blog trackingRealtime Web Statistics Targets | Gregory D. Evans | Worlds No. 1 Security Consultant - Part 4

Posts Tagged ‘targets’

LulzSec back on April 1, while Anonymous targets Imperva

LulzSec, six of whose members were arrested earlier this month, will resume hacker operations on April 1, while Anonymous declared independently security firm Imperva are one of their targets.

“It’s ridiculous to believe that by arresting the six prime members of LulzSec that you have stopped us,” said the electronically altered voice over in a video posted on YouTube. “You haven’t stopped us. You have merely disrupted the active faction.”

The video doesn’t specify who will be attacked other than that they will be from categories of organisations that it has attacked before: websites of governments, corporations and agencies. “As we speak our battle fleet and dormant members are planning some top operations and pranks that will go down in history,” the video voiceover continued.

LulzSec claimed a string of attacks during 50 days last spring before disbanding, and some of its members shifted over to the even more amorphous group Anonymous.

Meanwhile in a separate video Anonymous has declared security firm Imperva a target of its activities. “This is a message to the Imperva security firm. Although we do not see you as any form of threat we have determined that your interests and views may become a mild nuisance in the future therefore you yourself will become a target,” an electronically altered voice said.

What set Anonymous off was Imperva’s report about an attack Anonymous made to disrupt an unnamed event in 2011. Contributing to the decision to attack Imperva was apparently hurt feelings. “A video posted on YouTube states that Imperva perceives a large majority of the Anonymous collective as, in their words, “a legion of idiots”, according to the Anonymous video.

The video is a report by Jason Unruhe who actually reads a quote from Cole Stryker, who has written a book about Anonymous, that appeared in The New York Times on February 26. “Anonymous is a handful of geniuses surrounded by a legion of idiots,” said Cole Stryker, an author who has researched the movement,” the NYT story said. The story also identifies the target of the Anonymous attack that the Imperva report talks about as being aimed at the Vatican.

Article source:

View full post on National Cyber Security » Computer Hacking

LulzSec Is Back; Anonymous Targets Imperva

Hacker collective LulzSec, six of whose members were arrested earlier this month, will resume active operation April 1, according to a video posted on YouTube.

View full post on lulzsec hacker – Yahoo! News Search Results

View full post on National Cyber Security

WikiLeaks targets global risk company Stratfor (Reuters)

Reuters – The anti-secrecy group WikiLeaks began publishing on Monday more than 5 million emails from a U.S.-based global security analysis company that has been likened to a shadow CIA.

View full post on Yahoo! News: Security News

View full post on National Cyber Security

Anonymous targets Vic Toews over Internet surveillance bill, revives Vikileaks

The hacker group Anonymous is promising that Vic Toews "will be exposed for the hypocrite" he is

View full post on anonymous hacker – Yahoo! News Search Results

View full post on National Cyber Security

Hacker network Anonymous targets Pa. tear-gas maker

Computer hackers associated with the international network Anonymous claim to have shut down the website of a Mercer County company that has been supplying the tear gas used by Egyptian forces to quell protests in that country.

View full post on anonymous hacker – Yahoo! News Search Results

View full post on National Cyber Security

Anonymous Targets Alabama’s Computer Systems

Anonymous Targets Alabama’s Computer Systems, Blog, computer, systems, anonymous, targets, Alabama’s

View full post on Government Technology Security News

View full post on National Cyber Security

Anonymous Targets Alabama’s Computer Systems

Anonymous Targets Alabama’s Computer Systems, Blog, anonymous, targets

View full post on Government Technology Security News

View full post on National Cyber Security

Google’s New ‘Bouncer’ Targets Android Market Malware

Hard on the heels of the controversy that arose recently around Symantec and its claims that numerous apps on the Android Market were actually malware in disguise, Google on Thursday unveiled a new tool to help it identify malicious apps.

Symantec subsequently recanted its assertions, of course, but in the meantime there’s now a service called “Bouncer” that aims to keep the Android Market free of malware by quietly and automatically scanning it for questionable apps.

“Today we’re revealing a service we’ve developed, codenamed Bouncer, which provides automated scanning of Android Market for potentially malicious software without disrupting the user experience of Android Market or requiring developers to go through an application approval process,” wrote Hiroshi Lockheimer, vice president of engineering for Android, in a Thursday post on the Google Mobile Blog.

‘We Actually Run Every Application’

When an application is uploaded, Bouncer immediately starts analyzing it for known malware, spyware, and trojans, Lockheimer explained. The service also looks for suspicious behaviors and compares it against previously analyzed apps to detect possible red flags, he noted.

“We actually run every application on Google’s cloud infrastructure and simulate how it will run on an Android device to look for hidden, malicious behavior,” Lockheimer wrote.

New developer accounts are also analyzed so as to help prevent the return of developers who have submitted malicious software in the past, he added.

