Old School Google Hacking Still Works…

Did some old school Google hacking last night.

“Filetype:xls & terms” still finds too much bad stuff.

Check for it lately for your organization?

Try other file types too. (doc/ppt/pdf/rtf, etc.)

Information leakage happens today, as it always has. Keeping an eye on it should be a part of your security program.

A Reminder About the IoT Future…

This article has been making the rounds about a researcher who has developed a tool set that can turn a Mattel toy into a “magic” garage door opener for most garage doors. The uses of opening someone else’s garage doors seem pretty obvious, so we will leave that to the reader….

But, this is an excellent moment to pause and discuss what happens when so many things in and around our lives become Internet connected, remotely managed or “smart”. Today, it seems everything from door locks, to watches and from refrigerators to toilets are getting embedded digital intelligence. That’s a lot of hackable stuff in your life. 

I have been doing some research on beacon technology recently, and how they are being used to track consumer behaviors. I have been working with some clients that use TigerTrax™ to track consumer data and some of that work is simply amazing. As vendor knowledge seeps into your home and everyday life, even more impacts, privacy issues (and lets face it…) cool features will emerge. The problem with all of these things is that they are a double edged sword. Attackers can use them too. They can be manipulated, mis-used, invasive, infected and some can be outright dangerous (consider refrigerator malware….). 

Once again, technology is becoming ubiquitous. It offers both benefits and some things to consider. My point here is just to consider both sides of that coin the next time you face a buying decision. The world, and you, could benefit from more privacy consideration at the point of purchase… 🙂 

Hacktivism on the Rise

With all of the attention to the Ferguson case and the new issues around the public response to the New York Police Department Grand Jury verdict, your organization should expect to be extra vigilant if you have any connection to these events. This could include supply chain/vendor relationships, locations or even staff members speaking out publicly about the issues. 

Pay careful attention to remote access logs, egress traffic and malware detections during the ongoing social focus on these issues and press coverage.

As always, if MSI can be of assistance to you in any security incident, please don’t hesitate to let us know! 

Federal Hacking Laws – Some Pointers

We wanted to close out this series by pulling together some information for clients on the federal laws (US) surrounding computer intrusion and hacking. Here are some pointers for your consideration:

Internet crime is among the newest and most constantly evolving areas of American law. Although the Internet itself is more than three decades old, greater public usage began in the late 1980s with widespread adoption only following in the 1990s. During that decade the Net was transformed from its modest military and academic roots into a global economic tool, used daily by over 100 million Americans and generating upwards of $100 billion in domestic revenue annually. But as many aspects of business, social, political, and cultural life moved online, so did crime, creating new challenges for lawmakers and law enforcement. 

Crime on the Net takes both old and new forms. The medium has facilitated such traditional offenses as fraud and child pornography. But it has also given rise to unique technological crimes, such as electronic intrusion in the form of hacking and computer viruses. High-speed Internet accounts helped fuel a proliferation of copyright infringement in software, music, and movie piracy. National security is also threatened by the Internet’s potential usefulness for terrorism. Taken together, these crimes have earned a new name: when FBI Director Louis J. Freeh addressed the U.S. Senate in 2000, he used the widely-accepted term “cybercrime. 

Source

Great explanation (dated though – 2006) of Section 18 of the US code and their relevant sections to cybercrime.

The main hacking laws are in the US Computer Fraud and Abuse Act passed in 1986 and has undergone several amendments. 


Based on the history of hacking, computer problems caused as a result of hacking were continuously increasing and like recent times ethical hacking became unpopular because of the notoriety of black hats. What do you think? If these laws weren’t there, ha! Imagine what would have been happening. I like the efforts of the US government on hacking. 

Hacking laws according to the US laws(Computer Fraud and Abuse Act) states, 

Hacking Law 1 

1.Whoever having knowingly accessed a computer without authorization or exceeding authorized access, and by means of such conduct having obtained information that has been determined by the United States Government pursuant to an Executive order or statute to require protection against unauthorized disclosure for reasons of national defense or foreign relations, or any restricted data, as defined in paragraph y of section 11 of the Atomic Energy Act of 1954, with reason to believe that such information so obtained could be used to the injury of the United States, or to the advantage of any foreign nation, willfully communicates, delivers, transmits, or causes to be communicated, delivered, or transmitted, or attempts to communicate, deliver, transmit or cause to be communicated, delivered, or transmitted the same to any person not entitled to receive it, or willfully retains the same and fails to deliver it to the officer or employee of the United States entitled to receive it; 

