HP Security Research OSINT (OpenSource Intelligence) articles of interest--April 4, 2014

HP Security Research OSINT articles of interest

 

United States’ Malware Infection Rate More than Doubles in the First Half of 2013
New data in the Microsoft Security Intelligence Report volume 15, indicates that the malware infection rate of the United States increased precipitously between the fourth quarter of 2012 and the first quarter of 2013.

 

Red Cloud Rising: Cloud Computing in China
As part of a larger development strategy for advancing Chinese software and information technology services, the Chinese government plans to make more than one billion dollars (USD) available over the next few years to drive cloud computing development.

 

A “Kill Chain” Analysis of the 2013 Target Data Breach
In November and December 2013, cyber thieves executed a successful cyberattack against Target, one of the largest retail companies in the United States. The attackers surreptitiously gained access to Target’s computer network, stole the financial and personal information of as many as 110 million Target customers, and then removed this sensitive information from Target’s network to a server in Eastern Europe.

 

Analyzing the Target Breach “Kill Chain Analysis” Report
Chairman Rockefeller of the Committee on Commerce, Science and Transportation, commissioned this report to better help Senators, and laymen, better understand what exactly happened at Target—and how the attack could have possibly been thwarted against the backdrop of the Kill Chain. I’ve read and re-read this document a few times and here are my notes.

 

Cyberspace as a Weapon System
It is undeniable that all who operate in cyberspace must face the reality that every connection of a device to the Internet places networks and users at risk. Once viewed as a commons meant to share information and research across vast distances with ease, cyberspace is now a warfighting domain where longtime enablers (e.g., networks, computer systems, radios) also serve as weapons platforms capable of being used by any and all with the capability and intent.

 

Cyber criminals are out-spending the defenders two to one: HP
It’s US$104 billion versus US$48 billion, claims HP Enterprise Services—but whether those annual figures are true or not, the bad guys are definitely getting better organized.

 

The Classification of Valuable Data in an Assumption of Breach Paradigm
When a company or a government acknowledges that they cannot keep a dedicated adversary out of their network, then the applicable security strategy changes from perimeter-based to an assumption of breach; a new security paradigm that was raised by Debora Plunkett (head of NSA’s Information Assurance Directorate) on 16 December 2010: “We have to build our systems on the assumption that adversaries will get in.”

 

U.S. states probing security breach at Experian unit
A number of U.S. states are jointly investigating a data breach involving a subsidiary of Experian Plc that exposed the social security numbers of some 200 million people to potential criminal activity.

 

Why a hacked Twitter account is worth more than a stolen credit card
Twitter is becoming the channel of choice for hackers, according to a new report that suggests stolen account information can fetch more money than credit cards on the cybercrime black market.

 

Android Botnet Targets Middle East Banks
I recently encountered a botnet targeting Android smartphone users who bank at financial institutions in the Middle East. The crude yet remarkably effective mobile bot that powers this whole operation comes disguised as one of several online banking apps, has infected more than 2,700 phones, and has intercepted at least 28,000 text messages.

 

Free tool calculates the damage of a cyber attack
The Economist Intelligence Unit has launched an online tool that is designed to tally the bill from cyberattacks. Incidents of cybercrime are reported in the media almost every day, yet reliable estimates of their financial impact on companies are few and far between. CyberTab, sponsored by Booz Allen Hamilton, is designed to address this gap.

 

Creating an intelligent “sandbox” for coordinated malware eradication
For some time now, anti-malware companies have been applying machine learning and big data analysis to generate more malware detections faster. Machine learning is all about training a machine to find patterns of signals in large streams of labeled information, then using those patterns against future data, all the while using feedback to continuously improve its accuracy.

 

The Importance of Command and Control Analysis for Incident Response
Understanding command and control (a.k.a. C2, CnC or C&C), is critical to effectively detect, analyze, and remediate malware incidents. The phrase “command and control,” which has its origins in military terminology, refers to the approach an attacker uses to take command of and exercise control over a compromised system.

 

Hackers target journalists: Reporters caught spying on other reporters
You may wish to check out the March 28, 2014 C-net article by Don Reisinger, “Watch out, journalists: Hackers are after you.” According to that article, on March 21, 2014, at the Black Hat hackers conference in Singapore, speakers such as Google security engineers Shane Huntley and Morgan Marquis-Boire reported that 21 of the top 25 news organizations in the world have been targeted by hackers.

 

New Retail Breach: ‘Low-and-Slow’ Attack
Houston-based liquor store chain, Spec’s, says its network was attacked by malware back in October 2012, and the intrusion, which exposed card data and other information, may have continued until as late as March 20, 2014. The attack wasn’t revealed until last week at the request of law enforcement officials, the company says.

 

Two men plead guilty to role in worldwide hacking operation
Two men pleaded guilty in a New Jersey federal court to crimes linking them to an international hacking operation, which attempted to steal at least $15 million from U.S. bank customers. On Monday, Robert Dubuc, 40, of Malden, Mass., and Oleg Pidtergerya, 49, of Brooklyn, N.Y., admitted their involvement, the U.S. Department of Justice (DOJ) announced.

 

Wells Fargo Sets up War Room to Monitor Social Media Sites
To understand why Wells Fargo has set up a command center to better monitor social media sites, consider this: last year, the bank was mentioned more than one million times on social media sites—and not all those comments were flattering.

 

The Anatomy of a Forgotten Social Network
The study of social networks has gripped computer scientists in recent years. In particular, researchers have focused on a few of the biggest networks that have made their data available, such as some mobile phone networks, Wikipedia and Twitter. But in the rush, one network has been more or less ignored by researchers: Tumblr, a microblogging platform similar to Twitter. So an interesting question is how the network associated with Tumblr is different from the Twitter network…

 

Developing Your Cyber Intelligence Analyst Skills
In this edition, we will cover more in depth what it means to be a cyber-intelligence analyst in terms of understanding intelligence products, skills to develop, and an introduction to the sub-disciplines of cyber intelligence.

 

Ransomware: a Q&A
Who creates them? What is their goal? How successful are they, and what is their recipe for success?

 

NTT Global Threat Intelligence Report
Signup Required
There’s no escaping the facts that security threats continue to evolve, gaps in basic controls continue to be exploited and attackers continue to evolve. And 2013 was no exception, as highlighted in the 2014 Global Threat Intelligence Report (GTIR).


NSFocus released their DDoS Threat Report 2013
DDoS attacks—These short and frequently repeating attacks often serve two purposes: First, to scout their victims’ defense capabilities before more tailored assaults are launched, and second, to act as smokescreens or decoys for other exploitation.

 

Labels: HP| security
Leave a Comment

We encourage you to share your comments on this post. Comments are moderated and will be reviewed
and posted as promptly as possible during regular business hours

To ensure your comment is published, be sure to follow the Community Guidelines.

Be sure to enter a unique name. You can't reuse a name that's already in use.
Be sure to enter a unique email address. You can't reuse an email address that's already in use.
Type the characters you see in the picture above.Type the words you hear.
Search
Showing results for 
Search instead for 
Do you mean 
About the Author


Follow Us
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation