de/xkeyscore-a-god-terminal-into-internet/a-16994780

Feds Are Suspects in New Malware That Attacks Tor Anonymity | Threat Level |
http://www.wired.com/threatlevel/2013/08/freedom-hosting/

Triangle universities strengthen cybersecurity as hackers grow bolder | Technology |
http://www.newsobserver.com/2013/08/04/3081674/triangle-universities-strengthen.html
Hacker’s Mysterious Death Prompts Concerns About Pacemakers
http://www.wtma.com/common/more.php?m=58&ts=1375709704&article=A5AE5E8FFDCF11E286DEFEFDADE6840A&mode=2
Malicious Bank of America (BofA) ‘Statement of Expenses’ themed emails lead to client-side exploits and malware
http://blog.webroot.com/2013/08/06/malicious-bank-of-america-bofa-statement-of-expenses-themed-emails-lead-to-client-side-exploits-and-malware/
Anatomy of a cryptographic oracle – understanding (and mitigating) the BREACH attack
http://nakedsecurity.sophos.com/2013/08/06/anatomy-of-a-cryptographic-oracle-understanding-and-mitigating-the-breach-attack/?
Freedom Hosting arrest and takedown linked to Tor privacy compromise
http://nakedsecurity.sophos.com/2013/08/05/freedom-hosting-arrest-and-takedown-linked-to-tor-privacy-compromise/?

Inside Japan’s invisible army
http://tech.fortune.cnn.com/2013/08/05/inside-japans-invisible-army/

The Dangers of a Sensationalist Portrayal of Veterans

Enjoy!

Semper Fi;

謝謝
紅龍

New threats: Unknown Cyber Threats & APT according to InfoSec Researchers in the Peoples’s Republic of China 新型威胁:未知威胁与APT 中華人民共和國

 New threats: Unknown Cyber Threats & APT according to InfoSec Researchers in the Peoples’s Republic of China 新型威胁:未知威胁与APT 中華人民共和國

 http://www.vulnhunt.com/nextgen/apt/

Good day folks;

Here’s an article about how information security researchers within the People’s Republic of China, 中華人民共和國 define ‘Unknown Cyber Threats & the innocuous Western term “APT”.

Enjoy!

Semper Fi,

謝謝您

紅龍

 

安全威胁近些年来发生巨大的变化,黑客攻击从传统带有恶作剧与技术炫耀性质逐步转变为利益化、商业化。为了突破传统的安全防御方法,一种名为APT的攻击迅速发展起来。APT是advanced persistent threat的缩写,译为高级持续性威胁。它是指近年来,专业且有组织的黑客(甚至可能有国家背景支持),针对重要目标和系统发起的一种攻击手段。

APT的主要特征:

 持续性: 攻击者为了重要的目标长时间持续攻击直到攻破为止。攻击成功用上一年到三年,攻击成功后持续潜伏五年到十年的案例都有。这种持续性攻击下,让攻击完全处于动态发展之中,而当前我们的防护体系都是强调静态对抗能力很少有防护者有动态对抗能力,因此防护者或许能挡住一时的攻击,但随时间的发展,系统不断有新的漏洞被发现,防御体系也会存在一定的空窗期:比如设备升级、应用需要的兼容性测试环境等等,最终导致系统的失守。

终端性: 攻击者虽然针对的是重要的资产目标,但是入手点却是终端为主。再重要的目标,也是由终端的人来访问的。而人在一个大型组织里,是难以保证所有人的安全能力与安全意识都处于一个很高水准之上的。而做好每个人的终端防护比服务器端防护要困难很多。通过SQL注射攻击了WEB服务器,一般也是希望利用他攻击使用这些WEB服务器的终端用户作为跳板渗透进内网。

广谱信息收集性: 攻击者会花上很长的时间和资源,依靠互联网搜集,主动扫描,甚至真实物理访问方式,收集被攻击目标的信息,主要包括:组织架构,人际关系,常用软件,常用防御策略与产品,内部网络部署等信息。

针对性: 攻击者会针对收集到的常用软件,常用防御策略与产品,内部网络部署等信息,搭建专门的环境,用于寻找有针对性安全漏洞,测试特定的木马是否能饶过检测。

未知性: 攻击者依据找到的针对性安全漏洞,特别是0DAY,根据应用本身构造专门的触发攻击的代码。并编写符合自己攻击目标,但能饶过现有防护者检测体系的特种木马。这些0DAY漏洞和特种木马,都是防护者或防护体系所不知道的。

渗透性社工: 攻击者为了让被攻击者目标更容易信任,往往会先从被攻击者目标容易信任的对象着手,比如攻击一个被攻击者目标的电脑小白好友或家人,或者被攻击者目标使用的内部论坛,通过他们的身份再对组织内的被攻击者目标发起0DAY攻击,成功率会高很多。再利用组织内的已被攻击成功的身份再去渗透攻击他的上级,逐步拿到对核心资产有访问权限的目标。