Hacking Law 2 

2.Intentionally accesses a computer without authorization or exceeds authorized access, and thereby obtains– 

Information contained in a financial record of a financial institution, or of a card issuer as defined in section 1602(n) of title 15, or contained in a file of a consumer reporting agency on a consumer, as such terms are defined in the Fair Credit Reporting Act (15 U.S.C. 1681 et seq.); 

B.Information from any department or agency of the United States; or 

C. Information from any protected computer if the conduct involved an interstate or foreign communication;

Hacking law 3 

3. Intentionally, without authorization to access any nonpublic computer of a department or agency of the United States, accesses such a computer of that department or agency that is exclusively for the use of the Government of the United States or, in the case of a computer not exclusively for such use, is used by or for the Government of the United States and such conduct affects that use by or for the Government of the United States; 

hacking law 4 

4 Knowingly and with intent to defraud, accesses a protected computer without authorization, or exceeds authorized access, and by means of such conduct furthers the intended fraud and obtains anything of value, unless the object of the fraud and the thing obtained consists only of the use of the computer and the value of such use is not more than $5,000 in any 1-year period; 

A.Knowingly causes the transmission of a program, information, code, or command, and as a result of such conduct, intentionally causes damage without authorization, to a protected computer; 

B. Intentionally accesses a protected computer without authorization, and as a result of such conduct, recklessly causes damage; or 

C. Intentionally accesses a protected computer without authorization, and as a result of such conduct, causes damage;

Source

Reporting Cyber-Crimes:

Every day, criminals are invading countless homes and offices across the nation—not by breaking down windows and doors, but by breaking into laptops, personal computers, and wireless devices via hacks and bits of malicious code. 

The collective impact is staggering. Billions of dollars are lost every year repairing systems hit by such attacks. Some take down vital systems, disrupting and sometimes disabling the work of hospitals, banks, and 9-1-1 services around the country. 

Who is behind such attacks? It runs the gamut—from computer geeks looking for bragging rights…to businesses trying to gain an upper hand in the marketplace by hacking competitor websites, from rings of criminals wanting to steal your personal information and sell it on black markets…to spies and terrorists looking to rob our nation of vital information or launch cyber strikes. 

Today, these computer intrusion cases—counterterrorism, counterintelligence, and criminal—are the paramount priorities of our cyber program because of their potential relationship to national security. 

Combating the threat. In recent years, we’ve built a whole new set of technological and investigative capabilities and partnerships—so we’re as comfortable chasing outlaws in cyberspace as we are down back alleys and across continents. That includes: 

A Cyber Division at FBI Headquarters “to address cyber crime in a coordinated and cohesive manner”; 

Specially trained cyber squads at FBI headquarters and in each of our 56 field offices, staffed with “agents and analysts who protect against investigate computer intrusions, theft of intellectual property and personal information, child pornography and exploitation, and online fraud”; 

New Cyber Action Teams that “travel around the world on a moment’s notice to assist in computer intrusion cases” and that “gather vital intelligence that helps us identify the cyber crimes that are most dangerous to our national security and to our economy;” 

Our 93 Computer Crimes Task Forces nationwide that “combine state-of-the-art technology and the resources of our federal, state, and local counterparts”; 

A growing partnership with other federal agencies, including the Department of Defense, the Department of Homeland Security, and others—which share similar concerns and resolve in combating cyber crime.

Source

How to Report Computer Hackers 

Many computer users fall prey to hackers and the crimes they perpetrate on unsuspecting individuals and companies. If a crime occurs in your home or business, it’s not difficult to report the computer hacker. 

Determine which agency has jurisdiction over the crime. This will depend upon whether the crime was committed at your home or at your business, and the address of that particular location. If you live within city limits, the proper agency will generally be a police department in your town. If you live outside the city limits, within the county, contact your local sheriff’s office. 

Call the non-emergency phone number for your local police department or sheriff’s office to report the crime. Ask to speak with someone in the detective’s division about an Internet crime.

