Unit

now browsing by tag

 
 

#childpredator | Predators among us: TTPS to launch sexual offences unit | Local News | #parenting | #parenting | #kids

Predators are among us! In the last week alone, more than 10 cases of sexual assault against minors were heard in the courts and today, two more men were expected […] View full post on National Cyber Security

#nationalcybersecuritymonth | The Web’s Bot Containment Unit Needs Your Help — Krebs on Security

Source: National Cyber Security – Produced By Gregory Evans

Anyone who’s seen the 1984 hit movie Ghostbusters likely recalls the pivotal scene where a government bureaucrat orders the shutdown of the ghost containment unit, effectively unleashing a pent-up phantom menace on New York City. Now, something similar is in danger of happening in cyberspace: Shadowserver.org, an all-volunteer nonprofit organization that works to help Internet service providers (ISPs) identify and quarantine malware infections and botnets, has lost its longtime primary source of funding.

Image: Ghostbusters.

Shadowserver provides free daily live feeds of information about systems that are either infected with bot malware or are in danger of being infected to more than 4,600 ISPs and to 107 national computer emergency response teams (CERTs) in 136 countries. In addition, it has aided the FBI and other nations’ federal law enforcement officials in “sinkholing” domain names used to control the operations of far-flung malware empires.

In computer security lexicon, a sinkhole is basically a way of redirecting malicious Internet traffic so that it can be captured and analyzed by experts and/or law enforcement officials. Typically, a sinkhole is set up in tandem with some kind of legal action designed to wrest control over key resources powering a malware network.

Some of these interventions involving ShadowServer have been documented here, including the Avalanche spam botnet takedown, the Rustock botnet takeover, the Gameover malware botnet seizure, and the Nitol botnet sneak attack. Last week, Shadowserver was instrumental in helping Microsoft kneecap the Necurs malware network, one of the world’s largest spam and malware botnets.

https://krebsonsecurity.com/

Image: Shadowserver.org

Sinkholing allows researchers to assume control over a malware network’s domains, while redirecting any traffic flowing to those systems to a server the researchers control. As long as good guys control the sinkholed domains, none of the infected computers can receive instructions about how to harm themselves or others online.

And Shadowserver has time and again been the trusted partner when national law enforcement agencies needed someone to manage the technical side of things while people with guns and badges seized hard drives at the affected ISPs and hosting providers.

But very recently, Shadowserver got the news that the company which has primarily funded its operations for more than 15 years, networking giant Cisco Systems Inc., opted to stop providing that support.

Cisco declined to respond to questions about why it withdrew funding. But it did say the company was exploring the idea of supporting the organization as part of a broader support effort by others in the technology industry going forward.

“Cisco supports the evolution of Shadowserver to an industry alliance enabling many organizations to contribute and grow the capabilities of this important organization,” the company said in a written statement. “Cisco is proud of its long history as a Shadowserver supporter and will explore future involvement as the alliance takes shape.”

To make matters worse, Shadowserver has been told it needs to migrate its data center to a new location by May 15, a chore the organization reckons will cost somewhere in the neighborhood of $400,000.

“Millions of malware infected victims all over the world, who are currently being sinkholed and protected from cybercriminal control ​by Shadowserver, may lose that critical protection – just at the time when governments and businesses are being forced to unexpectedly stretch their corporate security perimeters and allow staff to work from home on their own, potentially unmanaged devices, and the risk of another major Windows worm has increased,” Shadowserver wrote in a blog post published today about their financial plight.

The Shadowserver Foundation currently serves 107 National computer emergency response teams (CERTs) in 136 countries, more than 4,600 vetted network owners and over 90% of the Internet, primarily by giving them free daily network reports.

“These reports notify our constituents ​about millions of misconfigured, compromised, infected or abusable devices for remediation every day,” Shadowserver explained.

The group is exploring several options for self-funding, but Shadowserver Director Richard Perlotto says the organization will likely depend on a tiered “alliance” funding model, where multiple entities provide financial support.