隐蔽合法性: 攻击者访问到重要资产后,往往通过控制的客户端,分布使用合法加密的数据通道,将信息窃取出来,以饶过我们的审计和异常检测的防护。

长期潜伏与控制: 攻击者长期控制重要目标获取的利益更大。一般都会长期潜伏下来,控制和窃取重要目标。当然也不排除在关键时候破坏型爆发。

从以上特性来看,可以获得如下结论

APT攻击的成本很高(专业的团队,长期的信息收集,挖掘0DAY和利用,特马,环境测试,渗透性社工与潜伏,多种检测对抗),因此只适合专业的网络犯罪团伙或有组织和国家支持的特种攻击团队

因此APT攻击是针对有重要价值资产或重要战略意义的目标,一般军工、能源、金融、军事、政府、重要高科技企业等最容易遭受APT攻击。

虽然普通网民不会遭受APT攻击的眷顾,但是如果你是APT攻击目标组织的一名普通员工甚至只是与APT攻击目标组织的一名普通员工是好友或亲戚关系,你依然可能成为APT攻击的中间跳板,当然作为普通个人,APT攻击本身不会窃走你个人什么东西(你本身就是重要人物如组织中的高级管理人员或个人主机里保存有重要资料的除外)。

不要以为你重要的信息资产只在内网甚至物理隔离就能不遭受APT攻击,因为即使物理阻止了网络层流,也阻止不了逻辑上的信息流。RSA被APT攻击利用FLASH 0DAY偷走了在内网严密保护的SECURID令牌种子,震网利用7个0DAY和摆渡成功渗透进了伊朗核设施级的物理隔离网络。

 New threats: unknown threats and APT

Security threats change dramatically in recent years, with a mischievous hacker attacks from the traditional sports and technology gradually changed the nature of the interests and commercialization. In order to break through the traditional method of security and defense, called APT attacks developed rapidly. APT is the advanced persistent threat acronym, translated advanced persistent threats. It refers to recent years, professional and organized hackers (and may even have national context support), an important goal and system for initiating a means of attack.

APT main features:

 

Sustainability: an important target for attackers continued to attack until a long break so far. A successful attack to spend one to three years, a successful attack lurking five to ten years after the last case has. This persistent attack, the attacker completely dynamically evolving, and the current emphasis of our protection system are rarely static protective ability against those who have the dynamic ability to fight, so those who may be able to block the protective moment of attack, but with the time of development, the system constantly new vulnerabilities are discovered, there will still be some defense system window period: for example, equipment upgrades, application compatibility testing environment and so require, eventually leading to the fall of the system.

Terminal resistance: Although the attacker is an important asset for a goal, but starting point is the main terminal. Further important objective, but also by people to access the terminal. And people in a large organization, it is difficult to ensure the safety of all ability and safety awareness are at a very high level above. And do everyone’s terminal protective than the server-side protection to be much more difficult. SQL injection attacks via the WEB server, are generally hoping to use him against the use of these WEB server as a springboard to penetrate into the end-user within the network.

Broad spectrum of information collection: the attacker will take a long time and resources, relying on the Internet to collect, active scanning, and even real physical access, to collect information about the target to be attacked, including: organizational structure, interpersonal relationships, commonly used software, common defense strategy and products, internal network deployment and other information.

Targeted: The attacker will be collected from the commonly used software for commonly used defense strategy and products, internal network deployment and other information, to build a dedicated environment for finding security vulnerabilities targeted to test whether a particular Trojan bypass detection.

Unknown sex: the attacker targeted basis to find security vulnerabilities, especially 0DAY, depending on the application itself is constructed of specialized trigger an attack code. And prepared in line with their targets, but it can bypass the existing system of special protection by detecting Trojans. These 0DAY loopholes and special Trojans, are protective or protective system does not know.

Permeability social workers: the attacker to allow an attacker to target more likely to trust, they tend to start with the easy confidence by attackers target object to proceed, such as attacking a target computer to be attacked by white friends or family, or the attacker targets Using the internal forum, through their identity and then the organization launched by attackers target 0DAY attack, the success rate would be much higher. Re-use within the organization’s identity has been successful attack penetration attacks his superiors to go step by step to get to the core assets have access goals.

Covert Legitimacy: the attacker access to critical assets, often through the control of the client, using the legitimate distribution of encrypted data channel, the information to steal out to bypass our audit and anomaly detection protection.

Long-term potential and control: an attacker to obtain long-term control of the interests of more important goals. Usually long-simmering down, control and steal important goals. Of course, does not rule out sabotage outbreak at a critical time.

From the point of view the above characteristics, the following conclusions can be obtained

APT attack is costly (professional team, long-term information gathering, mining and utilization 0DAY, Tema, environmental testing, permeability and latent social workers, a variety of detection confrontation) is intended only for professional or organized cybercrime gangs and national support team special attack

Therefore APT attacks are of great value for the asset or strategically important objectives, general military, energy, finance, military, government, and other key high-tech enterprise most vulnerable to APT attacks.