Source

Reporting Computer Hacking, Fraud and Other Internet-Related Crime 

The primary federal law enforcement agencies that investigate domestic crime on the Internet include: the Federal Bureau of Investigation (FBI), the United States Secret Service, the United States Immigration and Customs Enforcement (ICE) , the United States Postal Inspection Service, and the Bureau of Alcohol, Tobacco and Firearms (ATF) . Each of these agencies has offices conveniently located in every state to which crimes may be reported. Contact information regarding these local offices may be found in local telephone directories. In general, federal crime may be reported to the local office of an appropriate law enforcement agency by a telephone call and by requesting the “Duty Complaint Agent.” 
Each law enforcement agency also has a headquarters (HQ) in Washington, D.C., which has agents who specialize in particular areas. For example, the FBI and the U.S. Secret Service both have headquarters-based specialists in computer intrusion (i.e., computer hacker) cases.

Ohio Laws Around Hacking

We are often asked for specific details of the legal issues surrounding hacking, computer intrusion and other criminal acts around infosec. Specifically, many of our Ohio clients ask for specific pointers. As such, similarly to what we did a couple of weeks ago with regard to child pornography, here is some vital information about the topic.

Computer hacking in Ohio falls under unauthorized use of property. Generally this is a misdemeanor of the 4th degree. If the hacking is for the purpose of obtaining property or services and the loss is under $1000 it is a 1st degree misdemeanor. Losses between $1,000-$7,500 it is a 5th degree felony, between $7,500-$150,000 it is a 4th degree felony and over $150,000 it is a 3rd degree felony. If the victim is elderly or disabled, then computer hacking is automatically at least a 5th degree felony, depending on the circumstances. 

This information is directly from the Ohio state government website and should be the most up to date info available.

Statute 2909.04 also has a section on computer intrusion and hacking, prohibiting the aforementioned activities in so far as they may interfere with the ability of public services or emergency response.

This information was obtained here.

To report instances of computer intrusion in Ohio, citizens are directed to contact their local law enforcement/sheriff’s office. In addition, citizens and organizations should also consider notifying the Federal Bureau of Investigation (FBI), as federal laws are also likely to apply. You can contact the FBI directly through a variety of methods detailed here. 

(NOTE: MSI is not providing legal advice of any kind, consult your attorney or council for legal advice. This material is simply meant to be a pointer for education. MSI is NOT qualified to offer legal advice under any circumstance.)

Hello from DayCon!

I have spent some time this week at DayCon in Dayton, Ohio. This is a small hacker conference, with attendance by invitation only. This year the event was focused on attack sources, emerging trends and new insights into the cutting edge of dealing with cyber-crime across many vertical markets and countries.

I speak later today, and I am focusing on the history of cyber-crime, the crime stream, the criminal value chain and how information coalesces before an attack. I look forward to my talk, especially given how engaged the crowd has been thus far with the other speakers. The hallway conversations have been great! 

Lots of variety in the speakers here, with professors, researchers, hackers and even some ICS/SCADA folks in attendance. Lots of good insights floating around and even a few new product ideas!

I’d highly suggest you check out DayCon next year.

PS – Also, looking at the calendar, we are prepping for DerbyCon next week. Come out and see us there. I will be speaking on the Stolen Data Impact Model (SDIM) project and other topics. Plus, as usual, we will be haunting the halls and swinging from the rafters! 🙂 See you in Louisville! 

Wednesday Cyber SA 21AUG2013 – TREMENDOUS Amount of News!

Good Wednesday Morning Fans of Cyber Mania News…

Lots of cyber related news out of the People’s Republic of China today – ENISA & NIST sound off, Islamic Republic of Iran has some noteworthy items and of course the token Russia Cyber story for the cyber fan from Leeds, UK…enjoy!

People’s Republic of China denies role in cyber-attacks on United States; Claim themselves victim of hacking – The Economic Times
http://economictimes.indiatimes.com/tech/internet/china-denies-role-in-cyber-attacks-on-united-states-claim-themselves-victim-of-hacking/articleshow/21931101.cms
Beijing’s Rising Hacker Stars…How Does Mother China React?
http://fmso.leavenworth.army.mil/documents/Beijings-rising-hackers.pdf

People’s Republic of China monitors online chatter as users threaten state hold on the internet
http://www.theguardian.com/world/2013/aug/20/china-internet-listening-citizens-views
Chinese lawyers targeted as Xi Jinping tightens control – Telegraph
http://www.telegraph.co.uk/news/worldnews/asia/china/10254632/Chinese-lawyers-targeted-as-Xi-Jinping-tightens-control.html
Xue Manzi: How Chinese social media can be a force for good
http://www.danwei.com/xue-manzi-how-chinese-social-media-can-be-a-force-for-good/