“Many national CERTs have been getting our data for free for years, but most of these organizations have no money and we never charged them because Cisco paid the bill,” Perlotto said. “The problem for Shadowserver is we don’t blog about our accomplishments very frequently and we operate pretty quietly. But now that we need to do funding it’s a different story.”

Perlotto said while Shadowserver’s data is extremely valuable, the organization took a stance long ago that it would never sell victim data.

“This does not mean that we are anti-commercial sector activities – we definitely believe that there are huge opportunities for innovation, for product development, and to sell cyber security services,” he said. “Shadowserver does not seek to compete with commercial vendors, or disrupt their business models. But we do fundamentally believe that no-one should have to pay to find out that they have been a victim of cybercrime.”

Most immediately, Shadowserver needs to raise approximately $400,000 by the end of this month to manage the migration of its 1,300+ servers out of Cisco’s California data center into a new facility.

Anyone interested in supporting that migration effort can do so directly here; Shadowserver’s contact page is here.

Update 10:46 a.m., ET: Added comment from Cisco.



Tags: Cisco Systems, Richard Perlotto, Shadowserver Foundation

Source link

The post #nationalcybersecuritymonth | The Web’s Bot Containment Unit Needs Your Help — Krebs on Security appeared first on National Cyber Security.

View full post on National Cyber Security

Measurement, Data, and Infographics with Growth Creatures: STEAM Unit

Have you used infographics with your students? If you teach any math or science standards related to graphing or analyzing data, they are a perfect way to incorporate visual arts standards to take instruction to […]

The post Measurement, Data, and Infographics with Growth Creatures: STEAM Unit appeared first on EducationCloset.

View full post on EducationCloset







#pso #htcs #b4inc

Read More

The post Measurement, Data, and Infographics with Growth Creatures: STEAM Unit appeared first on Parent Security Online.

View full post on Parent Security Online

STEAM Integration Unit: Joyful Noise Poems for 2 Voices

Music and poetry have a natural connection, and they are explored together in the brand new unit, Joyful Noise. In this unit, students are challenged in the area of reading fluency. Each poem in the […]

The post STEAM Integration Unit: Joyful Noise Poems for 2 Voices appeared first on EducationCloset.

View full post on EducationCloset







#pso #htcs #b4inc

Read More

The post STEAM Integration Unit: Joyful Noise Poems for 2 Voices appeared first on Parent Security Online.

View full post on Parent Security Online

Mandalas Music and Math STEAM Unit

When we talk about arts integration and STEAM, sometimes we forget that integration can (and should!) happen between fine arts areas too.  We spend so much time thinking about standards that naturally connect across the […]

The post Mandalas Music and Math STEAM Unit appeared first on EducationCloset.

View full post on EducationCloset







#pso #htcs #b4inc

Read More

The post Mandalas Music and Math STEAM Unit appeared first on Parent Security Online.

View full post on Parent Security Online

San Diego Sheriff’s Sexual Assault Unit Makes Two Arrests At Mar Vista High

Child-Abuse-Prevention-Month

The San Diego Sheriff’s Sexual Assault Unit has arrested Martin Albert Gallegos, a 48-year-old ROTC substitute teacher at Mar Vista High School on five counts of sexual conduct with a minor – a female student who is a senior at the school on Saturday, April 9.
On April 8, a Sheriff’s School Resource Officer was notified of the incident and authorities believe the relationship had been going on for a few weeks. An investigation confirmed Gallegos had a relationship with the student.
Gallegos was arrested and booked into the San Diego Central Jail. He has posted bail and his court date is set for April 19, 2016.

Read More

The post San Diego Sheriff’s Sexual Assault Unit Makes Two Arrests At Mar Vista High appeared first on Parent Security Online.

