Wednesday Cyber SA 21AUG2013 – TREMENDOUS Amount of News!

Good Wednesday Morning Fans of Cyber Mania News…

Lots of cyber related news out of the People’s Republic of China today – ENISA & NIST sound off, Islamic Republic of Iran has some noteworthy items and of course the token Russia Cyber story for the cyber fan from Leeds, UK…enjoy!

People’s Republic of China denies role in cyber-attacks on United States; Claim themselves victim of hacking – The Economic Times
http://economictimes.indiatimes.com/tech/internet/china-denies-role-in-cyber-attacks-on-united-states-claim-themselves-victim-of-hacking/articleshow/21931101.cms
Beijing’s Rising Hacker Stars…How Does Mother China React?
http://fmso.leavenworth.army.mil/documents/Beijings-rising-hackers.pdf

People’s Republic of China monitors online chatter as users threaten state hold on the internet
http://www.theguardian.com/world/2013/aug/20/china-internet-listening-citizens-views
Chinese lawyers targeted as Xi Jinping tightens control – Telegraph
http://www.telegraph.co.uk/news/worldnews/asia/china/10254632/Chinese-lawyers-targeted-as-Xi-Jinping-tightens-control.html
Xue Manzi: How Chinese social media can be a force for good
http://www.danwei.com/xue-manzi-how-chinese-social-media-can-be-a-force-for-good/

Chinese Man Who Offered To Install “Hacker” software is arrested 男子给网吧提供“黑客”软件 获刑三年罚金十万-资讯-黑基安全网
http://www.hackbase.com/news/2013-08-20/116340.html

Conflict Breeds Cyber Attacks | Analysis Intelligence
http://analysisintelligence.com/cyber-defense/conflict-breeds-cyber-attacks/?
Mapped: The 7 Governments the U.S. Has Overthrown – By J. Dana Stuster
http://www.foreignpolicy.com/articles/2013/08/19/map_7_confirmed_cia_backed_coups?page=full

PLA (中國人民解放軍)advancing laser weapons program|
http://www.wantchinatimes.com/news-subclass-cnt.aspx?id=20130820000102&cid=1101
中國人民解放軍 (PLA) Lanzhou MAC organizes confrontation training – People’s Daily Online
http://english.people.com.cn/90786/8370233.html
More college students applying for entry into the military, Zhao Shengnan reports in Beijing.
http://english.peopledaily.com.cn/90786/8368846.html
Hagel, Chinese Defense Minister Commit To Cooperation But Tensions Clear
http://breakingdefense.com/2013/08/19/hagel-pla-leader-commit-to-cooperation-but-tensions-clear/?
People’s Republic of China, U.S. agree on new steps to enhance military cooperation – People’s Daily Online
http://english.peopledaily.com.cn/90786/8370788.html
US, People’s Republic of China (中華人民共和國) agree on new ways to enhance military cooperation|
http://www.wantchinatimes.com/news-subclass-cnt.aspx?id=20130820000123&cid=1101
Advance toward new type of China-U.S. mil-to-mil relations – People’s Daily Online
http://english.peopledaily.com.cn/90786/8370960.html
Chinese professor warns of “democracy trap” – Xinhua | English.news.cn
http://news.xinhuanet.com/english/indepth/2013-08/20/c_132646879.htm

People’s Republic of China, U.S. Ink Deal to Counter Illicit Atomic Trafficking | GSN | NTI
http://www.nti.org/gsn/article/us-inks-multiple-deals-counter-illicit-atomic-trafficking/
Chinese shipbuilder reveals breakthrough technology – Xinhua | English.news.cn
http://news.xinhuanet.com/english/china/2013-08/20/c_132646180.htm
CNOOC Gas undertakes China’s first floating LNG project – Xinhua | English.news.cn
http://news.xinhuanet.com/english/china/2013-08/15/c_132633910.htm
People’s Republic of China’s Huawei And Security: The Bigger Picture
http://www.crn.com/news/networking/240160101/huawei-and-security-the-bigger-picture.htm?
People’s Republic of China’s Huawei Exec: We Need To Be A Better Communicator
http://www.crn.com/news/networking/240160097/huawei-exec-we-need-to-be-a-better-communicator.htm?

3 reasons Baidu is aiming high in Indonesia
http://www.techinasia.com/3-reasons-why-baidu-expanding-indonesia/?

Business Insider’s Reporting on the (中華人民共和國) People’s Republic of China
http://blog.hiddenharmonies.org/2013/08/business-insiders-reporting-on-china/
JPMorgan Chase Hit With China Bribery Probe
http://www.thenewamerican.com/economy/sectors/item/16360-jpmorgan-chase-hit-with-china-bribery-probe

Apple iPad market share plummets in China as domestic vendors grow
http://www.computerworld.com/s/article/9241731/Apple_iPad_market_share_plummets_in_China_as_domestic_vendors_grow?
Apple said to be close to 4G deal with China Mobile|
http://www.wantchinatimes.com/news-subclass-cnt.aspx?cid=1204&MainCatID=12&id=20130816000097
Commentary: Well-behaved int’l firms welcomed in the People’s Republic of China – Xinhua | English.news.cn
http://news.xinhuanet.com/english/indepth/2013-08/19/c_132643309.htm
Xinhua Insight: Police reveal details of GSK China’s alleged violations – Xinhua | English.news.cn
http://news.xinhuanet.com/english/indepth/2013-07/26/c_132574386.htm

Why is China so Afraid of a Small Protest?
http://thediplomat.com/china-power/why-is-china-so-afraid-of-a-small-protest/?
With Bo Xilai on Trial, China Adopts Chongqing Model
http://thediplomat.com/china-power/with-bo-xilai-on-trial-china-adopts-chongqing-model/?

Russia Setting up Cyber Warfare Unit Under Military
http://www.ibtimes.co.uk/articles/500220/20130820/russia-cyber-war-hack-moscow-military-snowden.htm#!

Iran Trains Students to Target Drones |
http://defensetech.org/2013/08/19/iran-trains-students-to-target-drones/
Three Major Al-Qaida Forums Disrupted by DDOS Attack
http://news.softpedia.com/news/Three-Major-Al-Qaida-Forums-Disrupted-by-DDOS-Attack-376443.shtml

Digital Dao: The Cyber Kill Chain: Trademarked by Lockheed Martin?
Lockheed Martin is just angry they did not receive a $ SIX BEEELIION Cyber Contract from Uncle Sam…C’mon guys your background check would have caught the traitor Booz Allen Hamilton gave the world 🙂

http://jeffreycarr.blogspot.com/2013/08/the-cyber-kill-chain-trademarked-by.html

Infosecurity… Major Media Organizations Still Vulnerable Despite High Profile Hacks |
http://www.infosecurity-us.com/view/34043/infosecurity-exclusive-major-media-organizations-still-vulnerable-despite-high-profile-hacks/
Countering Advanced Persistent Threats with Comprehensive Network Security
http://www.infosecisland.com/blogview/23351-Countering-Advanced-Persistent-Threats-with-Comprehensive-Network-Security-.html
Total Defense | Blog | The cyber-attacks transformation
http://www.totaldefense.com/blogs/2013/08/19/the-cyber-attacks-transformation.aspx?
Angry Kitten…Electronic Warfare Development Targets Fully Adaptive Threat Response Technology
http://www.gatech.edu/newsroom/release.html?nid=228881

Thinking Differently: Unlocking the Human Domain in Support of the 21st Century Intelligence Mission | Small Wars Journal
http://smallwarsjournal.com/jrnl/art/thinking-differently-unlocking-the-human-domain-in-support-of-the-21st-century-intelligence

NIST Updates Patching and Malware Avoidance Guides
http://www.infosecurity-us.com/view/34070/nist-updates-patching-and-malware-avoidance-guides/
Thousands affected in US Energy agency breach
http://www.scmagazine.com.au/News/354011,thousands-affected-in-us-energy-agency-breach.aspx?utm_source=feedly
ENISA Report Outlines Incidents Causing Major Outages at Telcos | SecurityWeek.Com
http://www.securityweek.com/enisa-report-outlines-incidents-causing-major-outages-telcos?