Chinese Man Who Offered To Install “Hacker” software is arrested 男子给网吧提供“黑客”软件 获刑三年罚金十万-资讯-黑基安全网
http://www.hackbase.com/news/2013-08-20/116340.html

Conflict Breeds Cyber Attacks | Analysis Intelligence
http://analysisintelligence.com/cyber-defense/conflict-breeds-cyber-attacks/?
Mapped: The 7 Governments the U.S. Has Overthrown – By J. Dana Stuster
http://www.foreignpolicy.com/articles/2013/08/19/map_7_confirmed_cia_backed_coups?page=full

PLA (中國人民解放軍)advancing laser weapons program|
http://www.wantchinatimes.com/news-subclass-cnt.aspx?id=20130820000102&cid=1101
中國人民解放軍 (PLA) Lanzhou MAC organizes confrontation training – People’s Daily Online
http://english.people.com.cn/90786/8370233.html
More college students applying for entry into the military, Zhao Shengnan reports in Beijing.
http://english.peopledaily.com.cn/90786/8368846.html
Hagel, Chinese Defense Minister Commit To Cooperation But Tensions Clear
http://breakingdefense.com/2013/08/19/hagel-pla-leader-commit-to-cooperation-but-tensions-clear/?
People’s Republic of China, U.S. agree on new steps to enhance military cooperation – People’s Daily Online
http://english.peopledaily.com.cn/90786/8370788.html
US, People’s Republic of China (中華人民共和國) agree on new ways to enhance military cooperation|
http://www.wantchinatimes.com/news-subclass-cnt.aspx?id=20130820000123&cid=1101
Advance toward new type of China-U.S. mil-to-mil relations – People’s Daily Online
http://english.peopledaily.com.cn/90786/8370960.html
Chinese professor warns of “democracy trap” – Xinhua | English.news.cn
http://news.xinhuanet.com/english/indepth/2013-08/20/c_132646879.htm

People’s Republic of China, U.S. Ink Deal to Counter Illicit Atomic Trafficking | GSN | NTI
http://www.nti.org/gsn/article/us-inks-multiple-deals-counter-illicit-atomic-trafficking/
Chinese shipbuilder reveals breakthrough technology – Xinhua | English.news.cn
http://news.xinhuanet.com/english/china/2013-08/20/c_132646180.htm
CNOOC Gas undertakes China’s first floating LNG project – Xinhua | English.news.cn
http://news.xinhuanet.com/english/china/2013-08/15/c_132633910.htm
People’s Republic of China’s Huawei And Security: The Bigger Picture
http://www.crn.com/news/networking/240160101/huawei-and-security-the-bigger-picture.htm?
People’s Republic of China’s Huawei Exec: We Need To Be A Better Communicator
http://www.crn.com/news/networking/240160097/huawei-exec-we-need-to-be-a-better-communicator.htm?

3 reasons Baidu is aiming high in Indonesia
http://www.techinasia.com/3-reasons-why-baidu-expanding-indonesia/?

Business Insider’s Reporting on the (中華人民共和國) People’s Republic of China
http://blog.hiddenharmonies.org/2013/08/business-insiders-reporting-on-china/
JPMorgan Chase Hit With China Bribery Probe
http://www.thenewamerican.com/economy/sectors/item/16360-jpmorgan-chase-hit-with-china-bribery-probe

Apple iPad market share plummets in China as domestic vendors grow
http://www.computerworld.com/s/article/9241731/Apple_iPad_market_share_plummets_in_China_as_domestic_vendors_grow?
Apple said to be close to 4G deal with China Mobile|
http://www.wantchinatimes.com/news-subclass-cnt.aspx?cid=1204&MainCatID=12&id=20130816000097
Commentary: Well-behaved int’l firms welcomed in the People’s Republic of China – Xinhua | English.news.cn
http://news.xinhuanet.com/english/indepth/2013-08/19/c_132643309.htm
Xinhua Insight: Police reveal details of GSK China’s alleged violations – Xinhua | English.news.cn
http://news.xinhuanet.com/english/indepth/2013-07/26/c_132574386.htm

Why is China so Afraid of a Small Protest?
http://thediplomat.com/china-power/why-is-china-so-afraid-of-a-small-protest/?
With Bo Xilai on Trial, China Adopts Chongqing Model
http://thediplomat.com/china-power/with-bo-xilai-on-trial-china-adopts-chongqing-model/?