View full post on Parent Security Online

1.5 million customer data for sale online as Verizon’s anti-data breach unit hacked

Source: National Cyber Security – Produced By Gregory Evans

Headline grabbing hacks such as Sony and Talk Talk previously had both personal and corporate data increasingly at risk as these companies failed to keep personal information secure. Last week, hackers stole contact information of business customers of Verizon’s B2B unit, Verizon Enterprise Solutions. Verizon’s B2B unit provides cybersecurity solutions and consulting to a majority of the Fortune 500 companies. It is popular for its annual Data Breach Investigations Report, also known as DBIR in the industry. Verizon said that an attacker exploited a security vulnerability in its enterprise client portal to steal the contact information of 1.5 million enterprise customers. Verizon’s B2B unit provides cybersecurity solutions and consulting to a majority of the Fortune 500 companies. It is popular for its annual Data Breach Investigations Report, also known as DBIR in the industry. KrebsOnSecurity, which first broke this news, reported that since Verizon Enterprise reportedly works with 99 percent of Fortune 500 companies, so many of those enterprises could find themselves the victims of targeted attacks or phishing scams. The post on KrebsOnSecurity finds Verizon admitting that it had identified a security flaw that had allowed hackers to gain access to customer contact information. The company said that that […]

The post 1.5 million customer data for sale online as Verizon’s anti-data breach unit hacked appeared first on National Cyber Security.

View full post on National Cyber Security

China’s Elite Hacking Unit Disappeared Inexplicably

The company that helped uncover major online security breaches from China last year says exposing the hackers had the effect of shutting them down — at least temporarily.

Last year, the New York Times reported on what it believed to be an elite Chinese military unit that had been sitting on its networks, quietly spying on it and countless other U.S. companies. The news kicked off months’ worth of debate about America’s exposure to cyberattack.

The unit, labeled as “Advanced Persistent Threat 1” or APT1 by the independent security firm Mandiant, usually communicates with the malware it has installed in various targets year-round.
According to a new report from Mandiant published on Thursday, APT1 ceased virtually all its activity in early 2013.

An unusual behavior for this group was compared to previous years. And found an abnormal pattern compared to other threats Mandiant tracks and that it says are based in China.

After the Times report, this advanced persistent threat didn’t stop its activities for more than a couple months. If anything, its command and control communications seemed to intensify in late summer last year compared to previous years.

“This is actually fascinating evidence (data in graphs by Mandiant) that shows that you have an adaptive adversary,” said Allan Friedman, a cybersecurity scholar at George Washington University. “If we interpret this as a fairly complete sample, then it looks like they shut down things as soon as this information was published.”

That’s supported by another finding in the Mandiant report showing that APT1 abruptly changed the IP addresses it was using to access its malware when Mandiant issued its own profile on the hacking unit.

The drop in activity may also suggest that “naming and shaming” by the United States is a viable tactic, said Jason Healey, a cyber-scholar at the Washington-based Atlantic Council.
What’s still unclear is who arranged the change in behavior. It’s possible that higher-ups in the Chinese government were not aware of what APT1 was doing, said Friedman. If that’s the case, he said, then upon seeing the U.S. reports, Beijing may have called down to stop the activity because it didn’t serve China’s strategic mission. But Friedman adds there’s also a chance that APT1’s espionage was part of an officially sanctioned program, and that when APT1 was detected, its tactics changed simply to limit the Chinese government’s exposure to criticism.

Source: http://whogothack.blogspot.co.uk/2014/04/chinas-elite-hacking-unit-disappeared.html#.VjPpffmqqko

The post China’s Elite Hacking Unit Disappeared Inexplicably appeared first on Am I Hacker Proof.

View full post on Am I Hacker Proof

State forms campus rape unit

New York State Police plan to assign 12 senior investigators to help campus and local police statewide deal with college date rapes under the state’s new consent law. Superintendent Joseph D’Amico said Wednesday that the new victims unit will also employ nurse examiners as consultants to ensure evidence is properly documented and collected and cases are promptly investigated. Read More….

The post State forms campus rape unit appeared first on Dating Scams 101.

View full post on Dating Scams 101

CellAntenna announces new high power RF Multiband Remote Unit for use in mobile phone jamming and managed access applicationsNational Cyber Security

nationalcybersecurity.com – DDOS Attack OnDead www.valentimgentil.sp.gov.br HAGING By DreamerS Meu site: http://d3f4c3rbr.esy.es/f1/f1/ —————————————————-TAGS——————————… #gregoryevans #HTCS #PSO #B4Inc As people streamed out …

View full post on Hi-Tech Crime Solutions Daily