Become a fan of Slashdot on Facebook

 


Forgot your password?
Close
typodupeerror
×

Submission + - Hackers Used Nasty "SMB Worm" Attack Toolkit Against Sony

Submitted by wiredmikey
wiredmikey writes: Just hours after the FBI and President Obama called out North Korea as being responsible for the destructive cyber attack against Sony Pictures, US-CERT issued an alert describing the primary malware used by the attackers, along with indicators of compromise.

While not mentioning Sony by name in its advisory, instead referring to the victim as a “major entertainment company,” US-CERT said that the attackers used a Server Message Block (SMB) Worm Tool to conduct the attacks.

According to the advisory, the SMB Worm Tool is equipped with five components, including a Listening Implant, Lightweight Backdoor, Proxy Tool, Destructive Hard Drive Tool, and Destructive Target Cleaning Tool.

US-CERT also provided a list of the Indicators of Compromise (IOCs), which include C2 IP addresses, Snort signatures for the various components, host based Indicators, potential YARA signatures to detect malware binaries on host machines, and recommended security practices and tactical mitigations.

Submission + - New data says volcanoes, not asteroids, killed dinosaurs

Submitted by schwit1
schwit1 writes: The uncertainty of science: A careful updating of the geological timeline has strengthened the link between the dinosaur extinction 66 million years ago and a major volcanic event at that time.

A primeval volcanic range in western India known as the Deccan Traps, which were once three times larger than France, began its main phase of eruptions roughly 250,000 years before the Cretaceous-Paleogene, or K-Pg, extinction event, the researchers report in the journal Science. For the next 750,000 years, the volcanoes unleashed more than 1.1 million cubic kilometers (264,000 cubic miles) of lava. The main phase of eruptions comprised about 80-90 percent of the total volume of the Deccan Traps’ lava flow and followed a substantially weaker first phase that began about 1 million years earlier.

The results support the idea that the Deccan Traps played a role in the K-Pg extinction, and challenge the dominant theory that a meteorite impact near present-day Chicxulub, Mexico, was the sole cause of the extinction. The researchers suggest that the Deccan Traps eruptions and the Chicxulub impact need to be considered together when studying and modeling the K-Pg extinction event.

The general public might not know it, but the only ones in the field of dinosaur research that have said the asteroid was the sole cause of the extinction have been planetary scientists.

Submission + - 48,000 Federal Employees Potentially Affected by Second Background Check Hack (nextgov.com)

Submitted by schwit1
schwit1 writes: The Office of Personnel Management is alerting more than 48,000 federal employees their personal information may have been exposed following a breach at KeyPoint Government Solutions, which conducts background investigations of federal employees seeking security clearances.

"As we examine the potential impact on DHS employees, we are committed to ensuring the privacy of our workforce and will take all appropriate measures to safeguard it,"
Was the PII encrypted?
Is there a DHS requirement that all PII be encrypted?

Submission + - ICANN Hacked Including Root DNS Systems (darknet.org.uk)

Submitted by schwit1
schwit1 writes: Attackers sent staff spoofed emails appearing to coming from icann.org. The organization notes it was a “spear phishing” attack, suggesting employees clicked on a link in the messages, and then typed their usernames and passwords into a bogus webpage, providing hackers with the keys to their accounts.

“The attack resulted in the compromise of the email credentials of several ICANN staff members,” the announcement reads, noting that the attack happened in late November and was discovered a week later.

With those details, the hackers then managed to access a number of systems within ICANN, including the Centralized Zone Data System (CZDS), the wiki pages of the Governmental Advisory Committee (GAC), the domain registration Whois portal, and the organization’s blog.

Submission + - Reaction to the Sony Hack Is 'Beyond the Realm of Stupid' (vice.com)

Submitted by schwit1
schwit1 writes: Are these hackers terrorists? Are they cyberterrorists?

There's two layers to it now. There's the definition of terrorism and the reaction to it, which has been a combination of being both insipid and encouraging to future acts.