Russia Setting up Cyber Warfare Unit Under Military
http://www.ibtimes.co.uk/articles/500220/20130820/russia-cyber-war-hack-moscow-military-snowden.htm#!

Iran Trains Students to Target Drones |
http://defensetech.org/2013/08/19/iran-trains-students-to-target-drones/
Three Major Al-Qaida Forums Disrupted by DDOS Attack
http://news.softpedia.com/news/Three-Major-Al-Qaida-Forums-Disrupted-by-DDOS-Attack-376443.shtml

Digital Dao: The Cyber Kill Chain: Trademarked by Lockheed Martin?
Lockheed Martin is just angry they did not receive a $ SIX BEEELIION Cyber Contract from Uncle Sam…C’mon guys your background check would have caught the traitor Booz Allen Hamilton gave the world 🙂

http://jeffreycarr.blogspot.com/2013/08/the-cyber-kill-chain-trademarked-by.html

Infosecurity… Major Media Organizations Still Vulnerable Despite High Profile Hacks |
http://www.infosecurity-us.com/view/34043/infosecurity-exclusive-major-media-organizations-still-vulnerable-despite-high-profile-hacks/
Countering Advanced Persistent Threats with Comprehensive Network Security
http://www.infosecisland.com/blogview/23351-Countering-Advanced-Persistent-Threats-with-Comprehensive-Network-Security-.html
Total Defense | Blog | The cyber-attacks transformation
http://www.totaldefense.com/blogs/2013/08/19/the-cyber-attacks-transformation.aspx?
Angry Kitten…Electronic Warfare Development Targets Fully Adaptive Threat Response Technology
http://www.gatech.edu/newsroom/release.html?nid=228881

Thinking Differently: Unlocking the Human Domain in Support of the 21st Century Intelligence Mission | Small Wars Journal
http://smallwarsjournal.com/jrnl/art/thinking-differently-unlocking-the-human-domain-in-support-of-the-21st-century-intelligence

NIST Updates Patching and Malware Avoidance Guides
http://www.infosecurity-us.com/view/34070/nist-updates-patching-and-malware-avoidance-guides/
Thousands affected in US Energy agency breach
http://www.scmagazine.com.au/News/354011,thousands-affected-in-us-energy-agency-breach.aspx?utm_source=feedly
ENISA Report Outlines Incidents Causing Major Outages at Telcos | SecurityWeek.Com
http://www.securityweek.com/enisa-report-outlines-incidents-causing-major-outages-telcos?

Enjoy!

Semper Fi,

謝謝
紅龍

People’s Republic of China Cyber Situation Awareness for 7 AUG 2013

Good day folks;

Today’s edition of the People’s Republic of China Cyber Situation Awareness for 7 AUG 2013 includes some very interesting tidbits on the more claims of Intellectual Property theft by Chinese State Owned Enterprises…Sinovel for example…stay tuned for some interesting analysis regarding the world’s largest wind farm in Panama and the ties to the People’s Republic of China via the good ‘ol USA…

People’s Republic of China SOE SINOVEL, paid insider ‘to kill my company…’ 謝謝您, @zenrandom 紅龍
http://investigations.nbcnews.com/_news/2013/08/06/19566531-chinese-firm-paid-insider-to-kill-my-company-american-ceo-says#comments
Chinese Comment Crew caught taking over a fake Water Plant
http://securityaffairs.co/wordpress/16961/hacking/chinese-comment-crew-caught-taking-over-a-fake-water-plant.html
Flipboard is Now Blocked In China, But Chinese Edition Of App Is Left Unmolested
http://www.techinasia.com/china-great-firewall-blocks-flipboard/?
People’s Republic of China’s evolution on North Korea…”…No more petulance or obstinate behaviour…”
http://koreajoongangdaily.joins.com/news/article/article.aspx?aid=2975673
Is the People’s Republic of China a challenge to the existing international order? |
http://www.opendemocracy.net/openglobalrights/jiangnan-zhu/is-china-challenge-to-existing-international-order
People’s Republic of China funding development of Gwadar Port in Pakistan
http://www.dnaindia.com/india/1871210/report-china-funding-development-of-gwadar-port-in-pakistan-antony
Fighting corruption in the People’s Republic of China backfires by driving resistance
http://www.chinapost.com.tw/commentary/the-china-post/frank-ching/2013/08/07/385770/Fighting-corruption.htm
People’s Republic of China’s Huawei recruiting City workers for new London finance centre
http://www.computerworlduk.com/news/it-business/3462369/huawei-recruiting-city-workers-for-new-london-finance-centre/
China’s People’s Daily continues attack on US constitution
http://www.scmp.com/news/china/article/1294861/peoples-daily-continues-attack-us-constitution

Cybercrime as a Service
http://resources.infosecinstitute.com/cybercrime-as-a-service/

Enjoy Folks!

