Education

hidden_lynx thumbnail image

APT-For-Hire: Symantec Outs Hidden Lynx Hacking Crew

This site and others have been writing about the “Advanced Persistent Threat” problem, which has generally been treated as a euphemism for the government and military of The People’s Republic of China or – in some cases – Russia, Iran, North Korea or other un-friendlies. Firms like Mandiant have taken pains to separate the concept of APT from run of the mill cyber criminal hacking groups whose motivation is profit, rather than the acquisition of information that can be used to advance geopolitical or economic goals. Cyber criminal groups may well use “advanced” in their attack methods and “persistent” in their efforts to compromise victim networks, but they weren’t “APT.” Now Symantec Corp. has put a fly into that ointment: publishing a report that pulls the covers off an APT group dubbed “Hidden Lynx” that it claims is responsible for some of the most sophisticated and large scale hacks of […]

Report: Crematoriums To Caterpillars Shodan Reveals Internet Of Things

What kind of stuff is lurking out there on the vast (and growing) Internet of Things? A recent story in Forbes makes the point that its a lot more varied than you might think – everything from Caterpillar trucks to public school classrooms to a crematorium. And “yes,” I said “crematorium.” The idea that surveillance cameras can be accessed from the public Internet isn’t really new. Security researchers have been showing off ways to sidestep security features for IP enabled surveillance cameras for years. We wrote last week about the Federal Trade Commission’s case against a California company, TRENDNet, which made a line of balky, in secure home surveillance gear. But Kashmir Hill makes the point in her story that surveillance cameras are just the tip of the iceberg. Hill interviewed security researchers and professional Shodan jockeys, who use that hardware focused search engine to uncover supposedly secure equipment and industrial control […]

Report Exposes Links Between Chinese Govt., Hacking Group

If you read one story today (besides this one, of course!) it should be The New York Times’ write-up of a just-released, 60-page report (PDF) on a Chinese hacking group known as APT1 by the security firm Mandiant. At a one level, the report doesn’t tell us anything we didn’t already know: APT1 is a professional, hacking crew that operates from within China and with the full knowledge and support of the Chinese Government. Most of us already suspected that. The report is worth reading for the depths of Mandiant’s research into APT \1 and the revelations of just how close the ties are to the Chinese government and, particularly, the People’s Liberation Army (PLA). Specifically: Mandiant is able to parse the findings of around 150 intrusions it has analyzed that are attributable to APT 1 – which is probably some small fraction of all the attacks the group has carried out. […]

Update: Student’s Expulsion Exposes Computer Science Culture Gap

Editor’s Note: Updated to include comment from Dawson CS Professor Simonelis. – PFR 1/22/2013 The expulsion of a  20 year-old computer science major at Dawson College in Quebec, Canada has laid bare what one expert says is a culture gap between academic computer science departments and the ‘real world’ of application development. In the wake of news stories that have drawn attention to the case, Dawson’s faculty and administration have stood by their decision, saying that “hacking” of the type Ahmed Al-Khabaz was engaged in was an example of “unprofessional conduct” by a computer sciences engineer. This, even as private sector firms – including the company whose software Al-Khabaz exposed – have come forward with job offers and scholarships. Al-Khabaz was expelled in November by a school administration that looked askance at his security audits of a student portal web site dubbed “Omnivox,” accusing him of launching “SQL injection” attacks […]

Update: Canadian Colleges Go Dark Following Expulsion of Whitehat

Editor’s Note: Updated to clarify that the sites were unreachable outside Canada, but accessible from IP addresses within that country and to add comment from Skytech on the Internet filtering. – PFR (1/22/2013) The web sites of a number of Canadian General and Vocational Colleges were unreachable from IP addresses outside Canada on Tuesday, after news spread that Dawson College, in Montreal, expelled a student who uncovered and reported security holes in a web-based student portal used at the school. The web site for Dawson College, dawsoncollege.qc.ca returned a 403 “Access Denied” message on Monday evening and Tuesday morning, along with the web sites for John Abbott College, the Collège de Maisonneuve and Cégep de Trois-Rivières. The schools all use the Omnivox software by local firm Skytech Communications to manage their student portals. The web site for Skytech Communications could not be reached either early Tuesday and returned the same 403 error. Calls […]