Tag Archive for: taken

New data shows China has “taken the gloves off” in hacking attacks on US

/in
Well, that whole thing clearly worked out well, didn't it?

Enlarge / Well, that whole thing clearly worked out well, didn’t it? (credit: JASON LEE/AFP/Getty Images)

Remember the good old days, when the US and China were supposedly working out new norms for the cybers, and China was going to stop all that hacking of US companies to steal intellectual property? It turns out the Chinese were just upping their hacking game, improving their operational security and penetration skills—learning from the methods of their Russian counterparts.

A recent example of that “island hopping” tactic is the “Cloud Hopper” hacking campaign, active since at least May of 2016. In October, DHS issued a new alert on the campaign, warning of a surge in activity by the campaign over the past few months. Cloud Hopper has been attributed to the threat group known as APT 10, aka Stone Panda—a hacking group that has been tied to the Chinese Ministry of State Security’s Tianjin Bureau.

Based on data from incident response companies gathered by the security software vendor Carbon Black, China is now the leading source of cyber-attacks. Of 113 investigations conducted by Carbon Black’s incident response partners in the third quarter of 2018, nearly half—47 in total—came from China or Russia.

Read 15 remaining paragraphs | Comments

Biz & IT – Ars Technica

North Carolina water utility ONWASA taken down by ransomware

/in

  1. North Carolina water utility ONWASA taken down by ransomware  SC Magazine

  2. Ransomware hits North Carolina water utility  StateScoop
  3. NC Water Utility Fights Post-Hurricane Ransomware  Dark Reading

    4. Full coverage

Ransomware – read more

Big Bad Hackers taken down – BlogHer (blog)

/in

BlogHer (blog)

Big Bad Hackers taken down
BlogHer (blog)
He created a botnet that stole data on 200 million occasions. M. Culbertson, 20. He's the brains behind Dendroid, malware for sale on Darkode that was supposed to steal and control data from Google Android. Clever name, too: “Dend” refers to branching

and more »

android botnet – read more

Black “mirror”: SourceForge has now taken over Nmap audit tool project [Updated]

/in

SoureForge has sworn off its ways of wrapping “unmaintained” code from open source projects in installers that offer bundled commercial products in the wake of objections raised by some open source communities. But one policy remains in effect—the takeover of project pages SourceForge’s staff decides are inactive, and assignment of ownership of those projects to staff accounts. One of the latest projects grabbed in this way is the Nmap security auditing tool.

The practice of reassigning ownership was broadly exposed by SourceForge’s takeover of the project page for the Windows version of the GIMP image manipulation tool. While SourceForge staff claimed in a blog post that the project’s account had been abandoned, an official statement from the GIMP development team denied that SourceForge had contacted them about the account, saying that no permission had been given to SourceForge to take over maintenance of the project.

Something similar happened to Nmap, as its developer Gordon Lyon reported in an e-mail message to the project’s mailing list today. “The bad news is that Sourceforge has also hijacked the Nmap account from me,” Lyon, known as “Fyodor” in Internet discussions, wrote. “The old Nmap project page is now blank. Meanwhile they have moved all the Nmap content to their new page which only they control. So far they seem to be providing just the official Nmap files (as long as you don’t click on the fake download buttons) and we haven’t caught them trojaning Nmap the way they did with GIMP. But we certainly don’t trust them one bit! “

Read 8 remaining paragraphs | Comments


Ars Technica » Technology Lab