now browsing by tag


#nationalcybersecuritymonth | The Web’s Bot Containment Unit Needs Your Help — Krebs on Security

Source: National Cyber Security – Produced By Gregory Evans

Anyone who’s seen the 1984 hit movie Ghostbusters likely recalls the pivotal scene where a government bureaucrat orders the shutdown of the ghost containment unit, effectively unleashing a pent-up phantom menace on New York City. Now, something similar is in danger of happening in cyberspace: Shadowserver.org, an all-volunteer nonprofit organization that works to help Internet service providers (ISPs) identify and quarantine malware infections and botnets, has lost its longtime primary source of funding.

Image: Ghostbusters.

Shadowserver provides free daily live feeds of information about systems that are either infected with bot malware or are in danger of being infected to more than 4,600 ISPs and to 107 national computer emergency response teams (CERTs) in 136 countries. In addition, it has aided the FBI and other nations’ federal law enforcement officials in “sinkholing” domain names used to control the operations of far-flung malware empires.

In computer security lexicon, a sinkhole is basically a way of redirecting malicious Internet traffic so that it can be captured and analyzed by experts and/or law enforcement officials. Typically, a sinkhole is set up in tandem with some kind of legal action designed to wrest control over key resources powering a malware network.

Some of these interventions involving ShadowServer have been documented here, including the Avalanche spam botnet takedown, the Rustock botnet takeover, the Gameover malware botnet seizure, and the Nitol botnet sneak attack. Last week, Shadowserver was instrumental in helping Microsoft kneecap the Necurs malware network, one of the world’s largest spam and malware botnets.


Image: Shadowserver.org

Sinkholing allows researchers to assume control over a malware network’s domains, while redirecting any traffic flowing to those systems to a server the researchers control. As long as good guys control the sinkholed domains, none of the infected computers can receive instructions about how to harm themselves or others online.

And Shadowserver has time and again been the trusted partner when national law enforcement agencies needed someone to manage the technical side of things while people with guns and badges seized hard drives at the affected ISPs and hosting providers.

But very recently, Shadowserver got the news that the company which has primarily funded its operations for more than 15 years, networking giant Cisco Systems Inc., opted to stop providing that support.

Cisco declined to respond to questions about why it withdrew funding. But it did say the company was exploring the idea of supporting the organization as part of a broader support effort by others in the technology industry going forward.

“Cisco supports the evolution of Shadowserver to an industry alliance enabling many organizations to contribute and grow the capabilities of this important organization,” the company said in a written statement. “Cisco is proud of its long history as a Shadowserver supporter and will explore future involvement as the alliance takes shape.”

To make matters worse, Shadowserver has been told it needs to migrate its data center to a new location by May 15, a chore the organization reckons will cost somewhere in the neighborhood of $400,000.

“Millions of malware infected victims all over the world, who are currently being sinkholed and protected from cybercriminal control ​by Shadowserver, may lose that critical protection – just at the time when governments and businesses are being forced to unexpectedly stretch their corporate security perimeters and allow staff to work from home on their own, potentially unmanaged devices, and the risk of another major Windows worm has increased,” Shadowserver wrote in a blog post published today about their financial plight.

The Shadowserver Foundation currently serves 107 National computer emergency response teams (CERTs) in 136 countries, more than 4,600 vetted network owners and over 90% of the Internet, primarily by giving them free daily network reports.

“These reports notify our constituents ​about millions of misconfigured, compromised, infected or abusable devices for remediation every day,” Shadowserver explained.

The group is exploring several options for self-funding, but Shadowserver Director Richard Perlotto says the organization will likely depend on a tiered “alliance” funding model, where multiple entities provide financial support.

“Many national CERTs have been getting our data for free for years, but most of these organizations have no money and we never charged them because Cisco paid the bill,” Perlotto said. “The problem for Shadowserver is we don’t blog about our accomplishments very frequently and we operate pretty quietly. But now that we need to do funding it’s a different story.”

Perlotto said while Shadowserver’s data is extremely valuable, the organization took a stance long ago that it would never sell victim data.

“This does not mean that we are anti-commercial sector activities – we definitely believe that there are huge opportunities for innovation, for product development, and to sell cyber security services,” he said. “Shadowserver does not seek to compete with commercial vendors, or disrupt their business models. But we do fundamentally believe that no-one should have to pay to find out that they have been a victim of cybercrime.”

Most immediately, Shadowserver needs to raise approximately $400,000 by the end of this month to manage the migration of its 1,300+ servers out of Cisco’s California data center into a new facility.

Anyone interested in supporting that migration effort can do so directly here; Shadowserver’s contact page is here.

Update 10:46 a.m., ET: Added comment from Cisco.

Tags: Cisco Systems, Richard Perlotto, Shadowserver Foundation

Source link

The post #nationalcybersecuritymonth | The Web’s Bot Containment Unit Needs Your Help — Krebs on Security appeared first on National Cyber Security.

View full post on National Cyber Security

#deepweb | Tomás Saraceno spins webs of symbolism at Palazzo Strozzi

Source: National Cyber Security – Produced By Gregory Evans

‘Are you arachnophobic?’ I’m asked before entering ‘Aria’, the new Tomás Saraceno exhibition at Palazzo Strozzi in the heart of Florence. 

