Reports

APT-For-Hire: Symantec Outs Hidden Lynx Hacking Crew

This site and others have been writing about the “Advanced Persistent Threat” problem, which has generally been treated as a euphemism for the government and military of The People’s Republic of China or – in some cases – Russia, Iran, North Korea or other un-friendlies. Firms like Mandiant have taken pains to separate the concept of APT from run of the mill cyber criminal hacking groups whose motivation is profit, rather than the acquisition of information that can be used to advance geopolitical or economic goals. Cyber criminal groups may well use “advanced” in their attack methods and “persistent” in their efforts to compromise victim networks, but they weren’t “APT.” Now Symantec Corp. has put a fly into that ointment: publishing a report that pulls the covers off an APT group dubbed “Hidden Lynx” that it claims is responsible for some of the most sophisticated and large scale hacks of […]

Continue Reading

World-is-Flat Author Weighs In On Internet Of Things

Those of you who don’t religiously read the Op-ed page of The New York Times, but who are interested in the Internet of Things, probably want to surf on over to the Times’s web site to check out Thomas Friedman’s opinion piece “When Complexity Is Free” from the Sunday Times. There are a couple of points, here. Friedman is one of the most astute observers of the geopolitical zeitgeist. His 2005 book The World Is Flat talked about the confluence of technologic innovation, the Internet and economic globalization. It is one of the most widely read works of “business writing” of the last century and helped explain, for the public and policymakers, the tectonic changes taking place in emerging and mature economies worldwide. Friedman’s stature as a trend-spotter (see #1) means that, when he says something is important (as he did with IoT this week) important folks take notice. In the […]

Continue Reading

What Is The NSA’s Big Crypto Breakthrough?

The revelations about US government spying keep coming fast and furious, thanks to Edward Snowden, the former Booz Allen Hamilton contractor who absconded with reams of classified (and highly classified) documents from the National Security Agency. The latest details come courtesy of The Washington Post which on Thursday published documents detailing the so-called “Black Budget” – government spending on its intelligence services including the CIA and NSA – over the last nine years, including the $52 billion spent in 2013. The documents give the most detailed accounting to date on U.S. government spending on intelligence in the post September 11 world and contain quite a few surprises. Among them: proof that the CIA receives far more money than does the NSA. But it is Uncle Sam’s work on cryptanalysis  that has attracted a lot of attention from computer security and privacy experts. First, the Black Budget reveals that the NSA […]

Continue Reading

Is Jump In ToR Use Blowback From PRISM?

It’s ironic that government surveillance might push the public to embrace technology pioneered by the Department of Defense. But so it is: new metrics from The Tor Project show that use of the online anonymity service has exploded since early June: up more than 100 percent, from just over 500,000 global users to more than 1.2 million. Why the sudden surge in privacy conscious Internet users? It would be easy to connect the dots between revelations about the U.S. government’s omnibus data gathering program PRISM and the sudden desire of Internet users to sacrifice some speed and performance for the privilege of having their online doings passed through The Onion Router. Still, it’s not clear that this is the case. To be sure: growth is being seen across the board, not just in active users, but in the number of ToR clients running, the data suggests. There are steep increases […]

Continue Reading

Updated – Hackout: Philips Smart Lightbulbs Go Dark In Remote Attack

Add lightbulbs to the list of everyday technology that is 1) Internet connected and 2) vulnerable to crippling remote attacks.* Writing on Tuesday, security researcher Nitesh Dhanjani disclosed a proof of concept hack against HUE lightbulbs, a brand of wi-fi enabled bulbs manufactured by the firm Philips. The vulnerability discovered by Dhanjani allows a remote attacker to use her mobile device to control HUE. HUE wi-fi enabled bulbs are sold at Apple stores and allow users to control the function and color of the bulbs using iPhone and Android mobile apps. Dhanjani published his findings in a paper, “Hacking Lightbulbs,” which calls the HUE system of bulbs and a wireless bridge “wonderfully innovative,” but also prone to hacking. The most serious flaw discovered would allow a remote attacker to impersonate a white-listed (or “allowed”) mobile device, sending commands to HUE bulbs that could cause them to turn off or manipulate […]

Continue Reading
1 143 144 145 146 147 152