U.S. weighs retaliation to alleged Chinese cyberattacks
Following a string of cyberattacks allegedly coming from China, the U.S. government is debating what from the response should take.
by Charlie Osborne February 1, 2013 6:02 AM PST
U.S. weighs retaliation to alleged Chinese cyberattacks | Security & Privacy – CNET News.
Andy Greenberg, Forbes Staff
Covering the worlds of data security, privacy and hacker culture.
Symantec Gets A Black Eye In Chinese Hack Of The New York Times – Forbes.
Higgs Boson May Be An Imposter, Say Particle Physicists – Technology Review.
At least two other particles could be masquerading as the God particle, according to a new analysis of the data from CERN
Love this quote
“Propose to a man any principle, or an instrument, however admirable, and you will observe the whole effort is directed to find a difficulty, a defect, or an impossibility in it. If you speak to him of a machine for peeling a potato, he will pronounce it impossible: If you peel a potato with it before his eyes, he will declare it useless, because it will not slice a pineapple.” - Charles Babbage
IT security threats are constantly evolving. It’s time for IT security pros to get ingenious
By Roger A. Grimes
July 9, 2012 06:17 AM ET
The buzzword now is “Active Defense” (AD). I’ll give you that AD sounds better than “Black Ops” but a rose by another name is still a rose. Corporate Black Ops have been in existence since the beginning of hacking. Initially, it might have been a grey-hat admin shooting across the bow of an attacker letting them know that the targeted network is protected by someone who knows what is going on. Often, these black op activities were performed without the knowledge of corporate management.
However, with the rise in hacktivism and APT’s Corporate Black-ops is being given more consideration by company management. Take for example George Kurtz’s new company Crowdstrike. Their moto “You don’t have a malware problem, you have an adversary problem.”
In his blog post announcing Crowdstrike back in Feb, George lays-out the case for utilizing the services of a company like Crowdstrike. Specifically the “missing link: Attribution & Raising the Costs to the Adversary”
From his blog:
“By identifying the adversary and revealing their unique TTPs (i.e. modus operandi), we can hit them where it counts – at the human-dependent and not easily scalable parts of their operations.”
So my question is are we ready to take Corporate Black-ops out of the dark?
It’s time to start running Anti-virus on any system/OS that allows users to browse the Interwebs. Yes, ANY OS (don’t look at me like that Linux, you too)
Yes, I know that AV only knows what it knows but it is still better than nothing.
New MacOS X backdoor variant used in APT attacks - Securelist – Costin Raiu Blog
For a successful technology, reality must take precedence over public relations, for Nature cannot be fooled. – Richard Feynman
FTC Files Lawsuit Over Data Breaches At Large Hotel Operator
Super Physics Smackdown: Relativity v Quantum Mechanics…In Space
The only way to study the conflict between relativity and quantum mechanics is to test them over enormous distances in space. And physicists are already making plans
The team at malware-lu doing a great job embarrassing the creator of the herpesnet bonnet. What idiot infects his personal machine with his own botnet? Though, for some reason, I do see a lesson here for the DEVOPS and security automation crowd. Information and control can flow both directions.
en_analyse_herpnet – malware-lu – Malware.lu technical analysis – Google Project Hosting.
Indiana University’s chief network architect explains how he uses OpenFlow to secure, load balance, and begin to exert some sort of unified control over a 120,000-person user network.
By Sean Michael Kerner | May 14, 2012
OpenFlow can Provide Security, Too.