Other News

Welcoming A New Sponsor: The Trusted Computing Group!

Welcoming A New Sponsor: The Trusted Computing Group!

The Security Ledger is a new, online publication that’s serious about reporting on security and “The Internet of Things.” While we’ve had tremendous success in our first six months of operation, any new endeavor involves some risk. That’s why I’m thrilled to have had the backing of some forward-looking sponsors: Qualys and Veracode. And today, I’m happy to add a new name to that list: The Trusted Computing Group (TCG). For those of you who aren’t familiar with TCG, its best known as the group behind the Trusted Platform Module (TPM) secure, cryptographic chip that ships with almost every modern desktop and notebook PC. The TPM assures a hardware-based root of trust on compliant system, allowing TPM-equipped systems to securely generate cryptographic keys that can authenticate each endpont for use in secure, online transactions and communications. But TCG actually does a lot more. As a security beat reporter, for example, I […]

Botnet Of Embedded Devices Used To Map Internet

Botnet Of Embedded Devices Used To Map Internet

Botnets are mostly linked with spam e-mail campaigns, denial of service attacks and data theft. But global networks of compromised hosts can be used for a variety of ends – not all of them malicious. That was the idea behind “Internet Census 2012,” a stealth project by an unnamed and unknown researcher/hacker to map the entire IPV4 Internet address space using a massive network of compromised devices. The results, published in the form of a research paper, underscore the problem of  unsecured embedded devices, including set top boxes, home routers and critical infrastructure, with the hacker able to locate and compromise these systems, creating a botnet of more than 420,000 nodes. According to a copy of the report, the project grew out of an experiment to locate unprotected devices online using nmap, the open source scanning tool. By compromising each vulnerable host and then enlisting it to scan for other […]

ISP Telenor: Execs Laptops Emptied in Cyber Spy Operation

ISP Telenor: Execs Laptops Emptied in Cyber Spy Operation

The Norwegian telecommunications firm Telenor told authorities in that country that a sophisticated cyber spying operation compromised the computers of leading executives and “emptied” them of sensitive information, including e-mail messages, computer files and passwords, according to a report Sunday by Aftenposten. Several executives of Telenor were the subjects of “extensive, organized industrial espionage,” the report said, quoting Telenor Norway’s director, Rune Dyrlie. The company has reported the incident to  Nasjonal sikkerhetsmyndighet – or NSM – Norway’s national security authority as well as Nor-CERT, Norway’s Computer Emergency Readiness Team and the cyber defense unit Cyberforsvaret. “We take it very seriously by several bosses in Telenor stolen sensitive information. It is quite clear that those behind, got downloaded stolen information. There is no doubt that we have lost data,” Dyrlie told Aftenposten. Dyrlie said that the company missed the initial infection, which used “new, customized software.” The first indication of a compromise came after automated monitoring software operated […]

Twenty ISPs Responsible For Half Of All Spam

Twenty ISPs Responsible For Half Of All Spam

One of the lessons we’ve learned in recent years is that online attacks can come from anywhere. Viruses and spyware were more common to pornography and pirate download web sites five years ago. Today, even the most reputable web sites might be the source of online mayhem. In fact, so-called “watering hole” attacks that exploit legitimate web sites and use them as honey pots to lure the intended victims are all the rage among sophisticated attackers. (For evidence of this, see our recent story on the compromise at the web site of The National Journal, a publication for Beltway policy wonks.) But the Internet still has its dark alleys and bad neighborhoods. And they’re still the source of a lot of malicious activity – especially in connection to run of the mill crimes like spam and phishing attacks. That’s the conclusion of research done by students at the University of Twente’s […]

D.C. Insider Site NationalJournal.com Serving Malware

D.C. Insider Site NationalJournal.com Serving Malware

Watering hole -style attacks are all the rage these days, as our recent coverage on the attacks against Facebook and Twitter suggest. That makes us look askance at any report of a web site compromise – especially at a site that’s known to serve an audience that’s of interest to sophisticated, nation-state backed hacking crews.   That’s why it caught our attention this week that the web site for the DC-insider magazine The National Journal (nationaljournal.com) was found serving malware. According to a blog post by Anup Ghosh at the security firm Invincea, The National Journal’s Web site was serving up attacks to visitors of the site on Tuesday. The discovery was surprising, as the magazine acknowledged an earlier compromise on February 28th and said that it had since secured its site. That National Journal, part of The Atlantic Media Company, is widely read within Washington D.C.’s political circles. It […]