blog trackingRealtime Web Statistics Creates Archives - Gregory D. Evans | Worlds No. 1 Security Consultant | Gregory D. Evans | Worlds No. 1 Security Consultant

Posts Tagged ‘Creates’

School for Spies: UK Creates ‘University Degrees’ In cyber Security

GCHQ, Britain’s intelligence agency for information assurance, will approve UK postgraduate courses in cyber security – effectively endorsing a Masters in spying, recent reports claim. This might come in useful for the agency’s own employees.

GCHQ, the UK government surveillance agency, is to give its stamp of approval to postgraduate courses in cyber security, essentially certified degrees for spies.

The 39-page document from GCHQ, seen by the Independent, says that the increasing number of courses in security related subjects at institutions across the UK means that it is becoming more and more difficult to “assess the quality of the degrees on offer.”

In order to gain certification a master’s degree must offer a “general, broad foundation in cyber security” and must also include a detailed knowledge of threats to online activity including “common attacks”, “malicious code” and “adversarial thinking.”

The new GCHQ certificates will be valid for five years before having to be renewed, and it is hoped the new system will create more clarity in what’s on offer.

The Cheltenham based surveillance agency has sent out a brief to all universities in the UK offering an MSc in cyber security to apply for certification before June 20.

Chris Ensor, the deputy director for the National Technical Authority for Information Assurance, which acts as the information-security arm of GCHQ, said that while they had sent some employees into schools to encourage pupils to be interested in maths, they could do more to recruit the right people.

“We’re a highly technical organization with a highly technical workforce, so we depend on the young talent coming through all the way from schools to apprenticeships and degrees,” he said.

The GCHQ certificates are part of the UK government’s broader cyber-security strategy, which aims “for the UK in 2015 to derive huge economic and social value from a vibrant, resilient and secure cyberspace.”

View full post on Who Got Hacked – Latest Hacking News and Security Updates

eAgency Mobile Security creates “Kid Safe” campaign for school safety

Ashley Bennett Top Priority Sector:  cyber_security eAgency Mobile Security has partnered with law enforcement to create a national “Kid Safe” campaign designed to target cyber bullying and harassment, sexting, and sextortion in K-12 public schools. Read More….

View full post on The Cyber Wars

Credence ID creates new tri-biometric mobile enrollment and verification device

Top Priority Sector:  access_control_identification Credence ID, a San Francisco-based company that creates biometric devices, has created an Android-based handheld tri-biometric device called the Trident. Read More….

View full post on The Cyber Wars

Obama creates new homeland security partnership council, to be led by John Brennan

Jacob Goodwin Top Priority Sector:  federal_agencies_legislative Image Caption:  John Brennan to leadnew Partnership Council In an effort to foster closer relationships between the field offices of various U.S. Government departments and the state and local governments in those geographic areas across the country, President Obama signed an executive order on Oct. 26 which establishes a […]

View full post on The Cyber Wars

Federal energy regulator creates Cyber/EMP security office

Mark Rockwell Top Priority Sector:  infrastructure_protection In the face of mounting electronic assaults on critical U.S. infrastructure targets, the Federal Energy Regulatory Commission (FERC) unveiled a new office on Sept. 20 it hopes will help combat potential Cyber and physical attacks on the U.S. electric grid. Homepage position:  10 read more View full post on […]

View full post on The Cyber Wars

National Security Agency creates security design based on Android

America’s intelligence agency, the National Security Agency (NSA), today disclosed how it’s going to handle mobile security.

The NSA has come up with a security design that currently depends on Google Android smartphones, though the NSA contends it doesn’t want to be wedded to any particular smartphone operating system. But its current “Fishbowl” phones, as they are called, are beefed-up highly secured Motorola Android smartphones that use double-encryption for voice traffic and a unique routing scheme for 3G network traffic back to the NSA first for security purposes. This design makes them suitable for classified information sharing with other like smartphones, according to Margaret Salter, technical director at NSA’s information assurance directorate, who spoke about the so-called “Fishbowl” project, which today focuses on voice use of smartphones, at a session here today at the RSA Conference.

