attribution – Page 6 – WindowsTechs.com

EternalPetya – yet another stolen piece in the package?

Posted on June 30, 2017 by Malwarebytes Labs

Since 27th June we’ve been investigating the outbreak of the new Petya-like malware armed with an infector similar to WannaCry. Since the day one, various contradicting theories started popping up. Some believed, that it is a rip-off the original Petya, others – that it is another step in its evolution. However, so far, those were just different opinions, and none of them was backed up with enough evidence. In this post, we will try to fill this gap, by making a step-by-step comparison of the current kernel and the one on which it is based (Goldeneye Petya).

Categories:

Tags: attribution EternalPetya hasherezade hexedit janus Malwarebytes NotPetya NSA petya psexec ransomware

Continue reading EternalPetya – yet another stolen piece in the package?→

Someone Failed to Contain WannaCry

Posted on June 16, 2017 by Michael Mimoso

As reports of the NSA officially connecting WannaCry to North Korea surface, experts are saying developers failed to contain the ransomware before it was ready for deployment. Continue reading Someone Failed to Contain WannaCry→

Why the U.S. is struggling with their digital war on ISIS

Posted on June 14, 2017 by Chris Bing

The U.S. military’s reported inability to effectively “drop cyber bombs” on the Islamic State is raising new questions about the military’s existing “cyber weapons arsenal,” a loosely defined collage of digital warfare capabilities shrouded in secrecy. Computer network attacks have been conducted by operators within the National Security Agency and U.S. Cyber Command, the military’s top cyber warfare unit, under the order of Joint Task Force Ares. While the two organizations are inherently aligned, the NSA and Cyber Command follow different missions and employ different capabilities. Very little is publicly known about either the intelligence community or U.S. military’s ability to conduct offensive cyber operations; the subject matter is generally considered classified if not highly sensitive. A leaked CIA document published by WikiLeaks in March and identified by CyberScoop provides a rare window into how analysts conduct cyber warfare operations; describing one instance in which an operator worked to remotely disrupt a […]

The post Why the U.S. is struggling with their digital war on ISIS appeared first on Cyberscoop.

Continue reading Why the U.S. is struggling with their digital war on ISIS→

Report: International nonprofit would ease work of cyber-attribution

Posted on June 5, 2017 by Shaun Waterman

Identifying the perpetrators of cyberattacks and other malicious online activities is tough. Aside from the purely technical difficulties, would-be attributors also must deal with a skeptical public that is suspicious of official pronouncements and wary about misinformation — even from democratic governments. That being the case, concludes a new study, what’s needed is an international nongovernmental body consisting of technical, policy and legal experts that could conduct independent investigations into cyber-incidents and publish their results. The study was published Friday by the RAND Corp., a think tank with historic ties to the U.S. military. “We see this as a first step,” the study’s lead author, RAND Senior Information Scientist John Davis, told CyberScoop. “Personally, I hope this work continues.” The study was financed by Microsoft, whose President Brad Smith called in February for a “Digital Geneva Convention.” Last year, in a policy paper, the company called for an intergovernmental body — modeled on the International […]

The post Report: International nonprofit would ease work of cyber-attribution appeared first on Cyberscoop.

Continue reading Report: International nonprofit would ease work of cyber-attribution→

Cryptocurrency company pushes back against Shadow Brokers’ latest claims

Posted on June 1, 2017 by Cassandra Stephenson

The Shadow Brokers say they will be accepting Zcash for subscriptions to their monthly dumps of leaked NSA files — a decision intended to needle the U.S. government over its role in the cryptocurrency’s creation. But the company that oversees Zcash says that federal agencies have no ties to the cryptocurrency beyond some general connections to its academic roots. In announcing the subscription service, the Shadow Brokers insinuated that Zcash has links to the Defense Advanced Research Projects Agency, other U.S. military agencies and Israel. “Maybe USG is needing to be sending money outside from banking systems? If USG is hacking and watching banking systems (SWIFT) then adversaries is also hacking and watching banking systems. Maybe is for sending money to deep cover foreign assets? Maybe is being trojan horse with cryptographic flaw or weakness only NSA can exploit? Maybe is not being for money?” the blog post written in broken English reads. Though the hacking group has claimed Zcash’s privacy […]

The post Cryptocurrency company pushes back against Shadow Brokers’ latest claims appeared first on Cyberscoop.

Continue reading Cryptocurrency company pushes back against Shadow Brokers’ latest claims→

Revised Active Defense Bill Allows Victims to Recover or Destroy Stolen Data

Posted on May 25, 2017 by Michael Mimoso

Rep. Tom Graves has revised a draft of the Active Cyber Defense Certainty Act with new provisions that include mandatory notification and permission to recovery or destroy stolen data on the attacker’s computer. Continue reading Revised Active Defense Bill Allows Victims to Recover or Destroy Stolen Data→

Revised Active Defense Bill Allows Victims to Recover or Destroy Stolen Data

Posted on May 25, 2017 by Michael Mimoso

WannaCry Ransom Note Written by Chinese, English Speaking Authors

Posted on May 25, 2017 by Michael Mimoso

A linguistics analysis of the 28 ransom notes included with WannaCry indicate that native Chinese and English speakers wrote the original note, Flashpoint said. Continue reading WannaCry Ransom Note Written by Chinese, English Speaking Authors→

Dan Geer: Cybersecurity, Humanity’s Future ‘Conjoined’

Posted on May 1, 2017 by Michael Mimoso

Dan Geer’s Source Boston keynote included a declaration that cybersecurity and humanity’s future are forever conjoined. Continue reading Dan Geer: Cybersecurity, Humanity’s Future ‘Conjoined’→

Who is Publishing NSA and CIA Secrets, and Why?

Posted on May 1, 2017 by Bruce Schneier

There’s something going on inside the intelligence communities in at least two countries, and we have no idea what it is. Consider these three data points. One: someone, probably a country’s intelligence organization, is dumping massive amounts of cyberattack tools belonging to the NSA onto the Internet. Two: someone else, or maybe the same someone, is doing the same thing… Continue reading Who is Publishing NSA and CIA Secrets, and Why?→