A 40 Percent Drop

Bouncer has actually already been at work in the Android Market for some time already, Lockheimer added, and it’s turned up some interesting results.

Though more than 11 billion apps were downloaded from the Android Market over the past year, the number of Android malware downloads is decreasing dramatically, he asserted.

Specifically, between the first and second halves of 2011, there was a 40 percent drop in the number of downloads of potentially malicious software from the Android Market, he wrote.

In fact, “this drop occurred at the same time that companies who market and sell anti-malware and security software have been reporting that malicious applications are on the rise,” Lockheimer pointed out.

No ‘Walled Garden’

Indeed, last fall saw several dire warnings of a “mobile malware crisis” looming on the horizon, so it’s good to hear some concrete data putting such claims in perspective.

At the same time, it’s also good to see Google adding to Linux-based Android’s arsenal of protections, which already include sandboxing, a rigorous permissions system, and the ability to remove malware easily, as Lockheimer notes.

No platform has perfect security, of course. Still, the addition of Bouncer adds one more level of protection while still avoiding the constraints of an Apple-style “walled garden.”

Article source:

View full post on National Cyber Security » Virus/Malware/Worms

Trojan gang targets BT, Talk Talk and Sky customers

Criminals using a dangerous variant of the Zeus bank Trojan have started hacking BT, Talk Talk and Sky phone accounts as a way of redirecting phone calls from bank fraud services away from victims.

As with other financial malware, the Ice IX Trojan is designed to steal bank logins, emptying accounts of much money as it can without setting off the bank’s fraud protection systems that normally pick up on odd or unusually large transactions.

Security company Trusteer has discovered that criminals controlling Ice IX are now throwing up a browser screen as part of the web injection hijacking process that tries to engineer users into give up phone service logins too.

Armed with this data – plus keylogged passwords for the same service – criminals then try to set calls to forward to a number controlled by them.  Banks that phone users to query transactions would then be told by imposters that transfers were genuine.

Screens have been discovered for three of the UK’s largest phone providers, BT, Talk Talk and Sky, but it is likely that almost any provider could be targeted.

”Faudsters are increasingly turning to these post-transaction attack methods to hide fraudulent activity from the victim and block email and phone communication from the bank,” said Trusteer CTO, Amit Klein.

“This allows attackers to circumvent security mechanisms that look for anomalies once transactions have already been executed by the user.”

Ice IX is one of a number of versions built using the source code from the most prodigious banking malware ever to appear, Zeus. Over time, attacks crafted using this family of malware have become increasingly targeted, with the phone service ruse another example of that phenomenon.

Malware gangs are wary of post-transaction verification and will typically test the system to work out the fraud threshold for different institutions and customers.

In one recent example, a New Jersey County lost $19,000 from a business account that had been compromised by Zeus, despite the fact that it contained $13 million in funds. The best explanation for this criminal modesty is that the gang attacking the account wanted to keep its theft as discrete as possible in the short term to avoid detection.

Article source:

View full post on National Cyber Security » Computer Hacking

Hacker group Anonymous targets Mexican sites

The activist hacker group Anonymous attacked three Mexican government websites on Friday in protest at a proposed bill that seeks to toughen local laws about online file-sharing.

The affected sites belong to the Interior Ministry, the Senate and the Chamber of Deputies. The homepage of the Interior Ministry remained offline by mid-afternoon.

“We demand the Mexican government not continue with this law because they will take away our freedom of speech and file sharing,” Anonymous said in a video posted on Youtube ahead of Friday’s action.

The proposed law, floated last month by a senator from the ruling National Action Party, Federico Doring, would criminalize the uploading of music, videos or books to the Internet without the permission of copyright holders.

Anonymous members and their supporters took to Twitter to coordinate the attacks under the hashtag “#OpDoring” with messages including “Senate TANGO DOWN !! FIREEE don’t hesitate to shoot” and “Change of target deputies … FIRE.”

Interior Minister Alejandro Poire confirmed his ministry’s website had been hit by a denial-of-service attack. He said the government was working to prevent such strikes, and that it would investigate and prosecute any crimes committed.

“We will certainly verify the security protocols of the ministry’s website to ensure the integrity of its information and prevent future attacks,” he said.

Anonymous, a loosely knit group that has attacked financial and government websites around the world, compared Doring’s proposal with anti-piracy bills in the United States that were halted after a huge online protest this month.

The hacker group had clashed with Mexican officials before. Anonymous claimed responsibility in September after the websites of several Mexican government ministries, including Defense and Public Security, went offline.

Copyright 2012 Thomson Reuters. Click for restrictions.

Article source:

View full post on National Cyber Security » Computer Hacking

Page 4 of 9« First...«23456»...Last »

My Twitter

Gregory D. Evans On Facebook