Less

now browsing by tag

 
 

Chinese #Hacking Efforts More #Strategic, Less #Noisy

Source: National Cyber Security – Produced By Gregory Evans

Chinese #Hacking Efforts More #Strategic, Less #Noisy

Chinese hackers, once some of the most careless and noisy hackers around, have become very careful and much more strategic at choosing the targets they go after.

The prototype of the Chinese hacker is well documented in the cyber-security industry. Chinese actors hack whatever they can, grab whatever they can, and sift through the data after the fact.

They also don’t care about stealth, rarely hide their tracks, and operate based on a set of general instructions that trickle down through a convoluted network of state agencies and private companies.

Nation-state cyber operations have been going on since the mid-90s, but it was only after the appearance of Chinese actors in the early 2000s that people started to pay more attention to the world of cyber-espionage.

While Russian and US groups were focusing on carrying out secret operations, putting most of their efforts in remaining hidden, Chinese hackers came like a flood and drove a truck through the front door with no regard to getting detected.

In fact, the term APT (advanced persistent threat) that is now used to describe hacker groups believed to be operating at orders and under the protection of local governments, initially stood for Asia-Pacific Threat, mainly because of the onslaught of Chinese hacks at the start of the 2000s.

US-China pact had a temporary effect on Chinese hacking operations

Their clumsiness and noisy actions eventually landed China at odds with the US, and political tensions rose so much that in the autumn of 2015, Chinese and US authorities had to meet and sign a mutual pact where neither government would “conduct or knowingly support cyber-enabled theft of intellectual property.”

The pact effectively limited nation-state hacking between the two countries to intelligence gathering operations only.

This agreement had an immediate result and after six months, cyber-security firm FireEye noted that the pact and a series of military reforms had visibly slowed down’s China’s cyber-espionage operations.

In reality, Chinese hackers didn’t stop hacking, but just started choosing their targets more carefully.

Chinese hackers become more careful

Instead of driving a truck through the front door, Chinese hacker groups started to pick locks and operate in the shadows.

For example, the clever hack and poisoning of the CCleaner app is believed to have been carried out by a Chinese APT codenamed Axiom. And let’s not forget the well-planned hacks of cloud providers so Chinese hackers could silently reach into organizations’ internal networks.

“There was indeed a decrease in activity of Chinese APTs following the pact,” Tom Hegel, Senior Threat Researcher at 401TRG, told Bleeping Computer.

“They became more strategic and operate with improved tactics since then,” Hegel added. “They were once very noisy with little care for operational security. These days it’s more strategically controlled.”

Three reports detail new Chinese hacking operations

This is why it’s so rare and most likely a coincidence that we’ve seen three reports released in the past two weeks describing various cyber operations, all linked to China.

“I personally wouldn’t say these reports are a resurgence [of Chinese hacking activity], but rather a continued increase in public reporting and identification,” Hegel said.

The first of these three new reports detailing Chinese APT activity was published last week by RiskIQ. The report details a new remote access trojan named htpRAT that was used against various targets in Laos.

The RAT comes with the ability to log keystrokes, take screenshots, record audio and video from a webcam or computer microphone, install and uninstall programs and manage files. Infrastructure reuse links the group behind this malware with PlugX, the decade-old favorite malware of multiple Chinese APTs.

A second report was released yesterday by Pwc’s cyber-security division. The report highlights new activity from a Chinese APT known as KeyBoy [1, 2], previously dormant for around four years.

The report also highlights a new RAT that can take screenshots, exfiltrate files, and download and run other malware. While previously the group targeted Taiwan, Tibet, and the Philippines, the group is now going after Western organizations. Parys says the group appears to currently be interested in corporate espionage.

Last but not least we have Check Point’s revised report on the IoT_Reaper botnet. New evidence reveals that command and control domains used by Reaper botnet were registered with an email address that is connected to the Black Vine Chinese APT, the group that breached health insurance provider Anthem in 2015.

It’s still a mystery why a cyber-espionage group would be building an IoT botnet. Some could say the group is creating a tool that could be used to launch DDoS attacks against targets the Chinese government would like to silence. Another theory is that Black Vine would use the botnet as a layer of proxies to hide future operations.

All in all, we’re seeing both a curb and maturation of Chinese hacking efforts, some of which can be attributed to the military reforms enforced by President Xi Jinping after he took power in 2012 when he said that government and military elements should stop using state resources for their own agendas.