Semper Fi –

謝謝

紅龍

Cyber Situational Awareness (SA) for 6AUG2013

Good day Folks;

Below are series of very interesting and relevant cyber situational articles for reading and study.

Please pay particular attention to an uptick in the news regarding two of the People’s Republic of China’s significant State Owned Enterprises (SOE) Huawei and Lenovo…

The Diversified Employment of China’s Armed Forces
http://goo.gl/kN10J8
People’s Republic of China’s C919 commercial jet to have maiden flight in 2015|
Hey Airbus & Boeing, these are not the airframe copies you are looking for…

http://www.wantchinatimes.com/news-subclass-cnt.aspx?id=20130806000083&cid=1102
Wiki reboot: Chinese Wikipedia makes comeback after early censorship
A censorship blackout lost Chinese Wikipedia many of its users. Now a new generation of mainland volunteers is resuscitating the site

http://www.scmp.com/lifestyle/arts-culture/article/1293878/wiki-reboot-chinese-wikipedia-makes-comeback-after-early
Is the People’s Republic of China’s vast Web monitoring actually helping to grow democracy?
http://www.washingtonpost.com/blogs/worldviews/wp/2013/08/05/is-chinas-vast-web-monitoring-actually-helping-to-grow-democracy/
People’s Republic of China’s Ministry of Truth: Worse Than the Soviet Union
WAR IS PEACE • FREEDOM IS SLAVERY • IGNORANCE IS STRENGTH

Ministry of Truth: Worse Than the Soviet Union


People’s Daily chief moves to State Council Information Office
http://www.wantchinatimes.com/news-subclass-cnt.aspx?cid=1601&MainCatID=16&id=20130512000014
Lu Wei, People’s Republic of China’s new internet chief
http://www.wantchinatimes.com/news-subclass-cnt.aspx?cid=1601&MainCatID=16&id=20130513000005
‘Father of Great Firewall’ steps down from Beijing university|
http://www.wantchinatimes.com/news-subclass-cnt.aspx?id=20130719000080&cid=1601
People’s Republic of China: Internet playing a major role in US military strategy|
http://www.wantchinatimes.com/news-subclass-cnt.aspx?cid=1501&MainCatID=15&id=20130620000124
French Gvmt Report Warns of Money Laundering by Chinese, Russians in Wine Deals-Caijing
http://english.caijing.com.cn/2013-08-06/113135788.html
AirSea Battle, A2/AD and the Offense-Defense Balance
http://thediplomat.com/flashpoints-blog/2013/08/06/airsea-battle-a2ad-and-the-offense-defense-balance/?all=true
Decoding Xi Jinping’s ‘China Dream’
http://www.csmonitor.com/World/Asia-Pacific/2013/0726/Decoding-Xi-Jinping-s-China-Dream
People’s Republic of China’s Huawei $44 Million Connection Between Pakistan & China; Will it Be Censored?
http://www.techinasia.com/huawei-lay-44-million-fiberoptic-cableconnecting-pakistan-china/?
Despite spy raps, Filipino DepEd taking China computers from People’s Republic of China’s Huawei

Despite spy raps, DepEd taking China computers


India…Foreign vendors (HUAWEI) won’t share design details of telecom equipment
http://www.thehindu.com/news/national/foreign-vendors-wont-share-design-details-of-telecom-equipment/article4993082.ece
US a high-risk place for data theft, second only to People’s Republic of China, say German companies
http://www.wired.co.uk/news/archive/2013-08/06/germany-fears-us-surveillance

Where Hackers and Spooks Mingle
Seeking to Boost Their Ranks, Government-Security Experts Try to Woo Tech-Minded Rebels at Two Vegas Conferences

http://online.wsj.com/article/SB10001424127887323420604578648401799914658.html
Companies ‘not aware’ of being hacked
http://www.news24.com/Technology/News/Companies-not-aware-of-being-hacked-20130802

New cyber range promotes cyber warfare…in Hawaii, closer to the People’s Republic of China…
http://www.kaleo.org/news/new-cyber-range-promotes-cyber-security/article_fea371f2-fd7b-11e2-8312-0019bb30f31a.html

