Syber Group
Toll Free : 855-568-TSTG(8784)
Subscribe To : Envelop Twitter Facebook Feed linkedin

Pawn Storm Hacking Develops New Tools For Cyberespionage

December 17, 2015 by  
Filed under Security

Comments Off on Pawn Storm Hacking Develops New Tools For Cyberespionage

A Russian cyberespionage group known as Pawn Storm has made use of new tools in an ongoing attack campaign against defense contractors with the goal of defeating network isolation policies.

Pawn Storm, also known as Sofacy, after its primary malware tool, has been active since at least 2007 and has targeted governmental, security and military organizations from NATO member countries, as well as media organizations, Ukrainian political activists and Kremlin critics.

Since August, the group has been engaged in an attack campaign focused on defense contractors, according to security researchers from Kaspersky Lab.

During this operation, the group has used a new version of a backdoor program called AZZY and a new set of data-stealing modules. One of those modules monitors for USB storage devices plugged into the computer and steals files from them based on rules defined by the attackers.

The Kaspersky Lab researchers believe that this module’s goal is to defeat so-called network air gaps, network segments where sensitive data is stored and which are not connected to the Internet to limit their risk of compromise.

However, it’s fairly common for employees in organizations that use such network isolation policies to move data from air-gapped computers to their workstations using USB thumb drives.

Pawn Storm joins other sophisticated cyberespionage groups, like Equation and Flame, that are known to have used malware designed to defeat network air gaps.

“Over the last year, the Sofacy group has increased its activity almost tenfold when compared to previous years, becoming one of the most prolific, agile and dynamic threat actors in the arena,” the Kaspersky researchers said in a blog post. “This activity spiked in July 2015, when the group dropped two completely new exploits, an Office and Java zero-day.”

Source- http://www.thegurureview.net/aroundnet-category/pawn-storm-hacking-group-develops-new-tools-for-cyberespionage.html

Is Russia Behind Recent US Malware Attacks?

September 30, 2015 by  
Filed under Computing

Comments Off on Is Russia Behind Recent US Malware Attacks?

It would appear that while the US has been blaming China for all its cyber break-ins it appears to be ignoring Tsar Putin’s elite hacking team for the last seven years.

For the past seven years, a cyberespionage group operating out of Russia on the orders of Tsar Putin have been conducting a series of malware campaigns targeting governments, political think tanks and other organizations.

Researchers at F-Secure have been looking into the antics of an outfit called “the Dukes” which has been active since at least 2008. The group has evolved into a methodical developer of “zero-day” attacks, pulling together their own research with the published work of other security firms to provide a more detailed picture of the people behind a long-running family of malware.

The Dukes specialize in “smash and grab” attacks on networks, but have also used subtle, long-term intrusions that harvested massive amounts of data from their targets.

The group’s targets do include criminal organisations operating in the Russian Federation, which suggest there is some form of policing element to it. But they are mostly interested in Western governments and related organisations, such as government ministries and agencies, political think tanks and governmental subcontractors.

F-Secure team wrote. “Their targets have also included the governments of members of the Commonwealth of Independent States; Asian, African, and Middle Eastern governments; organisations associated with Chechen terrorism; and Russian speakers engaged in the illicit trade of controlled substances and drugs.”

The group was named after its earliest-detected malware, known as PinchDuke. Its targets were associated with the Chechen separatist movement. Later that year they were going after Western governments and organisations in search of information about the diplomatic activities of the United States and the NATO.

Most of the attacks used spear phishing emails as the means of injecting malware onto targeted systems, one of their attacks have spread malware through a malicious Tor exit node in Russia, targeting users of the anonymising network with malware injections into their downloads.

The targets have always followed Russian government interests. There are a number of Russian-language artifacts in some of the malware, including an error message in PinchDuke. GeminiDuke also used timestamps that were adjusted to match Moscow Standard time.

Before the beginning of the Ukraine crisis, the group began using a number of decoy documents in spear phishing attacks that were related to Ukraine. They included a letter undersigned by the First Deputy Minister for Foreign Affairs of Ukraine.

However, after the crisis happened the attacks dropped off suggesting that it was an intelligence gathering operation. It is also a big operation, which, if operating in Russia would most likely require state acknowledgement, if not outright support.