The post Chinese #Hacking Efforts More #Strategic, Less #Noisy appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Time for a less #hacker-friendly #Social Security system

Source: National Cyber Security – Produced By Gregory Evans

Time for a less #hacker-friendly #Social Security system

Last month’s announcement by Equifax that its consumer-credit database suffered a catastrophic hacking attack meant nearly half of all Americans had their Social Security numbers and vital financial information exposed to theft. The threat of massive-scale identity theft is very real.

Equifax is only the latest of multiple, large-scale data-hacking incidents. It’s time for the federal government to come up with a more secure identification code to protect citizens. That’s not just our assessment; the White House cybersecurity coordinator, Rob Joyce, also has concluded that the Social Security numbering system has “outlived its usefulness.”

Think about your own Social Security number and the hundreds of times you’ve shared it with companies, schools, doctors, government agencies or other institutions that insisted they had a legitimate need for it. Always with the promise to keep it confidential, of course. Older Americans can recall when their Social Security numbers were used on their driver’s license or university IDs. There were those nine digits, for all to see.

Really industrious hackers can find Social Security numbers by accessing old court documents. No one is safe, and it really comes down to whose number hits on the hacking roulette wheel of chance. There has to be a better, more secure way.

“It’s a flawed system,” Joyce told The Washington Post this month. “If you think about it, every time we use the Social Security number you put it at risk. By interacting with it, you’ve given a key piece of information out publicly.”

Joyce wants the government to consider more modern means of providing citizens with a unique identifying code that can be used for transactions but also remain protected from hackers. He calls it a “modern cryptographic identifier.”

The longer the nation delays such an update, the greater the vulnerability we all will face. Right now, anyone who accesses basic information on Facebook or a simple Google search can identify where you grew up. That helps identify where you lived when your Social Security number was issued. That simple information helps reveal the first three digits of your Social Security number because those numbers were assigned geographically.

The last four digits are numbers we all routinely give out when speaking to customer service representatives to straighten out, say, credit card or phone billing questions. So seven of the nine digits already are vulnerable. Programmers have designed a computer algorithm that can accurately guess people’s Social Security numbers 44 percent of the time.

That’s scary. Americans are far too vulnerable. The potential losses from the Equifax breach alone could wind up in the billions of dollars. The cost of modernizing Social Security’s numbering system also wouldn’t be cheap.

Hackers around the world are betting the government will continue delaying and dithering. Sadly, they’re probably right.

The post Time for a less #hacker-friendly #Social Security system appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Hackers have made just 3.7 bitcoin – or less than $10,000 – with the latest cyberattack

Source: National Cyber Security – Produced By Gregory Evans

Those behind the recent cyberattack affecting businesses around Europe have successful received a total of nearly 4 bitcoins, worth around $9621 at today’s price. On Tuesday, reports emerged of a ransomware virus affecting businesses and governments throughout Eastern Europe. Ukraine and Russia have been particularly affected. The malware, which has…

The post Hackers have made just 3.7 bitcoin – or less than $10,000 – with the latest cyberattack appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Looking for love? A poor credit score can make you less attractive in the dating scene.

To Purchase This Product/Services, Go To The Store Link Above Or Go To http://www.become007.com/store/ Forget the power of pheromones. Want to make yourself more attractive to a potential mate? Make sure you have a good credit score. Turns out that having a great credit history …

The post Looking for love? A poor credit score can make you less attractive in the dating scene. appeared first on Become007.com.

View full post on Become007.com

Less than 44% of shipping companies have cyber security plans

Source: National Cyber Security – Produced By Gregory Evans

Cyber Security is one of the hottest topics in shipping at present yet just 43.75% of maritime businesses have a plan in place to tackle the issue. A survey by Sea Asia of ceo’s, chairman and directors of maritime and …

The post Less than 44% of shipping companies have cyber security plans appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

A plus-size dating coach says attraction is less about weight than we think

In a tech-dependent dating culture, where it takes but a swipe to reject someone, single fat women can see the venture of finding love online as incredibly difficult. When couples therapist and fellow plus-size woman Krista Niles discovered a key piece of research on male online daters, she spent a year gaming the algorithm of a popular dating app to ensure fat babes were only matched with fat-preferring or indifferent partners. This is the cornerstone of The Curvy Cupid Course, Niles’ online group course that takes plus-size women step by step through dating via OKCupid. Read More….

The post A plus-size dating coach says attraction is less about weight than we think appeared first on Dating Scams 101.