While ordinary users will not suffer APT attacks attention, but if you are APT attacks target tissue or even just an ordinary employee organization with APT attack targets a general staff are friends or relatives, you are still likely to be in the middle of APT attack springboard, of course, as an ordinary person, APT attack itself will not steal your personal anything (such as your own is an important figure in the senior management of the organization or individual host inside except the preservation of important data).

Do not think you important information assets are physically isolated from the internal network can not even suffer APT attacks because even if the physical network layer prevents flow logically can stop the flow of information. RSA APT attacks use FLASH 0DAY was stolen including network closely guarded SECURID token seed, Stuxnet and ferry use 7 0DAY successful penetration into the Iranian nuclear facility-level physical isolation network.

http://www.vulnhunt.com/nextgen/apt/

Cyber Situational Awareness (SA)…People’s Republic of Hacking, Cybercrime and so much more….

Good day Folks;

Today’s post about Cyber Situational Awareness (SA)…includes the People’s Republic of Hacking, Cybercrime and so much more….please particular attention to China’s Number One State Owned Enterprise (SOE), Huawei…they cannot seem to get out of their own way when comes to cyber espionage and claims of compromise…
Another story of note is the post about a Chinese Professor teaching Offensive Security…discovered this interesting gem from a French website in Ghana…go figure…
Finally – way at the bottom is a post about BLACKHAT 2013…if you dare read that far…

Enjoy!

People’s Republic of China’s Huawei Strikes Back at Ex-CIA Head
http://blogs.wsj.com/chinarealtime/2013/08/01/huawei-strikes-back-at-ex-cia-head/?mod=WSJBlog
In-Depth: People’s Republic of China’s Huawei Strikes Back at Ex-CIA Head
http://blogs.wsj.com/digits/2013/08/01/huawei-strikes-back-at-ex-cia-head-2/
People’s Republic of Chain’s Huawei hunting Australian ICT companies
http://www.itwire.com/it-policy-news/govenrment-tech-policy/60958-huawei-hunting-australian-ict-companies
The Real U.S.-People’s Republic of Chinese Cyber Problem | The National Interest
http://nationalinterest.org/commentary/the-real-us-chinese-cyber-problem-8796

Offensive Cyber Security taught by Chinese Professor….
Taught by a Chinese professor – learn Offensive Cyber Security from the Master….Prof. Xiuwen Liu (homepage: http://www.cs.fsu.edu/~liux/)

http://www.cs.fsu.edu/~redwood/OffensiveSecurity/
Why Chinese Companies Should Take the Rest of the World Seriously
http://www.techinasia.com/sina-weibos-failure-chinese-companies-rest-world/?
People’s Republic of China – Hong Kong Technical Hub Number 1
http://www.techinasia.com/hong-kong-chinas-number-tech-hub-infographic/

Mail from the (Velvet) Cybercrime Underground — Krebs on Security
http://krebsonsecurity.com/2013/07/mail-from-the-velvet-cybercrime-underground/
A 30 Year-Old Hacker Just Cursed At The Most Powerful Man In Global Surveillance
http://www.businessinsider.com/keith-alexander-gets-heckled-at-black-hat-2013-7
5 scariest cybersecurity threats @ BlackHat DEFCON…
http://www.cbsnews.com/8301-205_162-57596263/5-scariest-cybersecurity-threats-at-black-hat-defcon/
NSA XKeyscore Tool ‘Could Crack VPNs And Expose The Anonymous’
http://www.techweekeurope.co.uk/news/nsa-xkeyscore-vpn-cracking-123499?
NSA chief: Snooping is crucial to fighting terrorism
http://www.cnn.com/2013/07/31/tech/web/nsa-alexander-black-hat/index.html
Ex-USAF Chief Scientist Likens U.S. Cybersecurity Challenge to Whac-A-Mole: Scientific American |
http://www.scientificamerican.com/article.cfm?id=usaf-cybersecurity-drones-qa-maybury

Britain ‘Not Winning War on Cyber Crime’ MPs Warn
http://www.ibtimes.co.uk/articles/495541/20130730/britain-winning-cyber-crime-war-home-affairs.htm
UK report: Banks let e-criminals pinch gobs of money underneath the law’s nose |
http://nakedsecurity.sophos.com/2013/07/30/uk-report-banks-let-e-criminals-pinch-gobs-of-money-underneath-the-laws-nose/?

Ghana Government develops cyber security policy |
http://www.modernghana.com/news/478715/1/government-develops-cyber-security-policy.html

Syrian Electronic Army Hacks Major Communications Websites
http://www.fireeye.com/blog/technical/cyber-exploits/2013/07/syrian-electronic-army-hacks-major-communications-websites.html?
Cyber Jihadists, State Department Now In Full-Blown Twitter War
http://thecable.foreignpolicy.com/posts/2013/07/29/jihadis_ape_state_department#.UfgW1Rss8CI.twitter

2013 BLACKHAT Presentations….
https://www.blackhat.com/us-13/archives.html#Healey

Semper Fi;

謝謝
紅龍