“We wanted to use the commercial standards that are out there,” said Margaret Salter, technical director in NSA’s information assurance directorate. “We wanted plug and play — but that was hard.” The NSA also wants interoperability in order not to be trapped in vendor ok-in, but this is turning out to be hard to achieve.

The NSA looked at SSL VPN as a standard and left no stone unturned in exploring commercial SSL VPN for mobile, but found utter lack of interoperability across vendor products. Salter said NSA also was frustrated with the lack of interoperability in Unified Communications Systems (UCS) products, noting that buying one piece often meant buying several others, there being little evidence of multi-vendor interoperability. So with some frustration, NSA changed to go with an open-source Session Initiation Protocol (SIP) server for the present.

IPSec VPN rather than SSL VPN

NSA also switched its mobile security strategy toward IPSec VPN, where things looked better in terms of interoperability than SSL VPN, and selected the Secure Real-Time Transport Protocol for Voice App and Transport Layer Security (TLS) with keys. This all means “the voice call is doubly encrypted,” Salter said. “There’s VoIP encryption and IPsec encryption.”

The NSA is relying on a alphabet soup of standards for its Fishbowl smartphones: Suite B IPSec, IKE v.2, Elliptic Curve Diffie-Hellman, Elliptic Curve DSA, the SHA2 hash, all well-known in security circles. The NSA contracted to build some elements of its Fishbowl smartphone prototypes on Motorola Android since what it wants isn’t commercially available. But NSA wants it to be, and to that end is releasing the basic architecture with the hope the high-tech industry will get on board in software design. The NSA also has included a so-called “police app” to make sure everything is in place on the smartphone as it should be, said Salter. She noted a number of the NSA employees in the room were now carrying their Fishbowl phones with them, which she said showed surprisingly little voice delay, even with double encryption processes.

In publishing all its Fishbowl standards on the NSA website, “our hope is someone will show this to the vendors and say ‘I want that,’” said Salter.

The NSA plans to propose its mobile security design as an internationally-oriented Common Criteria standard, with the idea that products would start to make it through the NIAP labs. The Defense Information Systems Agency (DISA), which is responsible for large-scale practical networking deployments for the military, “is looking at copying this on a large scale,” said Salter. She added: “We’ll be standing up an enterprise app market,” noting that today there are a large number of people already writing apps for military purposes.

The mobile operating system question

Although NSA doesn’t want to be wedded to one mobile operating system platform, its investigations into suitable choices have so far led it to Google Android mainly because with it you can change the underlying OS, and with Apple iOS for example, you can’t, Salter noted. One change was made so digital certificates would be stored in a way NSA thinks is better.

“It’s not our intention to only use Android,” she adds. NSA has some misgivings about Android at any rate because the intelligence agency discovered that the phone manufacturers of Android smartphones are themselves changing the Android OS so much, that “Android is not Android. It’s whatever the maker of the phone decides to put in.” Salter said the NSA would be glad to see that aspect of Android somehow recede.

The NSA naturally already has various secure telephone systems, among them the older STU-III encryption phones. To get them all to work together, there will need to be some gateway systems, said Salter, and that’s one reason that mobile telephony traffic is being routed from an undisclosed carrier back to NSA, which is based in Ft. Meade, Md., so this interoperability can be achieved as well as various security and authentication checks.

Article source:

View full post on National Cyber Security » Computer Hacking

AlienVault creates centralised threat detection system

Open-source security information and event management (SIEM) vendor AlienVault has launched a new system for sharing threat intelligence among users of its OSSIM platform.

SIEM technology provides real-time analysis of security alerts generated by network hardware and applications. While the technology is used widely, OSSIM claims to have the largest number of users — more than 18,000 and to be the only open source-based SIEM platform.

Previously, OSSIM threat intelligence could only be shared within individual organisations. However, AlienVault’s new Open Threat Exchange (AV-OTX) system allows intelligence to be shared among all its customers that opt to use the service, meaning that the threat data is far more comprehensive.

“Many of our large customers were coming to us and saying they needed a way to know what was going on in the wider community,” said Richard Kirk, Head of Europe for AlienVault. “They could see what was happening in their own network but they knew that they were only a small piece of the global community.”

