At a recent presentation at Shmoocon, security researcher Cris "SpaceRogue" Thomas discusses the results of his "CyberSquirrel 1" project, which monitors animal related infrastructure outages. His assessment? The squirrels are winning. [more inside]
574 days since Hillary declared she would run, and 2 days left for the frontrunner and all of us till election day. While the world watches e.g. [Guardian] [RTE] [Denmark] [Russia] [Sweden (lonely)] and [France], analyses, reacts, or organizes election parties [Australia] [New Zealand], the polls bounce around but generally favor Hillary, the UK bookies, other odds and an increasingly angry Nate also still favor Hillary, and Politico only sees three narrow paths to victory for Donald. Meanwhile, the Democrats get the vote out, it's not been the best of years for Trump's New Jersey chum (also November 10th 2015), there are fears of an election "cyber attack", political phrases are becoming fatigued, celebrity social media remains divided, Mr Kaine duets with Mr Bongiovi, and Hillary and Donald (in Reno) near the end. [more inside]
Following on from this recent post regarding the Hatton Garden heist with a value thought to be in the region of £35M (~$50M US) comes another Bank heist - this time on an all together much larger scale. Last month hackers thought to have utilised run of the mill script kiddie malware breached weak security controls at the Central Bank of Bangladesh. Multiple transfer requests totalling nearly $1 billion were then sent to the Federal Reserve Bank of New York, allowing $81 million to transfer before one of the routing banks Deutsche Bank queried with CBB after noticing a spelling mistake on a fake end party ; Sri Lankan NGO Shalika Fandation not Foundation. Bank Chairman Atiur Rahman has unsurprisingly quit after trying to hide the loss from the Government and Board of Directors until the story leaked to a newspaper in the Philippines.
Walk around South Africa online with Google Street View. Safari means journey in Swahili. See some of the wildlife in Kruger National Park, meander along the top of Table Mountain, around the Kirstenbosch Gardens or along Cape Town's beautiful beaches. There are some people who can never afford to physically come to South Africa and see these places in their lifetime, and hopefully this will give them the opportunity to experience it a little bit. [more inside]
Hackers was a financial flop, but its hilariously over-the-top early CGI visuals, oddly prescient view on technology, and glam-cyberpunk aesthetic rendered it a cult classic. To honor its 20th anniversary—at a time dogged by newfound fears about what the future of technology holds—we thought it would be fitting to bring together a group of actual hackers to screen and discuss the film. - Hackers watch "Hackers"
It’s not often that one has the opportunity to be the target of a cyber and kinetic attack at the same time. But that is exactly what’s happened to me and my Web site over the past 24 hours. On Thursday afternoon, my site was the target of a fairly massive denial of service attack. That attack was punctuated by a visit from a heavily armed local police unit that was tricked into responding to a 911 call spoofed to look like it came from my home. Well, as one gamer enthusiast who follows me on Twitter remarked, I guess I’ve now “unlocked that level.” ~ KrebsonSecurity
A year after the infrastructure-attacking Stuxnet worm was discovered in Iran, a new piece of malware using some of the same techniques (but apparently with different goals) has been found infecting systems in Europe. The new malware, dubbed “Duqu” [dü-kyü], appears to have been written by someone with direct access to the Stuxnet source code.
Science fiction always uses it in varying degrees. Some believe it will bring about a perfect Technological Utopia:Heaven on Earth. Some believe it will herald a dark and dystopian future. Perhaps it will elevate man to a being that is more than human; Human+ and permanently and irrevocably transform the human condition, and still others believe that too much involvement in it will void your existence. Some religions totally depend on it and others find it harder to deal with: The list of emerging technologies.
Jerry Brito and Tate Watkins of George Mason University published a new paper "Loving the Cyber Bomb? The Dangers of Threat Inflation in Cybersecurity Policy" examining the parallels with the US military's other recent exaggerations. "Cybersecurity is an important policy issue, but the alarmist rhetoric coming out of Washington that focuses on worst-case scenarios is unhelpful and dangerous. Aspects of current cyber policy discourse parallel the run-up to the Iraq War and pose the same dangers. Pre-war threat inflation and conflation of threats led us into war on shaky evidence. By focusing on doomsday scenarios and conflating cyber threats, government officials threaten to legislate, regulate, or spend in the name of cybersecurity based largely on fear, misplaced rhetoric, conflated threats, and credulous reporting. The public should have access to classified evidence of cyber threats, and further examination of the risks posed by those threats, before sound policies can be proposed, let alone enacted. ... No one wants a “cyber Katrina” or a “digital Pearl Harbor.” But honestly assessing cyber threats and appropriate responses does not mean that we have to learn to stop worrying and love the cyber bomb."
An Accelerated Grimace. Chris Lehmann takes down Clay Shirky's cyber-uptopianism by way of Evgeny Morozov.
The recent cyber attacks on pro-Tibet groups in the U.S. (attack details, technical data) and on the Save Darfur Coalition, among others, have managed to catch the attention of some in the mainstream media. Such super-targeted spear phishing attacks have been on the rise for several years, and have become an important tool for corporate espionage and military infiltration attempts. Teaching users to recognize such attack emails is probably the most effective deterrence, as technology solutions have shown to not be particularly effective. Some companies and government agencies even conduct sting operations to ferret out which internal users fail the test, targeting them for additional training. [more inside]
Cannes Cyber Lions Winners: Come Clean and Super Bonder Instant win the Grand Prix, but that's old news on the blue.