View full post on Dating Scams 101

Russia May Be Hacking Us More, But China Is Hacking Us Much Less

375_250-cybersecurity

Source: National Cyber Security – Produced By Gregory Evans

Russia May Be Hacking Us More, But China Is Hacking Us Much Less

In a rare bit of good cyber security news, Chinese hacking thefts of American corporate secrets have plummeted in the 13 months since China signed an agreement with the Obama administration to curb economic espionage, U.S. officials and outside experts

The post Russia May Be Hacking Us More, But China Is Hacking Us Much Less appeared first on National Cyber Security.

View full post on National Cyber Security

Schools With Wider Grade Spans Have Less Bullying, N.Y.C. Study Finds – Inside School Research – Education Week

“What’s the only thing worse than being the new kid in 8th grade? Being the new kid in 6th grade.” It’s not a joke; it’s the latest research on how school grade structure affects students.

View full post on Education Week: Bullying







#pso #htcs #b4inc

Read More

The post Schools With Wider Grade Spans Have Less Bullying, N.Y.C. Study Finds – Inside School Research – Education Week appeared first on Parent Security Online.

View full post on Parent Security Online

Schools See Less Crime, Fewer Students Feel Unsafe, Federal Data Show – Rules for Engagement – Education Week

Continuing long trend lines, fewer students report fearing harm at school, and rates of school-based victimization have also declined, the most recent federal data show.

View full post on Education Week: Bullying







#pso #htcs #b4inc

Read More

The post Schools See Less Crime, Fewer Students Feel Unsafe, Federal Data Show – Rules for Engagement – Education Week appeared first on Parent Security Online.

View full post on Parent Security Online

Cornell Researchers Find, Shortened URLs Make File Sharing Less Secure

290x195hacker2

Attackers can search easily through shortened URL services that use only 5 to 7 characters, producing a small search space, making them vulnerable to brute-force hacking, Cornell researchers discovered.

Shortened URLs are convenient for sharing long Web addresses in email messages and through social media, but at the same time, pose a privacy hazard as the URLs produced by popular services are so short they are vulnerable to brute-force searching, a Cornell Tech research effort found.
In a paper published in April, two researchers revealed that the 5- and 6-character URLs produced by popular shortening services could be easily searched to discover sensitive documents inadvisedly shared by their owners. Attackers could scan shortened URLs at a sustained rate of 2.6 lookups every second, and would only have to pay $36,700 to rent the cloud computing time necessary to do so, co-authors Martin Georgiev and Vitaly Shmatikov stated in the report.
The lesson for users is that the obfuscation of a shortened link does not add security, Shmatikov, a professor of computer science at Cornell Tech, told eWEEK via email.
“When you share a short link, you should assume that you are sharing with everybody … whether it’s [a] OneDrive document or driving directions from your home address,” he said. “When cloud services offer users to generate a short link—like OneDrive did until recently—they should warn the users that by generating the link they are making the content public.”
The researchers found more than 70 million URL mappings on Bit.ly and almost 24 million URL mappings on Google Maps through their technique. To study the privacy implications, the researchers focused on Microsoft’s OneDrive cloud storage offering. They found that nearly 20,000 URLs linked to a file or folder on Microsoft’s OneDrive or SkyDrive service. The accounts could be traversed by anyone with the shortened URL who uses a brute-force search, to discover other files on the sharer’s cloud space.
Many of the accounts allowed anyone with the shortened URL to write to the folder, change a file and save it, raising concerns that attackers could embed malware into the files.
The shortening services need to make the URLs at least eight characters to make the space of all possible URLs computationally difficult to search, Shmatikov said.
“Given computing and scanning capabilities available today, eight characters or longer should be reasonably safe for now,” he said.
After Georgiev and Shmatikov notified Google of the security risk, the company increased the number of characters used by the shortened URLs produced by Google Maps to at least 11. eWEEK confirmed that Google Maps currently assigns shortened URLs of 12 characters.
Microsoft, on the other hand, did not acknowledge the weaknesses, but made two changes: It removed the “shorten link” option from OneDrive and blocked the systematic enumeration of files and folders by users with a shortened link, the researchers said.
“The only change in this respect is that having discovered one shared document; it is no longer trivial to discover all other shared documents in the same account since the account traversal methodology described in the paper no longer seems to work,” Shmatikov said.
Cornell Tech is a New York City-based graduate and research institution founded by Cornell University.
Source:http://www.eweek.com/security/shortened-urls-make-file-sharing-less-secure-cornell-researchers-find.html

Related Post

The post Cornell Researchers Find, Shortened URLs Make File Sharing Less Secure appeared first on AmIHackerProof.com.

View full post on AmIHackerProof.com