The first is what has already happened. Sony has labeled what happened to it as cyberterrorism and various media have also described it as cyber terrorism. The reality is having your scripts posted online does not constitute a terrorist act. The FBI describes it as an 'act that results in violence.' Losing your next James Bond movie script that talks about violence is not the same thing as an act of violence.

What has happened to Sony already does not meet the definition. They're saying 'This is an act of war.' We're not going to war with North Korea over this act just because Angelina Jolie is now mad at a Sony executive. Acts of war have a different standard.

Literally, we are in the realm of beyond stupid with this.

Submission + - U.S. Links North Korea to Sony Hacking (nytimes.com)

Submitted by schwit1
schwit1 writes: Speaking off the record, senior intelligence officials have told the New York Times, CNN, and other news agencies that North Korea was "centrally involved" in the hack of Sony Pictures Entertainment (SPE).

It is not known how the US government has determined that North Korea is the culprit, though it is known that the NSA has in the past penetrated North Korean computer systems.

Analysis of code shows it used knowledge of Sony's Windows network to spread and wreak havoc.

Previous analysis of the malware that brought down Sony Pictures' network showed that there were marked similarities to the tools used in last year's cyber-attack on South Korean media companies and the 2012 "Shamoon" attack on Saudi Aramco. While there was speculation that the "DarkSeoul" attack in South Korea was somehow connected to the North Korean regime, a firm link was never published.

Comment This is nothing but appeasement (Score 0) 435

by schwit1 (#48619819) Attached to: In Breakthrough, US and Cuba To Resume Diplomatic Relations

What has changed in Cuba after the announcement?

Cuban citizens are still not permitted to speak or read freely or do anything freely without the fear of imprisonment or even death. Cuba is no closer to becoming a democracy and you have to wonder if this move will embolden other tyrants to take Americans hostage in order to win concessions.

U.S. policy towards Cuba was codified into law under the Cuban Liberty and Democratic Solidarity Act of 1996, and the Trade Sanctions Reform Act of 2000. The policy changes announced by the President are an overreach of his executive powers under the law. The official legislative history of the law clarifies that the President has power to tighten economic sanctions, but not to ease them beyond the baseline set on March 1, 1996.

BTW, Gross was an aid worker. He was traded for 3 convicted spies. It looks like Obama didn't learn anything from the Bergdahl trade.

Submission + - Sony leaks reveal Hollywood is trying to break DNS, the backbone of the internet (theverge.com) 1

Submitted by schwit1
schwit1 writes: A leaked legal memo reveals a plan for blacklisting pirate sites at the ISP level

Most anti-piracy tools take one of two paths: they either target the server that's sharing the files (pulling videos off YouTube or taking down sites like The Pirate Bay) or they make it harder to find (delisting offshore sites that share infringing content). But leaked documents reveal a frightening line of attack that's currently being considered by the MPAA: What if you simply erased any record that the site was there in the first place?

To do that, the MPAA's lawyers would target the Domain Name System (DNS) that directs traffic across the internet.

Submission + - Voyager 1 on the edge of the solar system ... and this time we mean it

Submitted by schwit1
schwit1 writes: Scientists using instruments on Voyager 1 have detected three shock waves pass over the spacecraft as it moves steadily away and outside of the solar system.

The waves were sent outward when the Sun emitted a coronal mass ejection. The spacecraft has been inside the third wave now for months, something that scientists at the moment cannot explain.

http://science.slashdot.org/st...
http://science.slashdot.org/st...
http://science.slashdot.org/st...
http://science.slashdot.org/st...
http://science.slashdot.org/st...
http://science.slashdot.org/st...

Submission + - The Unexpected Threat to Super Bowl XLIX (businessweek.com)

Submitted by schwit1
schwit1 writes: If you’ve already bought tickets for Super Bowl XLIX or are looking forward to watching it with your friends and family, you may be surprised to learn that there is a chance it might not be played. Congress first needs to make a decision on renewing a piece of legislation that you possibly never have heard of: TRIA—the Terrorism Risk Insurance Act.

