'Two weeks' to block cyber-attack

[Stuart]

Quote:

Originally Posted by Ignitionnet

Android smartphones. What, you thought that you were the only person who wanted to root your phone?

Phones are the obvious target. Android phones currently attract the most malware, but while Apple is currently doing a good job of protecting non-jailbroken iOS devices, there's no guarantee they'll continue to be able to do so, so iOS devices are also a potential target.

Quote:

Smart TVs are pretty disinteresting as they don't hold any private data and aren't really used to do anything that involves it.

I think Smart TVs would only really be of any use if you wanted to spy on the owners (most seem to have webcams and microphones now), you wanted to send out a lot of spam, to sniff out (and infect) computers with ports open that may be blocked by the router's firewall or to act as very slow bitcoin miners.

---------- Post added at 09:55 ---------- Previous post was at 09:47 ----------

Quote:

Originally Posted by Hugh

Unfortunately, security has to be easy/simple to use for the lay/less experienced user.

I use to work for a major Financial Services company, and we encrypted all laptops (this was in 2003) - the number of times the Chairman or the CFO would lock themselves out (once or twice a week).

I think security also has to be appropriate for purpose. What I mean by this is what is there any point in spending the time and money (if needed) to set up a decent security system if all you are going to do on the computer is go on facebook or twitter from time to time and not store any sensitive data beyond photos of the owner falling around drunk in some sunny party island.

[qasdfdsaq]

Quote:

Originally Posted by Stuart

or to act as very slow bitcoin miners.

Lol.

Quote:

sensitive data beyond photos of the owner falling around drunk in some sunny party island.

Some people could use said pictures as blackmail..

[Qtx]

Quote:

Originally Posted by Stuart

I think Smart TVs would only really be of any use if you wanted to spy on the owners (most seem to have webcams and microphones now), you wanted to send out a lot of spam, to sniff out (and infect) computers with ports open that may be blocked by the router's firewall or to act as very slow bitcoin miners.

Looks like any internet connected tv, smart or not, can be abused for DDoS or other uses en-mass via the Hybrid Broadband protocol standard most new tv's have implemented. It's basically like HTML for the tv that does the red button type graphic displays and such. Cheap bit of radio transmitting hardware attached to your latop lets you broadcast your malicious code to all the tv's in the surrounding area. An interesting read: From the Aether to the Ethernet –
Attacking the Internet using Broadcast Digital Television

[Ignitionnet]

Well the Internet hasn't ended...

[qasdfdsaq]

That's what they want you to think

It went down briefly, but they failed over to a synchronous image........

[qasdfdsaq]

They should have used VMWare Fault Tolerant mode, which keeps both CPUs in lockstep not just the disk image.

[Ignitionnet]

Latency was too high.

[qasdfdsaq]

Still better than ending the internet, even if only briefly.

[Qtx]

Gameover ZeuS botnet pulls dripping stake from heart, staggers back from the UNDEAD

Quote:

The Gameover ZeuS malware is back from the dead just six weeks after a takedown operations that aimed to put a stake through the heart of the botnet, which is linked to the even more infamous CryptoLocker ransomware

Quote:

Some features of the old version have been dropped, including parts that were supposed to make it more sophisticated, in a move towards greater simplicity. In particular, the latest variant of the malware swaps P2P for fast-flux communication.

The latest variant of the malware tries phoning home to 1,000 domain names per day in order to receive command-and-control instructions. The crooks seem to be leaving it until the last minute to register domains they intend to use, according to an analysis of the latest variant by James Wyke, a senior threat researcher at Sophos.

The domain registering trick is at least 5 years old, if not older. Going back to basics and hope the algorithm for domain name generating doesn't get figured out.

Quote:

Fast Flux is a technique that allows a criminal who controls many servers to obfuscate the true location of his server by building a tiered infrastructure.

[Qtx]

Quote:

Researchers Dave Loftus and Dennis Schwarz found the bot, now reborn as newGOZ, had ramped up its defences, dumping command and control for a more robust domain generation algorithm (DGA) and a fast flux DNS technique.

The DGA registered new domains based on time and date to make the bot more elusive.

However, researchers from across the security industry have been able to crack the DGA configurations and register the domains before newGOZ had a chance to do so, meaning the researchers would receive – and thus be able to study – traffic from compromised machines.

New article shows that botnet is up to 12k zombies and still growing: http://www.theregister.co.uk/2014/08..._the_dead_as_/

[qasdfdsaq]

12k zombies isn't really that many, I've worked in places that have had 12k living...

[Qtx]

Looks like GCHQ/NSA etc have more innocent users as zombies than this botnet :P

http://www.theinquirer.net/inquirer/...enda-programme

One of the slides suggests they actually exploit the systems to have them ready for use hiding their attacks, rather then just having a list of vulnerable ones ready to exploit if needed. Either way, no difference between governments, hackers or crime-based botnet herders, except for the fact it's legal when one of them does it.