AlienVault customers can opt to use the new service by downloading the latest version of OSSIM for free. The new version of OSSIM uploads a set of data from the local system to AlienVault’s secure cloud on an hourly basis. Some of the data will be automatically cleansed and validated, and the rest is reviewed by a group of scientists in AlienVault’s Research Lab, to ensure that only the most accurate and actionable intelligence is published.

That intelligence data is then distributed to all of the OSSIM users that have opted to use the service, allowing them to react quickly or take preventative measures against future threats.

AlienVault is not the only security firm to offer a central threat detection system. Symantec, McAfee and Trend Micro also collect intelligence data from their customers in order to detect threats early and respond quickly. However, Kirk claims that these companies are only looking at one small slice of what’s going on.

“In the case of McAfee, for example, all they’re looking at is anti-virus information,” said Kirk. “It’s very sophisticated what they do, because they collect and process anti-virus information from all of the clients that they have, but at the end of the day it’s only anti-virus. They’re not looking at intrusion detection, they’re not looking at firewall information, they’re not looking at proxy servers, web servers, all those things. Only an SIEM platform can do that.”

AlienVault expects the new system to be particularly attractive to telecoms companies, that run networks on behalf of large banks or industrial companies, as it allows them to automate the monitoring and protection of all those systems across the board.

“Internet threats are global by nature and they need to be countered from an equally global perspective,” said Jose Luis Gilperez, director of product development and security innovation at Telefonica Digital, a customer of AlienVault.

“With the AlienVault Open Threat Exchange, an attack on any part of our network or on any member of the AV-OTX community alerts everyone in the community and helps us all respond to threats far more effectively.”

Article source:

View full post on National Cyber Security » Computer Hacking

Fujitsu creates antivirus virus for Japanese government

Fujitsu has developed code for the Japanese government that will destroy malware and collect information on its creators.

The government decided to investigate the possibilities of such code in 2005, and three years later the Defense Ministry’s Technical Research and Development Institute awarded Fujitsu a ¥178.5m ($2.3m) contract to develop it. The software has now been completed and is undergoing testing in a closed network environment, the Yomiuri Shimbun reports.

The code is designed to identify malware, chiefly that which is used to set up a botnet, and can both eliminate it on the host PC and also identify which computer the malware came from, then attempt to erase the code at source. The software has also shown more limited utility at identifying key loggers and other code designed to steal data.

Sources in the government told the paper that the code would be used to identify the origin of infections for domestic systems and not used overseas, since Japanese law makes it difficult to use such tools outside of national borders. However, the Defense Ministry and Foreign Ministry have begun legislative consideration regarding the matter.

The code itself shouldn’t be too hard to develop, since the malware industry already turns out software that checks for competing code on infected machines and deletes it. However, Graham Cluley, senior technology correspondent at Sophos, gave the idea a resounding thumbs-down.

“There have been a few attempts in the past to create ‘good’ viruses,” he writes. “The Cruncher virus, for instance, was designed to save disk space by compressing files, and Mark Ludwig’s KOH virus tried to win the title of a ‘good virus’ by encrypting hard drive data. And we’ve even seen malware that is designed to find child abuse images and report its discoveries to the authorities. But the simple truth is that none of them have needed to be viral to deliver their positive benefit.” ®

Article source:

View full post on National Cyber Security » Virus/Malware/Worms

Hacker creates worst leak ever in Sweden

More than 90,0000 passwords private email accounts in Sweden, including those of politicians, celebrities and editors, have been leaked by an anonymous hacker. read more