TRIA was signed into law in 2002 in the aftermath of the 9/11 terrorist attacks, establishing a risk-sharing partnership between the federal government and the insurance industry that made terrorism insurance widely available to U.S. businesses—among them, organizers of sporting events. Without federal support, most insurers had been unwilling to offer coverage. TRIA was renewed in 2005 and in 2007. It is set to expire on Dec. 31 unless Congress renews it. With two weeks until the deadline, the clock is ticking.

Submission + - Denmark claims North Pole via Greenland ridge link (yahoo.com)

Submitted by schwit1
schwit1 writes: Scientific data shows Greenland's continental shelf is connected to a ridge beneath the Arctic Ocean, giving Danes a claim to the North Pole and any potential energy resources beneath it, Denmark's foreign minister said.

Foreign Minister Martin Lidegaard said Denmark will deliver a claim on Monday to a United Nations panel in New York that will eventually decide control of the area, which Russia and Canada are also coveting.

Submission + - Study: Your all-electric car may not be so green (ap.org)

Submitted by schwit1
schwit1 writes: People who own all-electric cars where coal generates the power may think they are helping the environment. But a new study finds their vehicles actually make the air dirtier, worsening global warming.

"It's kind of hard to beat gasoline" for public and environmental health, said study co-author Julian Marshall, an engineering professor at the University of Minnesota. "A lot of the technologies that we think of as being clean ... are not better than gasoline."

Hybrids and diesel engines are cleaner than gas, causing fewer air pollution deaths and spewing less heat-trapping gas. Ethanol isn't so green, either.

Submission + - Small Bank in Kansas Creates the Bank Account of the Future 1

Submitted by HughPickens.com
HughPickens.com writes: Nathaniel Popper writes at the NYT that the Citizens Bank of Weir, Kansas, or CBW, has been taken apart and rebuilt, from its fiber optic cables up, so it can offer services not available at even the nation’s largest bank. The creation of the new bank, and the maintenance of the old one, are the work of Suresh Ramamurthi and his wife, Suchitra Padmanabhan who were born in India and ended up buying the bank in Kansas in 2009 after living in Silicon Valley and passing through jobs at Google and Lehman Brothers. Their goal was to find solutions to logjams that continue to vex consumers all over the country, such as the obstacles that slow money moving from one bank to another and across international borders. The new services that CBW is providing, like instant payments to any bank in the United States, direct remittance transfers abroad and specialized debit cards that can be set for particular purchases, such as those at specific stores, or at specific times might seem as if they should be painless upgrades in an age of high-frequency trading and interplanetary space missions. But the slowness of current methods of moving money is a widely acknowledged problem in the financial industry.

In the United States the primary option that consumers have to transfer money is still the ACH payment. Requests for ACH transfers are collected by banks and submitted in batches, once a day, and the banks receiving the transfers also process the payments once a day, leading to long waits. ACH technology was created in the 1970s and has not changed significantly since. The clunky system, which takes at least a day to deliver money, has become so deeply embedded in the banking industry that it has been hard to replace. CBW went to work on the problem by using the debit card networks that power ATM cash dispensers. Ramamurthi’s team engineered a system so that a business could collect a customer’s debit card number and use it to make an instant payment directly into the customer’s account — or into the account of a customer of almost any other bank in the country. The key to CBW's system is real-time, payment transaction risk-scoring — software that can judge the risk involved in any transaction in real time by looking at 20 to 40 factors, including a customers’ transaction history and I.P., address where the transaction originated. It was this system that Elizabeth McQuerry, the former Fed official, praised as the “biggest idea” at a recent bank conference. "Today's banks offer the equivalent of 300-year-old paper ledgers converted to an electronic form — a digital skin on an antiquated transaction process," says Suresh Ramamurthi. "We'll now be one of the first banks in the world to offer customers a reliable, compliant, safe and secure way to instantly send and receive money internationally."

Slashdot Top Deals

Top Ten Things Overheard At The ANSI C Draft Committee Meetings: (5) All right, who's the wiseguy who stuck this trigraph stuff in here?

Close