The Security Ledger is a new, online publication that’s serious about reporting on security and “The Internet of Things.” While we’ve had tremendous success in our first six months of operation, any new endeavor involves some risk. That’s why I’m thrilled to have had the backing of some forward-looking sponsors: Qualys and Veracode. And today, I’m happy to add a new name to that list: The Trusted Computing Group (TCG). For those of you who aren’t familiar with TCG, its best known as the group behind the Trusted Platform Module (TPM) secure, cryptographic chip that ships with almost every modern desktop and notebook PC. The TPM assures a hardware-based root of trust on compliant system, allowing TPM-equipped systems to securely generate cryptographic keys that can authenticate each endpont for use in secure, online transactions and communications. But TCG actually does a lot more. As a security beat reporter, for example, I […]
Tag: APT
ISP Telenor: Execs Laptops Emptied in Cyber Spy Operation
The Norwegian telecommunications firm Telenor told authorities in that country that a sophisticated cyber spying operation compromised the computers of leading executives and “emptied” them of sensitive information, including e-mail messages, computer files and passwords, according to a report Sunday by Aftenposten. Several executives of Telenor were the subjects of “extensive, organized industrial espionage,” the report said, quoting Telenor Norway’s director, Rune Dyrlie. The company has reported the incident to Nasjonal sikkerhetsmyndighet – or NSM – Norway’s national security authority as well as Nor-CERT, Norway’s Computer Emergency Readiness Team and the cyber defense unit Cyberforsvaret. “We take it very seriously by several bosses in Telenor stolen sensitive information. It is quite clear that those behind, got downloaded stolen information. There is no doubt that we have lost data,” Dyrlie told Aftenposten. Dyrlie said that the company missed the initial infection, which used “new, customized software.” The first indication of a compromise came after automated monitoring software operated […]
D.C. Insider Site NationalJournal.com Serving Malware
Watering hole -style attacks are all the rage these days, as our recent coverage on the attacks against Facebook and Twitter suggest. That makes us look askance at any report of a web site compromise – especially at a site that’s known to serve an audience that’s of interest to sophisticated, nation-state backed hacking crews. That’s why it caught our attention this week that the web site for the DC-insider magazine The National Journal (nationaljournal.com) was found serving malware. According to a blog post by Anup Ghosh at the security firm Invincea, The National Journal’s Web site was serving up attacks to visitors of the site on Tuesday. The discovery was surprising, as the magazine acknowledged an earlier compromise on February 28th and said that it had since secured its site. That National Journal, part of The Atlantic Media Company, is widely read within Washington D.C.’s political circles. It […]
Many Watering Holes, Targets In Hacks That Netted Facebook, Twitter and Apple
The attacks that compromised computer systems at Facebook, Twitter, Apple Corp. and Microsoft were part of a wide-ranging operation that relied on many “watering hole” web sites that attracted employees from prominent firms across the U.S., The Security Ledger has learned. The assailants responsible for the cyber attacks used at least two mobile application development sites as watering holes in addition to the one web site that has been disclosed: iPhoneDevSDK.com. Still other watering hole web sites used in the attack weren’t specific to mobile application developers – or even to software development. Still, they served almost identical attacks to employees of a wide range of target firms, across industries, including prominent auto manufacturers, U.S. government agencies and even a leading candy maker, according to sources with knowledge of the operation. More than a month after the attacks came to light, many details remain under tight wraps. Contacted by The Security […]
Bit9: 32 Pieces of Malware Whitelisted In Targeted Hack
The security firm Bit9 released a more detailed analysis of the hack of its corporate network was part of a larger operation that was aimed a firms in a “very narrow market space” and intended to gather information from the firms. The analysis, posted on Monday on Bit9’s blog is the most detailed to date of a hack that was first reported on February 8 by the blog Krebsonsecurity.com, but that began in July, 2012. In the analysis, by Bit9 Chief Technology Officer Harry Sverdlove said 32 separate malware files and malicious scripts were whitelisted in the hack. Bit9 declined to name the three customers affected by the breach, or the industry segment that was targeted, but denied that it was a government agency or a provider of critical infrastructure such as energy, utilities or banking. The broad outlines of the story about the hack of Bit9, which sells […]
