HP Security Research OSINT (OpenSource Intelligence) articles of interest--June 6, 2014

Key Articles of Interest

 

Peek Inside a Professional Carding Shop
Over the past year, I’ve spent a great deal of time trolling a variety of underground stores that sell “dumps”--street slang for stolen credit card data that buyers can use to counterfeit new cards and go shopping in big-box stores for high-dollar merchandise that can be resold quickly for cash.

 

DOD: ANNUAL REPORT TO CONGRESS Military and Security Developments Involving the People’s Republic of...
THE PEOPLE’S REPUBLIC OF CHINA (PRC) continues to pursue a long-term, comprehensive military modernization program designed to improve the capacity of its armed forces to fight and win short-duration, high-intensity regional contingencies.

 

Sold Down the River
A world-wide scan of the Intelligent Platform Management Interface (IPMI) protocol identified over 230,000 Baseboard Management Controllers (BMCs) exposed to the internet, of which upwards of 90% could be compromised by just a handful of basic configuration and protocol weaknesses.

 

Inside an attack by the Syrian Electronic Army
The Syrian Electronic Army (SEA) has become a bit of a name brand as far as low-level hacking groups are concerned. Their methods are simple, but effective. They spend most of their energy on propaganda and self-promotion, but lately they’ve taken to targeting media organizations (or the people associated with them), and IDG Enterprise is no exception.

 

Syrian Electronic Army responds to attack article
Earlier this week, Salted Hash published a first-hand account of an attack by the Syrian Electronic Army (SEA) against IDG Enterprise. Later that same day, one of the group’s members responded. The first response from the SEA was a message that included an IDG staffer’s email address and password. This information was presented for shock value, as a way to prove that the SEA were in fact successful in their Phishing attack against IDG.

 

Cyberspace 2025 Today’s Decisions, Tomorrow’s Terrain
What will cyberspace look like 25 years into the new millennium? By 2025, more than 91 percent of people in developed countries and nearly 69 percent of those in emerging economies will be using the Internet. Internet dependence will not just be a concept, but rather the new reality.

 

Avoiding a War on Unauthorized Computation: Why Exploit Regulation is the Biggest Danger to Coder Fr...
In recent cyber-security discussions, several parties compared exploits with weapons (e.g., referred to development and sale of exploits as “arms dealing”) and called for legal intervention and regulation in the name of protecting user security and privacy.

 

An Analysis of PlugX Using Process Dumps from High-Resolution Malware Analysis
Targeted attacks and so-called APTs (advanced persistent threats) come in many forms and colors. Very often, in-house malware analysis teams want to go beyond the detection information offered by traditional analysis systems (which often only says if a program looks malicious or not).

 

This Is What Happens When You Hack and Extort the ‘Bitcoin Jesus’
When the man known as “The Bitcoin Jesus” got hacked, he didn’t go straight to the police. He just tapped the power of bitcoin.

 

Thank you for reading. If you missed last-week's articles, you can read them here

Labels: HP| security
Leave a Comment

We encourage you to share your comments on this post. Comments are moderated and will be reviewed
and posted as promptly as possible during regular business hours

To ensure your comment is published, be sure to follow the Community Guidelines.

Be sure to enter a unique name. You can't reuse a name that's already in use.
Be sure to enter a unique email address. You can't reuse an email address that's already in use.
Type the characters you see in the picture above.Type the words you hear.
Search
Showing results for 
Search instead for 
Do you mean 
About the Author
Featured


Follow Us
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.