Enjoy!

Semper Fi,

謝謝
紅龍

64 Bit OS Reminder for HoneyPoint

Just a quick note to help folks who are using HoneyPoint, regardless of version. If you are having trouble with execution on a 64 bit operating system, remember that HoneyPoint binaries are 32 bit. To run them on 64 bit OS’s, you need ensure that you have the 32 bit compatibility tools installed.

For Windows, read this.

For Ubuntu, read this.

For other operating systems, please consult your operating system vendors’ documentation. If we can be of any assistance, please contact your HoneyPoint support person.

Thanks!

How Honeypots Can Help Safeguard Your Information Systems

 

 

 

 

 

 

 

A honeypot is a trap set to detect or deflect attempts at unauthorized use of information systems. Generally it consists of a computer, data or a network site that appears to be part of a network but which is actually isolated and protected, and which seems to contain information that would be of value to attackers.

It is important to note that honeypots are not a solution in themselves. They are a tool. How much they can help you depends upon what you are trying to achieve.

There are two different types of honeypots: production and research. Production honeypots are typically used by companies and corporations. They’re easy to use and capture only limited information.

Research honeypots are more complex. They capture extensive information, and used primarily by research, military, or government organizations.

The purpose of a production honeypot is to mitigate risk to an organization. It’s part of the larger security strategy to detect threats. The purpose of a research honeypot is to collect data on the blackhat community. They are used to gather the general threats against an organization, enabling the organization to strategize their response and protect their data.

The value of honeypots lies in their simplicity. It’s technology that is intended to be compromised. There is little or no production traffic going to or from the device. This means that any time a connection is sent to the honeypot, it is most likely to be a probe, scan, or even attack. Any time a connection is initiated from the honeypot, this most likely means the honeypot was compromised. As we say about our HoneyPoint Security Server, any traffic going to or from the honeypot is, by definition, suspicious at best, malicious at worst. Now, this is not always the case. Mistakes do happen, such as an incorrect DNS entry or someone from accounting inputting the wrong IP address. But in general, most honeypot traffic represents unauthorized activity. What are the advantages to using honeypots?

  1. Honeypots collect very little data. What they do collect is normally of high value. This eliminates the noise, making it much easier to collect and archive data. One of the greatest problems in security is sifting through gigabytes of useless data to find something meaningful. Honeypots can give users the exact information they need in a quick and easy to understand format.
     
  2. Many security tools can drown in bandwidth usage or activity. NIDs (Network Intrusion Detection devices) may not be able to handle network activity, and important data can fall through the cracks. Centralized log servers may not be able to collect all the system logs, potentially dropping logs. The beauty of honeypots is that they only capture that which comes to them.

Many of our clients swear by our HoneyPoint family of products to help save resources. With its advantages, it’s easy to see why! Leveraging the power of honeypots is an excellent way to safeguard your data.

 

How HoneyPoint Security Server Minimizes Risk For Your Network

If you’re looking for a security tool that goes beyond NIDS, you’re in luck.

MicroSolved’s HoneyPoint Security Server has revolutionized the ease and power of what honeypots can do and be. With the emergence of HoneyPoint Wasp, you can also apply the HoneyPoint magic to your Windows desktops. 

HoneyPoint Wasp monitors your desktops for any new applications it has not seen before (Anomaly Detection). Should Wasp detect new code, the end-user will never see a pop-up alert. Instead, you will be notified and able to quickly take action. Should the notification go without follow-up action, HoneyPoint Wasp assumes the allowed application, and no future notification will be sent to the console (Self-Tuning White Listing).

As you’ll see in a moment, the HoneyPoint Security Server is much more than a mere intrusion detection system.. It’s an underlying framework of rock-solid code that’s been built to achieve three important goals: identify real threats, isolate and tamper with the attacker’s results, and “smart” detection processes that allow you to target attacker availability.

Let’s take a look at each of these goals, and why they matter to what you’re doing online…

Click to continue…