Openness and disclosure may be the only remedy against operations like the “Shady RAT”

Posted by & filed under Hacks, Security News.

McAfee recently disclosed the result of five years of investigation of a threat actor that have compromised 72 targeted organizations. While the sheer number and time span of the attacks, not to mention the compromised parties’ identities (for instance, the United Nations was hacked) are enough to raise an eyebrow or two, two paragraphs in the article particularly caught my… Read more »

RSA hack a combination of social engineering and a 0-day

Posted by & filed under Security News.

Found an interresting article about the recent RSA hack, seems that the threat agents in this case was both advanced and persistent. It smells like an intelligence operation to be honest, and it goes to show how hard it is to safeguard against an advanced enemy with the means and stamina to pull off advanced attacks…. Read more »

The rise and fall of HBGary Federal

Posted by & filed under Hacks, Security News.

Wired‘s Threat Level blog has a very good article on how not to run a professional information security services firm. HBGary Federal, that was recently hacked by the loosely attached group of hacktivists called Anonymous (press release here), has, it seems, fallen ill to some unknown spy movie virus when trying to unmask the group… Read more »

Lobbying for Internet warfare

Posted by & filed under /dev/random, Security News.

Susan Crawford has some very interesting thoughts in a recent blog post about how certain agencies seem to be lobbying for increased funding to “cyber war capabilities” and increased Internet control by feeding the mainstream media with news. FTA: [...] the agencies that are most interested in forwarding cyberattack abilities, surveillance, guaranteed back doors for encrypted… Read more »