The Argentine installation artist known for his environmental concerns has turned the webs of spiders into objects of monumental significance – a way to meditate on the ‘new potentials of urbanism’ in an era of ecological upheaval.

Saraceno is using the exhibition to ask: ‘If spiders could speak our human languages, what would they communicate to us?’

The artist keeps many spiders in his Berlin studio. In large glass tanks, he allows different species, sourced from habitats all over the world, to weave their webs together in unison.

Tomás Saraceno, Aria installation at Palazzo Strozzi, Firenze; Photography: ® Studio Tomás Saraceno 2020

Once these organic, architectural imaginaria are deemed complete, Saraceno carefully douses the webs with light-sensitive dust. In Florence, in an entirely darkened room, the contents of the glass cases are lit by spotlights installed below.

A single live spider is present to welcome the crowds. He sits entirely still in a humble corner of his web. His legs are as thin as the strands that surround him. He can’t possibly, one assumes, navigate – or even have a concept of – the great world he has created here for us to study. Yet his creation is awe-inspiring. For Saraceno, the tiny spider’s web might allow us to consider ‘another infrastructure, another way of living on this planet.’ They are, he says, potential pointers towards ‘future cities.’

Spiders are feared. Their webs are reflections of our deepest psyche. They haunt our dreams and populate our metaphors, from the ancient myths onwards – like Neith, the Egyptian Goddess of weaving, or the Greek goddess Arachne, who was depicted as half-spider half-human in Gustave Doré’s illustration of Dante’s Purgatorio.

Today, massive spiders pick their spindly legs between skyscrapers in Hollywood blockbusters or cling to female forms on our advertising hoardings. They have been used, often to terrifying effect, by some of art history’s greatest practitioners. Most notably by Louise Bourgeois as allegories for her abusive mother, but also by Otto Henry Bacher, Vija Celmins and Candace Wheeler, and on film by Ingmar Bergman and Denis Villeneuve.

Tomás Saraceno, Aria installation at Palazzo Strozzi, Firenze; Photography: ® Ela Bialkowska, OKNO Studio 2020

They are carnivorous, granted. They wait for the vibrations of their web, for an unassuming mortal to fly too close, and then spin and wrap their stunned prey in silk. Some have bites that would condemn any of us to a grizzly death. Female variants of some spider species devour their mate, headfirst, as they copulate. It’s easy, on some levels, to see why they’re hated.

But what a tremendously irrational fear. For, when they are not disturbed, spiders are serene beings. In comparison to the devastation humanity wreaks on its common native earthlings on a daily basis, spiders are pacifists. And, as so ably demonstrated by Saraceno, they are architects capable of ‘helping us to radically think about how we can live on this planet.’

‘I’m a huge admirer of spiders,’ Saraceno says. ‘And I have for quite some time been studying how they build their webs.’

Most of us, as children, will remember looking upon a spider’s web, heavy with dew, in the morning light. Those memories are evoked by this show. In neighbouring rooms to the real webs, Saraceno has made man-made approximations of webs, now animated by lights and metals and mirrors. In one room, a floor to ceiling structure, made with black rope, knots and metal fastenings you might find in a field at Glastonbury, denotes a spider’s web in human scale, our visible reflection asking us orientate ourselves within this system of strands – perhaps relating to our own existence as individuals caught in a collective system, a literal interweb. 

Tomás Saraceno, Aria installation at Palazzo Strozzi, Firenze; Photography: ® Studio Tomás Saraceno 2020

It’s almost as if Saraceno is actively trying to draw a comparison – perhaps an unfavourable one – between the creations of nature and our frequent attempts to manufacture artificial facsimiles for own purposes.

Saraceno is happy to frame the exhibition in the rhetoric of environmentalism. At times, these themes are explicit. Pens full of smog from Mumbai are suspended over a white canvas on the end of adjoined strings attached to floating balloons. In another room, a frogs-spawn of glass domes held to the ceiling, house what design boutiques call ‘air plants’, cacti-like foliage, unattached to anything, but somehow, against the odds, alive. 

Then there’s a room of sweeping lights and mirrors that throw a kaleidoscope of marbled, moving light-etchings across the wall. It’s a glimpse at a kind of utopia as if we’re above the clouds at first light. 

Spiders, Saraceno notes, are able to colonise unlikely places all over the world – whilst always developing and maintaining an equilibrium with their surroundings. Perhaps, Saraceno is suggesting, these creatures, who lurk in the corner of the rooms or become caught in our vacuum cleaners, actually possess great wisdom. Maybe, caught within their webs, are answers to questions that have remained elusive to humanity for so long. 

Tomás Saraceno, Aria installation at Palazzo Strozzi, Firenze; Photography: ® Ela Bialkowska, OKNO Studio 2020

If we are to find a way to sustainably exist on this planet whilst also taking care of each other, maybe we could learn to stop fearing the humble spider – and be inspired by them instead. §

Source link

The post #deepweb | <p> Tomás Saraceno spins webs of symbolism at Palazzo Strozzi <p> appeared first on National Cyber Security.

View full post on National Cyber Security