background preloader

Equation Group: Meet the NSA 'gods of cyber espionage'

Equation Group: Meet the NSA 'gods of cyber espionage'
Over the last couple of years we have been hearing about ever more sophisticated pieces of malware. From Stuxnet and Flame to Gauss and most recently Regin, all have shown increasing levels of technical prowess and all have been linked in some way with the US government. These were thought to be the pinnacle of a huge investment in offensive cyber capabilities by the world's wealthiest country. That was, until we learned about Equation. Described by Kaspersky Lab, the Moscow-based security company which uncovered it, as "an almost omnipotent cyberespionage organisation", the group has been called the "God of cyberespionage" and may have been operating undetected for almost two decades. While Kaspersky's report reveals much about the group, it barely touches the surface of the capabilities of what is likely the most highly-prized jewel in the NSA's cyberespionage crown. What is the Equation group? Finally, an advanced keylogger known as Grok is referenced in the Equation team's source code.

http://www.ibtimes.co.uk/equation-group-meet-nsa-gods-cyber-espionage-1488327

Related:  Security InformationSecurityMalwareInfo SecurityInbox

Hacking for Beginners One of the best things about computers is how dynamic they are. There is so much information about computers and it changes constantly. As a hacker, you are at the leading edge of changes to technology. This makes it a very exciting and interesting field of study and can even lead to some awesome job opportunities as a computer security expert.

Security War Games Information security keeps evolving, but our educational methods are not evolving rapidly enough to win the cold cyberwar Let's face it: Protecting your technical environment from internal and external attacks isn't much different than the age-old wars fought since mankind picked up a rock. The goal is to keep people in and/or keep people out. Just much less blood. How are you preparing your Blue Team from getting decimated on the virtual battlefield? With training and drills?

How to remove Superfish malware from Lenovo PCs Lenovo’s been caught going a bit too far in its quest for bloatware money, and the results have put its users at risk. The company has been preloading Superfish, a "visual search" tool that includes adware that fakes the encryption certificates for every HTTPS-protected site you visit, on its PCs since at least the middle of 2014. Essentially, the software conducts a man-in-the-middle attack to fill the websites you visit with ads, and leaves you vulnerable to hackers in its wake. You can read all the sordid details here. This article is dedicated to helping you discover whether your Lenovo PC is infected with Superfish, and how to eradicate it if you are.

Carberp Family Malware Targeting the Banking Sector -HackSurfer A challenge incident responders and fraud analysts for firms in the banking and financial services sector (BFSS) will soon be faced with is an increased incidence of customer take-over fraud from a very advanced malware family that was recently released into the wild (Cohen, 2013, July 9). After the historic ZeuS Trojan was released into the wild more sophisticated programmers transformed this already powerful banking Trojan into the very virulent Citadel Trojan. The Citadel permutation was even more resilient, evasive, and sophisticated than the ZeuS Trojan (ibid. p.1). Many are now expressing concern about an even more notorious Russian Trojan that can easily be modified to target BFSS firms in the U.S.(Krebs, 2013, June 13).

Google hacking master list This master list of Google Hacking command sets has show up on a forum in Russia, as well as on Scribd. While we often forget about Google hacking, and rarely use it against our own sites, a list like this is going to keep the kids happy as they merrily pound their way through Google to your systems. This makes the data much more accessible than at Johnny I hack stuff. There are some drawbacks in how Johnny I hack stuff works, you have to do a lot of clicking to get to the right hacks. This master list also includes things I have not seen or tried yet meaning that the body of knowledge for Google hacks is still being expanded upon.

How Power-line Networking Works" Power-line networking is one of several ways to connect the computers in your home. It uses the electrical wiring in your house to create a network. Like HomePNA, power-line networking is based on the concept of "no new wires." Top 50 Hacking Tools That You Must Have Whether you are a Penetration tester, a hacker or an aspiring newbie trying to learn Cyber Security, you must have a nice catalogue of tools to make your life easier. While these tools do make working simpler but cannot compensate for the vast amount of knowledge required in this field. In this post i’m going to mention 50 different tools under 9 categories that your ‘Hack Lab’ must have.

How to remove the Superfish malware: What Lenovo doesn’t tell you If you have a Lenovo system that includes the Superfish malware, you'll want to remove it. Blowing away your system and reinstalling Windows is one way to do this, but while it's a relatively straightforward process, it's a time-consuming one. Using Lenovo's own restore image won't work, because that will probably reinstate Superfish anyway. Performing a clean install from Windows media will work, but you'll have to reinstall all your software and restore all your data from backup to do the job fully. An alternative is to remove the malware itself. Lenovo has published instructions, but at the time of writing, they're woefully inadequate.

Could hijackers hold your electronic medical records for ransom? Erica Cohen Posted: Wednesday, September 26, 2012, 5:07 PM by Erica Cohen With data breach issues plaguing even the largest of companies, individuals are understandably concerned that their personal information could be leaked to unauthorized users. Crack/Keygen Sites That Are Safe To Use Blindly searching the web for cracks & keygens is about as smart as using Limewire to search for antivirus software - something not well-advised. Undoubtedly and unfortunately, the number of crack sites with overtones of a malicious agenda heavily outweigh sites that just want to serve up the honest goods. Having said that, there actually are quite a few creditable ‘crack’ sites that won’t try to bombard you with full-screen popup ads, or commandeer your computer into a spam-loving Kraken or Srizbi Botnet army. We’ve done the hard work for you, and present a list of “clean” crack sites for all the latest warez.

Defensible network architecture For the nearly 20 years since Zwicky, Cooper and Chapman first wrote about Firewalls the firewall has been the primary defense mechanism of nearly every entity attached to the Internet. While perimeter protection is still important in the modern enterprise, the fact is that the nature of Internet business has vastly changed and the crunchy perimeter and squishy inside approach has long since become outdated. You can’t deny what you must permit and the primary attack vectors today appear to be email and browser exploits; two aspects of your business model that you cannot do without and which can give the bad guys a foothold inside your perimeter protections. As the Sony, Target, Home Depot, and many other breaches have shown, once the bad guys are into the network they are content to dig in, explore, and exfiltrate large amounts of data and will often go undetected for months. What is needed is a security architecture that focuses on protecting data and detecting anomalies.

Norse - Live Attack Intelligence Traditional signature- and policy-based network security systems are reactive and often rely on incomplete data that is not up to date. As the effectiveness of these solutions continues to decline, organizations are being exposed to increased risk of security breaches, data exfiltration, loss of reputation and revenue from today's advanced cyber threats. Norse DarkViking™ is a patented SaaS service that gathers "dark intelligence" from the parts of the Internet where bad actors operate and delivers an actionable risk score that enables organizations to drastically increase their overall security posture. DarkViking delivers machine-readable threat intelligence (MRTI) that can be integrated with an organization's existing security products and network devices.

The Most Dangerous Malware Trends for 2014 The common thread running through the malware trends we’ve seen in recent months is the evolution, maturation and diversification of the attacks and fraud schemes they facilitate. Malware, once purpose-built, is clearly becoming a flexible platform — in many respects, it is now almost a commodity. Take, for example, the leak of Carberp’s source code in 2013.

Related: