Search Results for "China"

Lights Out For Java: Experts Say Turn It Off – And Leave It Off

Security experts from around the globe are warning Internet users to disable Java while browsing the web, after attacks using a previously unknown (“zero day”) vulnerability in Java began to surface, as part of multi-purpose “exploit kits” that are used to launch attacks from hostile or compromised web sites. The exploit works on all versions of Java 7, including update 10 – the latest release from Oracle, which now manages the Java technology, after acquiring it with the assets of Sun Microsystems, according to an analysis by the firm Alienvault, which said that the exact nature of the vulnerability wasn’t known because the exploit was heavily obfuscated to slow down security researchers. According to this report from Krebsonsecurity, the first word of the new exploit came by way of underground forums, where the administrators of popular exploit kits like Blackhole and the Nuclear exploit kits added the Java exploit as […]

Council of Foreign Relations Hackers Also Hit US-based Turbine Maker

The web site of the Council of Foreign Relations (CFR) may not have been the only target of sophisticated attackers who used a previously unknown (“zero day”) vulnerability in Microsoft’s Internet Explorer web browser to compromise the computers of those who visited the site, a new report claims. Eric Romang, a Luxembourg-based security expert at the firm Zataz.com said that he has discovered an almost identical compromise to the CFR hack on the web site of Capstone Turbine Corporation, a California-based manufacturer of small, energy-efficient power turbines. His investigation uncovered malicious files similar to those used on the CFR site that were used to launch a so-called “heap spray” attack against visitors using the Internet Explorer web browser, triggering the zero day vulnerability. Romang was among the first to isolate the script used to launch the drive by download attack used on the CFR web site. Writing on Wednesday, he said […]

Report Warns of Growing ‘Dark Side’ of Cyberspace

The head of a prominent human rights groups has warned that increased state involvement in cyberspace, including surveillance, censorship, propaganda campaigns and offensive cyber operations threatens the future of the Internet as much as endemic problems like cyber crime – part of a growing “dark side” to cyberspace. Writing in the Penn State Journal of Law and International Affairs,  Ronald Deibert, Director of Citizen Lab and Canada Centre for Global Security Studies said that threats to human rights and individual liberties come from a variety of states – from authoritarian regimes, to Latin American narco-states to liberal democracies in the West, as governments increasingly leverage the power of the Internet to monitor citizens’ behavior and impose limits on free expression. Citizen Lab, part of the Munk School of Global Affairs at the University of Toronto, has played a key role in high-profile investigations of cyber espionage including the now-infamous Ghost Net attacks on […]

Are Security Firms Ducking Attribution for VOHO? (Rhymes with ‘Carolina’)

RSA left few stones unturned in its recent report (PDF) on the so-called “VOHO” attacks against pro democracy, military industrial base and high finance firms. But one question that was notably left unanswered was perhaps the most important: “Who, or what, was behind the attacks?” Now the  lead RSA security researcher trusted with analyzing the malware used in recent “watering hole” attacks tells Security Ledger that the malware left some clues as to the origins of the attacks, which affected tens of thousands of systems in more than 700 organizations, but not enough to conclusively link VOHO to a specific group, country or actor. “It’s hard to tell,” said Chris Elisan, a Principal Malware Scientist at RSA and the lead investigator into the malware used in the VOHO attacks. “The malware is only part of it,” he said. Other parts of what Elisan called the “attack chain” are needed to identify […]