The Future of US Cyber Command
http://rpdefense.over-blog.com/the-future-of-us-cyber-command

NSA Revelations Hurt Collaboration With Hackers Who Now Feel Betrayed
http://www.businessinsider.com/nsa-revelations-hurt-collaboration-with-hackers-who-now-feel-betrayed-2013-8?
XKeyscore a ‘God-terminal’ into Internet | Germany | DW.DE | 03.08.2013
http://www.dw.de/xkeyscore-a-god-terminal-into-internet/a-16994780

Feds Are Suspects in New Malware That Attacks Tor Anonymity | Threat Level |
http://www.wired.com/threatlevel/2013/08/freedom-hosting/

Triangle universities strengthen cybersecurity as hackers grow bolder | Technology |
http://www.newsobserver.com/2013/08/04/3081674/triangle-universities-strengthen.html
Hacker’s Mysterious Death Prompts Concerns About Pacemakers
http://www.wtma.com/common/more.php?m=58&ts=1375709704&article=A5AE5E8FFDCF11E286DEFEFDADE6840A&mode=2
Malicious Bank of America (BofA) ‘Statement of Expenses’ themed emails lead to client-side exploits and malware
http://blog.webroot.com/2013/08/06/malicious-bank-of-america-bofa-statement-of-expenses-themed-emails-lead-to-client-side-exploits-and-malware/
Anatomy of a cryptographic oracle – understanding (and mitigating) the BREACH attack
http://nakedsecurity.sophos.com/2013/08/06/anatomy-of-a-cryptographic-oracle-understanding-and-mitigating-the-breach-attack/?
Freedom Hosting arrest and takedown linked to Tor privacy compromise
http://nakedsecurity.sophos.com/2013/08/05/freedom-hosting-arrest-and-takedown-linked-to-tor-privacy-compromise/?

Inside Japan’s invisible army
http://tech.fortune.cnn.com/2013/08/05/inside-japans-invisible-army/

The Dangers of a Sensationalist Portrayal of Veterans

Enjoy!

Semper Fi;

謝謝
紅龍

Cyber Threat Situational Awareness for 09JUL2013

Good Day Folks;

Below is a short list of some of the latest stories you need to be aware of to maintain & improve your Cyber Threat Situational Awareness for today,09JUL2013…

矽對海洋和平,帕拉戰爭 or in Latin…Si vis pacem, para bellum…

Talking Cyberthreat With the People’s Republic of China

http://www.nytimes.com/2013/07/10/opinion/global/talking-cyberthreat-with-china.html?_r=0

Traitor Snowden revelations imperil cyber hacking talks with People’s Republic of China |

http://www.intellasia.net/snowden-revelations-imperil-cyber-hacking-talks-with-china-292273

Patriot hacker ‘The Jester’ attacks nations offering Snowden help

http://www.theregister.co.uk/2013/07/04/patriot_hacker_takes_aim_snowden_asylum_candidates/

South Korea Attackers ‘Pierced Military Networks’
Same crew that hit TV stations and banks managed to get malware onto military networks


http://www.techweekeurope.co.uk/news/mcafee-south-korea-attackers-military-hacks-121219?

Dissecting operation Troy: Cyberespionage in South Korea
http://www.net-security.org/article.php?id=1861
How Cybercriminals Operate — Dark Reading
A look at cybercriminal motives, resources, and processes — and how they may affect enterprise defense


http://www.darkreading.com/perimeter/how-cybercriminals-operate/240157738

Iran Planning Cyber Drills
http://english.farsnews.com/newstext.aspx?nn=13920415000930
US agency baffled by modern technology, destroys mice to get rid of viruses
The US Economic Development Administration (EDA) is an agency in the Department of Commerce takes a cyber threat property destruction lesson from the German Government 🙂 “…$170,000 of PCs, printers, keyboards, cameras, and mice destroyed in gross overreaction.”


http://arstechnica.com/information-technology/2013/07/us-agency-baffled-by-modern-technology-destroys-mice-to-get-rid-of-viruses/

Across Europe, Nations Mold Cyber Defenses

http://www.defensenews.com/article/20130709/DEFREG01/307090008/Across-Europe-Nations-Mold-Cyber-Defenses

Enjoy!

Semper Fi…

謝謝紅龍

Sign up for updates from MSI: http://eepurl.com/dk1PE