Tag: evidence | Page 3

Ferrari says no evidence of system breach, ransomware | The Mighty 790 KFGO

October 3, 2022/in Internet Security

MILAN (Reuters) – Ferrari has no evidence of a breach of its systems or ransomware, the luxury sports car maker said in a statement on Monday, adding that there had been no disruption to its business and operations.

Earlier on Monday, Italian media reported that the company had been victim of a cyber attack and that various documents had been made public.

The company added it was working to identify the source of the event and would implement appropriate actions as needed.

(Reporting by Giulio Piovaccari, writing by Federico Maccioni, editing by Agnieszka Flak)

Source…

Exclusive: Evidence shows US’ NSA behind attack on email system of Chinese leading aviation university

September 5, 2022/in Internet Security

cyber attack Photo:VCG

The email system of a university in Northwest China’s Shaanxi Province – well-known for its aviation, aerospace and navigation studies – was found to have been attacked by the US’ National Security Agency (NSA), the Global Times learned from a source on Monday.

On June 22, Northwestern Polytechnical University announced that hackers from abroad were caught sending phishing emails with Trojan horse programs to teachers and students at the university, attempting to steal their data and personal information.

A police statement released by the Beilin Public Security Bureau in Xi’an the next day said that the attack attempted to lure teachers and students into clicking links of phishing emails with Trojan horse programs, with themes involving scientific evaluation, thesis defense and information on foreign travel, so as to obtain their email login details.

To probe into the attack, China’s National Computer Virus Emergency Response Center and internet security company 360 jointly formed a technical team to conduct a comprehensive technical analysis of the case.

By extracting many trojans samples from internet terminals of Northwestern Polytechnical University, under the support of European and South Asian partners, the technical team initially identified that the cyberattack to the university was conducted by the Tailored Access Operations (TAO) (Code S32) under the Data Reconnaissance Bureau (Code S3) of the Information Department (Code S) of US’ NSA.

TAO is the largest and most important part of the intelligence division of the NSA. Founded in 1998, the main responsibility of TAO is to use the internet to secretly access to insider information of its competitors, including secretly invading target countries’ key information infrastructure to steal account codes, break or destroy computer security systems, monitor network traffic, invade privacy and steal sensitive data, and gain access to phone calls, emails, network communications and messages.

The various departments of TAO are composed of more than 1,000 active military personnel, network hackers, intelligence analysts, academics, computer hardware and software designers, and electronics…

Source…

Network evidence for defensible disclosure

August 1, 2022/in Computer Security

What do you do if (or when) your team discovers a breach of your digital assets?

To answer this question, we first need to familiarize ourselves with the term “defensible disclosure.” It’s not an expression often heard in cybersecurity, but understanding what it means and how to live up to its expectations is crucial in an age where organizations regularly handle intrusions and, sometimes, suffer breaches.

Turning back the clock to 1985, an early example of the phrase outside of the cybersecurity landscape appears in the Proceedings of the Bureau of the Census First Annual Research Conference, with further appearances in statistical, medical, legal and financial communities. For the past 20 years, the idea of defensible disclosure has also been popular in the computer incident response community. However, the specific phrase is fairly new to cybersecurity.

In the context of cybersecurity, defensible disclosure is the process of notifying constituents of an intrusion or breach in a manner that the disclosing party can competently and intelligently justify. Forensic investigators have to determine whether the security incident was an intrusion, or a more serious data breach. We define intrusions as policy violations or computer security incidents. A breach, by contrast, means the cybercriminal has escalated the intrusion to the point where he or she has ready access to, or has already accessed, information to which he or she should not have access.

The role of network evidence in defensible disclosure

Network evidence plays a crucial role in defensible disclosure. Assuming proper positioning and avoidance of packet drops, network evidence is a reliable record of the activity that it sees. Extensive stores, meaning several months, not several days, of high fidelity network data help chief information security officers (CISOs) and their computer incident response teams gather crucial details to enable defensible disclosure.

Security teams must determine when the intrusion started and (possibly) ended, as well as its full scope. A thorough investigation should also look into whether the intruder accessed data stores that held, or may have held,…

Source…

Exclusive: Five Eyes alliance fabricating evidence, building rumors of China infiltration: source

June 19, 2022/in Computer Security

The Five Eyes Alliance Photo: VCG

The Five Eyes Alliance is collecting and fabricating evidence that intends to show China is “infiltrating politically into Western countries,” with the aim of tarnishing China’s image in the world, the Global Times learned from a source close to the matter.

Analysts said this is not the first time that the Five Eyes have conspired to target China and other countries. As an alliance designed for intelligence sharing, it has been conducting covert or overt operations like theft, interference, infiltration, subversion and coercion. The Five Eyes alliance is not so much as an intelligence-sharing group but an anti-China club.

The Global Times learned that intelligence agencies in the Five Eyes willfully interrogate and harass Chinese students and scholars on questionable or no grounds at all. Some even approach Chinese communities and pressure them to become agents for the Eyes. Although the Eyes are not so sharp at telling the truth from falsehood, they are adept at meddling in the internal affairs of China, among other countries in the world.

In Hong Kong, the consulates of these countries have become the headquarters and command of interference and subversion where their consular officials reached out to anti-China forces and separatists to incite violence by providing financial support and training, the source said.

The alliance has been obsessed with making up cases of China’s “espionage” and “infiltration” merely based on shoddy intelligence. In 2020, Australian spy authorities raided New South Wales state legislator Shaoquett Moselmane’s home for alleged links with China. But the cited political influence in Australia on behalf of China was never proven by evidence.

In recent years, Five Eyes alliance is also stepping up its efforts to steal and attack other countries in the area of cybersecurity.

A latest report from Anzer, a cybersecurity information platform, showed that the US military and government cyber agencies have remotely stolen more than 97 billion pieces of global internet data and 124 billion phone records in the last 30 days, which are becoming a major source of intelligence for the US and other “Five Eyes” countries.

The…

Source…

Tag Archive for: evidence