DaemonForums  

Go Back   DaemonForums > DaemonForums.org > News

News News regarding BSD and related.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 15th January 2013
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 3,157
Thanked 182 Times in 149 Posts
Default Operation Red October - large-scale cyber-espionage uncovered

From http://h-online.com/-1784465

Quote:
Security experts at Kaspersky Lab have apparently uncovered a massive case of cyber-espionage. An analysis published on Monday states that computer networks in diplomatic missions, government and trade organisations, energy companies, and research, aerospace and military institutions have been infiltrated for an estimated five years. A sophisticated infrastructure appears to have enabled the unknown hackers to make off with terabytes of highly confidential geopolitical information and other data.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote
  #2   (View Single Post)  
Old 16th January 2013
silex silex is offline
Port Guard
 
Join Date: Mar 2012
Posts: 18
Thanked 0 Times in 0 Posts
Default

just asking? don't you believe this was a media trick to hide on the java and its browser plugin nightmare? the timing is a bit weird...
Reply With Quote
  #3   (View Single Post)  
Old 16th January 2013
Ninguem Ninguem is offline
Shell Scout
 
Join Date: Jun 2011
Posts: 138
Thanked 0 Times in 0 Posts
Default

My bitch with most of these anti-virus|malware companies is that they have little understanding of systems outsid eof the commonly used ones. With that much ignorance- or stupidity since they wish to remain uninformed- I wouldn't put much value on their word.
__________________
No signature
Reply With Quote
  #4   (View Single Post)  
Old 19th January 2013
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 3,157
Thanked 182 Times in 149 Posts
Default Red October espionage platform unplugged hours after its discovery

For an update see http://arstechnica.com/security/2013...its-discovery/
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote
  #5   (View Single Post)  
Old 23rd January 2013
phyro phyro is offline
Port Guard
 
Join Date: Sep 2010
Posts: 27
Thanked 0 Times in 0 Posts
Default

Quote:
just asking? don't you believe this was a media trick to hide on the java and its browser plugin nightmare? the timing is a bit weird...
The timing is not really odd other then they were able to monitor the malware for long enough to figure our what it does and who it was affecting.

Chances are if were only hearing about it now, DoD or DoHS or similar agency has been aware of it and tracking it for some amount of time.. judging by the white paper released someone spent a great deal of time figuring out how it works and what exactly its doing.

There are more troubling issues then this tho as it confirms that people/groups are going to great lengths to develop (AI) and or target specific malware.

In red Octobers case each target was specifically keyed, not only did it target a person but the malware was capable of key logging, screen shots, transferring data and mapping entire networks.

The Java part was just "part" of the problem, just as some .dll files that were exploited to preform crypto on specific files/md5 hash tags and specific .pdf documents.

My question is will networking tools and ids ever be s.m.r.t enough to be able to detect complex malware's such as this.

after all, in 5 years.. EVERYTHING failed to catch it except a really board human that was probably monitoring traffic manually. So the real question is ... "what else are we missing" Its a good bet some little retard is sitting in his hole somewhere laughing like some demented mad professor.

notice the silence of the "virus" giants in this matter? coodoo's to Kaspersky!

securelist has a complete break down of all 5 aspects of this wicked piece of malware

http://www.securelist.com/en/analysi...tage_of_Attack

Last edited by phyro; 23rd January 2013 at 06:28 PM.
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
USB drives left in car park as corporate espionage attack vector J65nko News 0 13th July 2012 10:01 PM
Security Critical Java hole being exploited on a large scale J65nko News 0 29th March 2012 01:58 AM
NATO signs contract for Cyber Defence shep News 0 11th March 2012 05:31 PM
Stuxnet Espionage Worm shep News 5 13th February 2011 04:31 PM
Top Cyber Security Risks J65nko News 1 22nd January 2010 02:40 AM


All times are GMT. The time now is 05:01 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick