Lifeboat Foundation: Safeguarding Humanity
Toggle light / dark theme

Blog

Category: cybercrime/malcode – Page 209

America’s Department of Defense (DOD) “coordinates the operational functions of the United States’ nuclear forces with a 1970s computer system that uses 8-inch floppy disks” says a report by the United States Government Accountability Office.

On January 13, US President Barack Obama, speaking at the National Cybersecurity and Communications Integration Center (NCCIC), addressed the issue of cybersecurity, one day after the official Twitter account for the US Central Command (Centcom) was hacked by supporters of the Islamic State.

Read more

“The individuals who do these types of attacks are well aware of the pressure points and pain points, economic-wise,” says Dr. John Hale, a cybersecurity expert at the University of Tulsa. “They know what they can extract, how much they can extract.

“They prey upon two things: an organization’s reliance on information systems and two, the common situation, where an organization is a little bit behind on backup procedures and policies to prevent these types of things. It really is easy pickings for the bad guys.”

Crypto ransomware is designed to encrypt data stored on the computer, making the data useless unless the user obtains the key to decrypt it. A message details the ransom, which is typically paid in digital currencies such as bitcoin. Locker ransomware locks the computer or device’s interface — save for the ability to interact with the hacker — and demands money to restore it.

Read more

Hmmmmm.

“We had analysts crawling all over that,” says Chappell of the Hold Security cache. “Quickly it was clear that a lot of those were from previous breaches.”

Anyone using this tool would have had a rapid assessment of their potential exposure. If breached data turns out to be new, the next task is to understand how it might have ended up in the hands of criminals. There are several sources for breached data including straight database theft but also phishing attacks and malware campaigns, each with its own dynamics and set of business implications.

“Instant responders are in a horrible position. They have to work out whether it [the breach] is genuine or not — Google is not effective,” says Chappell.

Continue reading “Digital Shadows — new tool helps organisations peer inside data breaches” | >

I am glad that D. Whyte recognizes “If quantum computers are developed faster than anticipated, certification would mandate insecure modules, given the time to approve and implement new quantum resistant algorithms. Worse, it is conceivable that data encrypted by a certified module is more vulnerable than data encrypted by a non-certified module that has the option of using a quantum-safe encryption algorithm.”

Because many of us who are researching and developing in this space have seen the development pace accelerated this year and what was looking like we’re 10 years away is now looking like we’re less than 7 years.

Dr. William Whyte, Chief Scientist for Security Innovation, a cybersecurity provider and leader in the 2015 Gartner Magic Quadrant for Security Awareness Training, will be presenting at the Fourth International Cryptographic Module Conference in Ottawa, Ontario.

Read more

Privacy is practically a joke anymore.

A hacker known as “Peace” is selling what is reportedly account information from 117 million LinkedIn users. The stolen data is said to include email addresses and passwords, which a malicious party could use to gain access to other websites and accounts for which people used the same password.

LinkedIn says it has about 433 million members worldwide, so this data could represent 27% of its user base.

The hacker says the credentials were obtained during a LinkedIn data breach in 2012 that saw 6.5 million encrypted passwords posted online, according to Motherboard. But the leak now appears to be much larger than was thought at the time. Peace is selling the data for about $2,200 (5 bitcoin) on the Dark Web, the part of the internet accessible only with a special browser that masks user identities.

Continue reading “A hacker is reportedly selling the stolen emails and passwords of 117 million LinkedIn users” | >

Given the fact that Los Alamos Labs have been and continue to advance cyber security work on the Quantum Internet as well as work in partnerships with other labs and universities; so, why isn’t Mason not collaborating with Los Alamos on developing an improved hacker proof net? Doesn’t look like the most effective and cost efficient approach.

Imagine burglars have targeted your home, but before they break in, you’ve already moved and are safe from harm.

Now apply that premise to protecting a computer network from attack. Hackers try to bring down a network, but critical tasks are a step ahead of them, thanks to complex algorithms. The dreaded “network down” or denial of service message never flashes on your screen.

That’s the basic idea behind new research by George Mason University researchers, who recently landed some $4 million in grants from the Defense Advanced Research Projects Agency (DARPA). George Mason’s researchers are leading an effort that includes Columbia University, Penn State University and BAE Systems.

Continue reading “Mason researchers keep networks moving to stay safe from hacker attacks” | >

In the US we have an old saying “fight fire with fire” and in this case “fight bots with bot/s” It should be noted, having a bot or any type of AI on your network is not necessarily going to prevent 100% of the hacking and Cyber threats today due to the weak connected infrastructure across the net, etc. However, to counter attack the pesky bots that we’re seeing around online ads, click monitoring can be limited by AI.

Roughly half of all Web traffic comes from bots and crawlers, and that’s costing companies a boatload of money.

That’s one finding from a report released Thursday by DeviceAtlas, which makes software to help companies detect the devices being used by visitors to their websites.

Non-human sources accounted for 48 percent of traffic to the sites analyzed for DeviceAtlas’s Q1 Mobile Web Intelligence Report, including legitimate search-engine crawlers as well as automated scrapers and bots generated by hackers, click fraudsters and spammers, the company said.

Continue reading “Half the Web’s traffic comes from bots, and that’s costing you more than you think” | >

CRISPR to take bio- and dirty-bombs to new levels.
Great; however, QC needs to be front and center on this; or, I see a bunch of funding spent on research that will be render useless by the time it goes to market due to the progress in QC.

I truly feel bad for the labs who are having to tests for bio- and dirty-bomb material. Really a dangerous job.

The Defense Advanced Research Projects Agency (DARPA) is looking for research proposals to develop a system that would enable the government and law enforcement to identify the actual individual behind a cyber attack.

The Enhanced Attribution Program proposal is looking to create the technology that would allow not only the collection of data that could pinpoint the perpetrator, but do so in a way that would not put at risk the sources and methods used to find the person or group. From DARPA’s perspective the need for this is quite straightforward.

Continue reading “DARPA looking to develop new technology to ID cybercriminals” | >