View full post on anonymous hacker — Yahoo! News Search Results

View full post on National Cyber Security

Gregory Evans | LinkedIn

Interview With Gregory Evans

Gregory Evans Security Expert

Gregory Evans on Cyber Crime

Conficker Worm Creates Army of Lurking Drone Computers

(c) 2011, Bloomberg News
As a narrative, Mark Bowden’s “Worm” The First Digital World War” leaves something to be desired. As a warning, it’s distinctly unnerving.
“Worm” (Atlantic Monthly Press, $25) is the story of Conficker, a nasty piece of software injected into the Internet’s bloodstream in 2008. Since then it has infected millions of computers worldwide, assembling the largest-ever “botnet.” This drone army of machines might, unknown to their owners, be ordered at any time to unleash digital havoc that could bring down global communications systems, power grids, perhaps the very Internet itself.
Where did Conficker come from, and who was or is behind it? No one knows, including Bowden, the author of “Black Hawk Down.” Perhaps it’s the Ukrainians, or the Chinese, or a “dark Symantec,” a commercial criminal enterprise established as the mirror image of the well-known Internet security firm. Whoever they were, though, they clearly knew what they were doing.
The worm combined the best-of-breed malevolence from previous malware exploits , chronicled here in sometimes mind- numbing detail, with unique advancements of its own. Once it infected a computer, it would repair the Microsoft Windows security breach it had exploited, preventing competitors from coming in behind it. It would also stealthily thwart any effort by the computer’s owner to install a cure. Then, like a terrorist sleeper cell, it would simply await instructions from its unknown master.
Combating this mortal threat was an ad hoc group of security experts calling itself the Cabal, in Bowden’s telling, a sort of Justice League of America of computer nerds desperately racing against time, official indifference and its own internal divisions to head off computergeddon.
They included representatives from Microsoft, think-tanks and the loosely organized bodies that pass for the Internet’s governing authorities, as well as assorted other industry consultants.
Conspicuously absent was any representative of the U.S. government, despite repeated efforts to engage it. The silence from official quarters proved baffling, until the truth dawned on the Cabal. “The real reason for the feds’ silence was . . . they had nothing to offer!” Bowden writes. “They were in way over their heads.”
With a deadline of April 1, 2009, when the botnet was programmed to become operational, the Cabal struggled to unpeel Conficker’s protective layers, figure out how it worked and head it off.
Every day, the worm would create and check in with long lists of randomly generated Internet domains, behind any one of which its master might lurk. Only as the date approached on which the zombie army would rouse to life did the populace at large become aware of its peril. The New York Times ran articles. “60 Minutes” did a segment. The world held its breath.
And then . . . nothing. The mighty beast shuddered, sent a little spam and then lapsed back into whatever digital muck spawned it.
Or did it? Bowden makes a case that the unknown botmaster’s goal wasn’t to unleash a single crippling attack but to create an infrastructure that can be exploited at will in the future.
“The Conficker botnet, this enormous concentration of computer power, had been assembled and was still in the hands of its mysterious creators,” he writes. The millions of infected machines “could be turned to any task the botmaster defined. They could be leased for plunder or marshaled for attack.”
The author does his best to maintain the story’s dramatic tension. But a combination of factors, such as the lengthy history of malware near the beginning of the book and the lack of knowledge on who perpetrated Conficker and why, all conspire to make “Worm” an oddly unsatisfying yarn.
So, too, does a series of annoying factual errors. Personal computers were widely available in 1984, contrary to the book’s assertion. Microsoft’s first product, for the pioneering Altair microcomputer, was a BASIC language interpreter, not an operating system. And so on.
As a cautionary tale, though, “Worm” is worth attention. Government officials up to and including President Obama have taken notice of Conficker and begun to address some of the issues it raised. But you’ll probably put “Worm” down with the thought that cyberspace is just as dangerous as the physical world we inhabit.
— Editors: One photo available at

Article source:

View full post on National Cyber Security » Virus/Malware/Worms

Page 1 of 212»

My Twitter

  • 911 Won’t Make You Safe #dating @gregorydevans
    about 1 hour ago
  • 14 Ways To Show a Guy You Like Him, and Still Be a Tease #dating @gregorydevans
    about 2 hours ago
  • Cyber Security News Today is out! @gregorydevans #hacker
    about 3 hours ago
  • Latest Trend In Online Dating: Matches Don’t Last Forever #dating @gregorydevans
    about 11 hours ago
  • RT @Aldana_Angel: Hackers ... Hacky Day .·. is out! Stories via @GregoryDEvans @garyjdavis @UNHcFREG
    about 12 hours ago By Gregory D. Evans

Hacker For Hire By Gregory Evans

Gregory D. Evans On Facebook

Parent Securty By Gregory D. Evans

National Cyber Security By Gregory D. Evans

Dating Scams By Gregory Evans