Tag: keylogger

This graphic shows the geographic distribution of attacks, by country. (Source: Akamai)

Popular Web Sites Still Getting Gamed in SEO Attacks

In this post, Security Ledger contributor Or Katz of Akamai provides details of how malicious actors are abusing redirect vulnerabilities in popular web sites to boost the reputation of malicious sites they control. One recent attack involved the compromise of some 4,000 vulnerable web applications for the purpose of pumping up the search engine ranking of more than 10,000 malicious web sites, Katz reveals. 

Is It Time For Customs To Inspect Software? | Veracode Blog

Is It Time For Customs To Inspect Software? | Veracode Blog

If you want to import beef, eggs or chicken into the U.S., you need to get your cargo past inspectors from the U.S. Department of Agriculture. Not so hardware and software imported into the U.S. and sold to domestic corporations. But a spate of stories about products shipping with malicious software raises the question: is it time for random audits to expose compromised supply chains? Concerns about ‘certified, pre-pwned’ hardware and software are nothing new. In fact, they’ve permeated the board rooms of technology and defense firms, as well as the halls of power in Washington, D.C. for years. The U.S. Congress conducted a high profile investigation of Chinese networking equipment maker ZTE in 2012 with the sole purpose of exploring links between the company and The People’s Liberation Army, and (unfounded) allegations that products sold by the companies were pre-loaded with spyware. Of course, now we know that such […]

A report from Businessweek puts credit for a 2010 hack of the Nasdaq stock market on Russia's government and intelligence services.

Must Read: How Russian Hackers Stole the Nasdaq – Businessweek

If there’s one story you should read this week, its Michael Riley’s extensive report over at Businessweek on the 2010 compromise of systems belonging to the Nasdaq stock exchange, “How Russian Hackers Stole the Nasdaq.” The incident was extensively reported at the time, but not in great depth. Obviously, the parties involved weren’t talking. And Nasdaq’s public statements about the compromise woefully downplayed its severity, as Riley’s report makes clear. Among the interesting revelations: the Nasdaq may have fallen victim to a third-party compromise – similar to the hack of Target earlier this year. In the case of Nasdaq, investigators from the FBI, NSA and (eventually) CIA found discovered that the website run by the building management company responsible for Nasdaq’s headquarters at One Liberty Plaza had been “laced with a Russian-made exploit kit known as Blackhole, infecting tenants who visited the page to pay bills or do other maintenance.” What’s clear is […]

Marquis-Boire has joined the media startup First Look Media to protect reporters from online snooping. (Image courtesy of Black Hat Events)

Hacker Takes on the World’s Spy Agencies | WIRED

Andy Greenberg over at Wired has a fine profile of former Google hacker and human rights champion Morgan Marquis-Boire (aka “Morgan Mayhem”), who is now working for the start-up publication First Look Media Marquis-Boire is an expert in malware analysis, with particular expertise in analyzing the software that oppressive regimes use to spy on journalists, human rights activists and political dissidents. At First Look, he will be devoting his talents to defending what Greenberg calls “an endangered species: American national security journalists.” First Look is a nascent, independent online media startup founded by eBay billionaire Pierre Omidyar. The site is best known as the (new) home of Glenn Greenwald and Laura Poitras, and the launch pad for whatever secrets are still hidden in the trove of information Edward Snowden leaked to Greenwald. According to Greenberg, Marquis-Boire was hired away from Google and given the task of safeguarding those documents as well as the […]

CrowdStrike says a hacking group dubbed Deep Panda has been rooting around Washington D.C. think tanks for hints about U.S. policy towards Iraq.

Update: Cyber Spies Digging For Clues On Iraq?

The folks over at CrowdStrike have dug deep into a campaign of targeted cyber attacks targeting Washington D.C. think tanks and say they have evidence that whomever is behind the attacks has taken a sudden interest in U.S. policy towards Iraq. Editor’s Note: This story was updated to include comments from Adam Meyers, Vice President of Security Intelligence at CrowdStrike. – PFR July 8, 2014 14:30 Writing on Tuesday, CrowdStrike CTO Dmitri Alperovitch described a new campaign by a group they dubbed “DEEP PANDA” that was targeting think tanks specializing on U.S. foreign policy and national security. Alperovitch said CrowdStrike observed a pronounced shift in targets from think tank experts on Asia to experts on Iraq and the Middle East in recent weeks. The shift corresponded with the rapid escalation of violence in Iraq as the Islamic extremist group ISIS took control of large parts of the country. “This actor, who was engaged in […]