Source-http://www.thegurureview.net/computing-category/is-russia-behind-us-malware-attacks.html

USAA Exploring Bitcoins

May 20, 2015 by  
Filed under Around The Net

Comments Off on USAA Exploring Bitcoins

USAA, a San Antonio, Texas-based financial institution serving current and former members of the military, is researching the underlying technology behind the digital currency bitcoin to help make its operations more efficient, a company executive said.

Alex Marquez, managing director of corporate development at USAA, said in an interview that the company and its banking, insurance, and investment management subsidiaries hoped the “blockchain” technology could help decentralize its operations such as the back office.

He said USAA had a large team researching the potential of the blockchain, an open ledger of a digital currency’s transactions, viewed as bitcoin’s main technological innovation. It lets users make payments anonymously, instantly, and without government regulation.

The blockchain ledger is accessible to all users of bitcoin, a virtual currency created through a computer “mining” process that uses millions of calculations. Bitcoin has no ties to a central bank and is viewed as an alternative to paying for goods and services with credit cards.

“We have serious interest in the blockchain and we think the technology would have an impact on the organization,” said Marquez. “The fact that we have such a large group of people working on this shows how serious we are about the potential of this technology.”

USAA, which provides banking, insurance and other products to 10.7 million current or former members of the military, owns and manages assets of about $213 billion.

Marquez said USAA had no plans to dabble in the bitcoin as a currency. Its foray into the blockchain reflects a trend among banking institutions trying to integrate bitcoin technology into their systems. BNY Mellon and UBS have announced initiatives to explore the blockchain technology.

Most large banks are testing the blockchain internally, said David Johnston, managing director at Dapps Venture Fund in San Antonio, Texas. “All of the banks are going through that process of trying to understand how this technology is going to evolve.”

“I would say that by the end of the year, most will have solidified a blockchain technology strategy, how the bank is going to implement and how it will move the technology forward.”

USAA is still in early stages of its research and has yet to identify how it will implement the technology.

In January this year, USAA invested in Coinbase, the biggest bitcoin company, which runs a host of services, including an exchange and a wallet, which is how bitcoins are stored by users online.

Source

U.S. And Britain Ramping Up Cyber Defense

January 30, 2015 by  
Filed under Security

Comments Off on U.S. And Britain Ramping Up Cyber Defense

The U.S. and Britain are increasing their collaboration to thwart digital threats. They are planning to launch more attacks against each other to test their defenses and scare away possible enemies.

The U.S. and the U.K. have been working together to prevent cyber attacks for some time, but are going to increase the collaboration. They will combine their expertise to set up “cyber cells” on both sides of the Atlantic to increase sharing information about threats and to work out how to best protect themselves and create a system that lets hostile states and organization know they shouldn’t attack, said U.K. prime minister David Cameron in an interview published by the BBC.

Cyber attacks “are one of the biggest modern threats that we face,” according to Cameron who is visiting Washington for talks with U.S. president Barack Obama. One of the topics high on the agenda is digital security.

The countries will increase the “war games” launched at each other to test defenses. “It is happening already but it needs to be stepped up,” Cameron said, adding that British intelligence service GCHQ and the U.S. equivalent NSA have know-how that should be shared more.

“It is not just about protecting companies, it is also about protecting people’s data, about protecting people’s finances. These attacks can have real consequences to people’s prosperity,” he said.

However, in order to protect companies and citizens better, increased snooping powers to track terrorists on social networks are necessary, said Cameron. He is planning to discuss this issue with Obama and U.S. companies including Google and Facebook.

The increased cooperation between the countries comes in the wake of the Sony hack and the apparent hacking of the U.S. Central Command’s Twitter account by ISIS (Islamic State of Iraq and Syria), which posted tweets threatening families of U.S. soldiers and claiming to have hacked into military PCs.

Source

Dell Unveils Laptop/Tablet Hybrid

April 21, 2014 by  
Filed under Computing

Comments Off on Dell Unveils Laptop/Tablet Hybrid

Dell unveiled a new 11.6-in. screen rugged laptop that has literally has a twist — the screen can rotate 180 degrees to turn the device into a tablet.

At first, the Latitude 12 looks like a laptop. But within the display panel, the screen rotates 180 degrees and the laptop turns into a tablet once placed on the keyboard.

The new Latitude 12 laptop is part of a new Rugged Extreme line of laptops, which also includes the Rugged Extreme 14. The new laptops are robust and can withstand six-foot drops and remain protected from extreme weather conditions.

The laptops have hard covers that add a layer of protection, but also make the products heavy. The Latitude 12 Rugged Extreme weighs 2.72 kilograms with a four-cell battery, while the 14-in. counterpart weighs 3.54 kilograms with a six-cell battery and no optical drive.

