HP Security Research OSINT (OpenSource Intelligence) articles of interest--May 30, 2014

Key Articles of Interest

US cybercrime laws being used to target security researchers
Some of the world’s best-known security researchers claim to have been threatened with indictment over their efforts to find vulnerabilities in internet infrastructure, amid fears American computer hacking laws are perversely making the web less safe to surf.

The anatomy of Russian information warfare
The crimean operation has served as an occasion for russia to demonstrate to the entire world the capabilities and the potential of information warfare. Its goal is to use difficult to detect methods to subordinate the elites and societies in other countries by making use of various kinds of secret and overt channels (secret services, diplomacy and the media), psychological impact, and ideological and political sabotage. russian politicians and journalists have argued that information battles are necessary for “the russian/Eurasian civilisation” to counteract “informational aggression from the Atlantic civilization led by the USA."

Scrape FAST, Find’em Cards EASY!
While researching POS RAM scraper malware, I came across an interesting sample: a RAR archive that contained a development version of a POS RAM Scraper malware and a cracked copy of Ground Labs’ Card Recon software. Card Recon is a commercial Data Leakage Prevention (DLP) product used by merchants for PCI compliance.

Meet the Man Hired to Make Sure the Snowden Docs Aren’t Hacked
In early January, Micah Lee worried journalist Glenn Greenwald’s computer would get hacked, perhaps by the NSA, perhaps by foreign spies. Greenwald was a target, and he was vulnerable. He was among the first to receive tens of thousands of top secret NSA documents from former contractor Edward Snowden, a scoop that eventually helped win the most recent Pulitzer prize.

Inside the FBI’s Fight Against Chinese Cyber Espionage
SolarWorld was fighting a losing battle. The United States subsidiary of the German solar panel manufacturer knew that its Chinese competitors, backed by generous government subsidies, were flooding the American market with steeply discounted solar panels and equipment, making it practically impossible for U.S. firms to compete. What SolarWorld didn’t know, however, was that at the same time it was pleading its case with U.S. trade officials, Chinese military hackers were breaking into the company’s computers and stealing private information that would give Chinese solar firms an even bigger unfair advantage, including the company’s pricing and marketing strategies.

Detecting Keyloggers on Dynamic Analysis Systems
One notorious functionality present in many variants of today’s advanced malware is the ability to steal sensitive user information. Taking control of a targeted machine, an adversary has basically unlimited abilities to secretly monitor the actions performed by an unsuspecting victim who uses the infected machine.

The Utilization and Management of SOCKPUPPETS within Online Communities
The Internet is the principle arena for online communication. Within the online community, individuals can choose who they are. If a member chooses an online identity that is something other than who they are in real life, then the identity created is a sockpuppet. The purpose of this research was to examine the utilization and management of sockpuppets within online communities. What are the ethical and legal boundaries in the use of sockpuppets within civilian online communities?

When HTTPS Meets CDN: A Case of Authentication in Delegated Service
Content Delivery Network (CDN) and Hypertext Transfer Protocol Secure (HTTPS) are two popular but independent web technologies, each of which has been well studied individually and independently. This paper provides a systematic study on how these two work together. We examined 20 popular CDN providers and 10,721 of their customer web sites using HTTPS.

Back to Basics: Beyond Network Hygiene
In the past, Computer Network Defense (CND) intended to be minimally intrusive to the other requirements of IT development, business, and operations. This paper outlines how different security paradigms have failed to become effective defense approaches, and what the root cause of the current situation is.

The Willy Report: Proof of massive fraudulent trading activity at Mt. Gox, and how it has affected t...
Somewhere in December 2013, a number of traders including myself began noticing suspicious bot behavior on Mt. Gox. Basically, a random number between 10 and 20 bitcoin would be bought every 5–10 minutes, non-stop, for at least a month on end until the end of January. The bot was dubbed “Willy” at some point, which is the name I’ll continue to use here.

 

 

Thanks for reading. If you missed last week's articles, you can find them here. Stay tuned for next week's OSINT articles of interest! 

Labels: HP| security
Leave a Comment

We encourage you to share your comments on this post. Comments are moderated and will be reviewed
and posted as promptly as possible during regular business hours

To ensure your comment is published, be sure to follow the Community Guidelines.

Be sure to enter a unique name. You can't reuse a name that's already in use.
Be sure to enter a unique email address. You can't reuse an email address that's already in use.
Type the characters you see in the picture above.Type the words you hear.
Search
Showing results for 
Search instead for 
Do you mean 
About the Author
Featured


Follow Us
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.