The laptops can also withstand solar radiation, “explosive atmosphere” and weather ranging from -20 degrees to 145 degrees Fahrenheit (-29 degrees to 63 degrees Celsius), according to specifications provided by Dell. The products are targeted at field workers like emergency responders and the military, and will compete against Toughbook rugged laptops from Panasonic.

The Latitude 12 rugged laptop has a starting price of $3,649, while the Latitude 14 begins at $3,499. The laptops will ship next month.

The hybrid design in Latitude 12 has been borrowed from the company’s XPS 12 Ultrabook Touch, which has a 12.5-inch screen that can similarly flip to turn the laptop into a tablet. The resistive touch screens on both laptops can show images at a resolution of 1366 x 768 pixels.

The laptops will have storage options of up to 512GB solid-state drives. Users can configure the laptop with Intel’s latest fourth-generation Core processorscode-named Haswell. The laptops will come with either Windows 8.1 or 7, or Ubuntu Linux operating systems.

Other features include support for up to 16GB of DRAM, Wi-Fi and Gigabit Ethernet through a connector. The laptop also has USB 3.0, USB 2.0, VGA and HDMI ports. Mobile broadband and docking are available as options.

Source

Cyber Attacks Increasing In Middle East

September 13, 2013 by  
Filed under Security

Comments Off on Cyber Attacks Increasing In Middle East

Syria’s civil war and political strife in Egypt have given birth to new battlegrounds on the Web and driven a surge in cyber attacks in the Middle East, according to a leading Internet security company.

More than half of incidents in the Gulf this year were so-called “hacktivist” attacks – which account for only a quarter of cybercrime globally – as politically motivated programmers sabotaged opposing groups or institutions, executives from Intel Corp’s software security division McAfee said on Tuesday.

“It’s mostly bringing down websites and defacing them with political messages – there has been a huge increase in cyber attacks in the Middle East,” Christiaan Beek, McAfee director for incident response forensics in Europe, Middle East and Africa (EMEA), told Reuters.

He attributed the attacks to the conflict in Syria, political turmoil in Egypt and the activities of hacking collective Anonymous.

“It’s difficult for people to protest in the street in the Middle East and so defacing websites and denial of service (DOS) attacks are a way to protest instead,” said Beek.

DOS attacks flood an organization’s website causing it to crash, but usually do little lasting damage.

The Syrian Electronic Army (SEA), a hacking group loyal to the government of President Bashar al-Assad, defaced an Internet recruiting site for the U.S. Marine Corps on Monday and recently targeted the New York Times website and Twitter, as well other websites within the Middle East.

Beek described SEA as similar to Anonymous.

“There’s a group leading operations, with a support group of other people that can help,” said Beek.

McAfee opened a centre in Dubai on Monday to deal with the rising threat of Internet sabotage in the region, the most serious of which are attacks to extract proprietary information from companies or governments or those that cause lasting damage to critical infrastructure.

Cyber attacks are mostly focused on Saudi Arabia, the world’s largest oil exporter, Qatar, the top liquefied natural gas supplier, and Dubai, which is the region’s financial, commercial and aviation hub, said Gert-Jan Schenk, McAfee president for EMEA.

“It’s where the wealth and critical infrastructure is concentrated,” he said.

The “Shamoon” virus last year targeted Saudi Aramco, the world’s largest oil company, damaging about 30,000 computers in what may have been the most destructive attack against the private sector.

“Ten years ago, it was all about trying to infect as many people as possible,” added Schenk. “Today we see more and more attacks being focused on very small groups of people. Sometimes malware is developed for a specific department in a specific company.”

Source

Will The FBI Ditch Blackberry?

July 31, 2013 by  
Filed under Smartphones

Comments Off on Will The FBI Ditch Blackberry?

Samsung Electronics Co Ltd is close to signing a deal to sell its popular line of Galaxy devices to the U.S. Federal Bureau of Investigation, sources familiar with the situation said late last  Friday.

The deal would be a boost for Samsung, which is increasingly seeking to cater to the needs of government agencies, a niche long dominated by Canadian smartphone maker BlackBerry Ltd.

The FBI, with more than 35,000 employees, at present uses mainly BlackBerry devices. It is unclear whether the agency plans to replace all BlackBerry equipment with Galaxy models or whether it will use hardware from both companies.

A spokeswoman for the FBI declined to comment on the matter, saying that the selection of its new smartphones is part of an active acquisition process and any current discussions are proprietary to the government.

The imminent deal was initially reported by the Wall Street Journal late on Thursday. The WSJ also said Samsung is close to signing a smaller order for its devices with the U.S. Navy, citing people familiar with the matter.

Representatives of BlackBerry and Samsung declined to comment. BlackBerry emphasized, however, that it regards its operating system as the best in the market in terms of security features.

“The security of mobile devices is more important now than it has ever been before,” BlackBerry’s chief legal officer, Steve Zipperstein, said in an interview. “It is fair to ask why in this context anyone would consider moving from the gold standard in security, which is the BlackBerry platform.”

In May, the U.S. Pentagon cleared Samsung’s Android mobile devices and a new line of BlackBerry devices powered by the BB10 operating system for use on Defense Department networks.

Samsung has been pushing hard to convince government agencies and corporate clients that its Galaxy devices, powered by Google Inc’s Android operating system, can meet their stringent security needs.

The South Korean company hopes that the Pentagon clearance and the imminent deal with the FBI will help boost sales to security-conscious clients including banks and law firms.

Some analysts remain skeptical about whether Android can meet all security requirements of such clients, and note that the FBI itself has highlighted some vulnerabilities of the platform.

“The Android operating system hasn’t been secured properly,” said Rob Enderle, principal analyst with Enderle Group, noting that Samsung has layered technology on top of the operating system in an attempt to make its Galaxy devices safer.

Source

Are CCTV Cameras Hackable?

June 28, 2013 by  
Filed under Around The Net

Comments Off on Are CCTV Cameras Hackable?

When the nosy British bought CCTV cameras, worried citizens were told that they could not be hacked.

Now a US security expert says he has identified ways to remotely attack high-end surveillance cameras used by industrial plants, prisons, banks and the military. Craig Heffner, said he discovered the previously unreported bugs in digital video surveillance equipment from firms including Cisco, D-Link and TRENDnet.

They could use it as a pivot point, an initial foothold, to get into the network and start attacking internal systems. Heffner said that it was a significant threat as somebody could potentially access a camera and view it. Or they could also use it as a pivot point, an initial foothold, to get into the network and start attacking internal systems.

He will show how to exploit these bugs at the Black Hat hacking conference, which starts on July 31 in Las Vegas. Heffner said he has discovered hundreds of thousands of surveillance cameras that can be accessed via the public internet.

Source

Satellite Phone Encryption Cracked

February 11, 2012 by  
Filed under Smartphones

Comments Off on Satellite Phone Encryption Cracked

German researchers claim to have cracked the algorithm that secures satellite phone transmissions.

Benedikt Driessen and Ralf Hund from Ruhr University have reverse engineered the GMR-1 and GMR-2 voice ciphers used in a lot of satellite systems. These are used by, among others, government agencies and the military.

Bjoern Rupp, CEO at GSMK Cryptophone said, “This breakthrough has major implications for the military, civilians engaged on overseas operations, or indeed anyone using satellite phones to make sensitive calls in turbulent areas.”

Their report is titled “Don’t Trust Satellite Phones” and shows how someone with a “suitably programmed computer” and software radio capable of receiving satellite frequencies can hack calls. These include ones made by disaster relief agencies and the military.

Source…

China Denies Hack Attack

November 2, 2011 by  
Filed under Security

Comments Off on China Denies Hack Attack

China has denied involvement in hacking US environment monitoring satellites.

Last week the US-China Economic and Security Review Commission released a draft report about several incidents where US satellites were interfered with in 2007 and 2008.

The Commission did not say that the attacks were traced back to China, but it did cite China’s military as a prime suspect, due to the similarity of the techniques used with “authoritative Chinese military writings” on disabling satellite control.

The hackers gained access to the satellites on at least four occasions through a ground station in Norway. The unauthorised access lasted for between two and 12 minutes. While the attacks did no real damage, they did demonstrate that it is possible to hijack satellites, which is a worrying realisation when military satellites are taken into consideration.

China has a bad reputation throughout the world for alleged cyber attacks, often being the first to blame when a major attack has been discovered. The US has not been the only target either, with alleged attacks against Canada and France having been reported earlier this year.

“[The US] has always been viewing China with colored lenses. This report is untrue and has ulterior motives. It’s not worth a comment,” said Hong Lei, a spokesperson for the Chinese Foreign Ministry, according to Reuters.

Source….

Next Page »