Yesterday, my BreachBytes co-author Andy wrote about the rise of organized crime in cybersecurity. It is an interesting and alarming trend that we have been discussing for quite some time at Packet Analytics. I have been watching a few developing stories on another trend in the hacker community: hacktivism. The Register reported yesterday on the RIAA website’s recent defacement problems and on the Church of Scientology’s DOS problems. Just this morning Rueters has a blurb about purported cyberattacks aimed at Panama by US hackers angry with the election of Pedro Miguel Gonzalez as the president of the Panamanian legislature (Gonzalez is a murder suspect in the US).
Reading, research and personal experience has led me to believe that modern hackers (I am not including whitehat hackers here — that’s another post) are motivated in one of three ways:
- Bragging rights (traditional hackers, script kiddie)
- Money (organized crime, identity thieves, scammers)
- Ideology (hacktivists, spies)
(more…)
2 Comments »
Computer security is not a static field. Some people call it job security; others call it life with a beeper that goes off always at the wrong time. However, for a dynamic field the nature of the threats don’t seem to change that much. Back in the day, Script Kiddies earned their name and most were only interested in defacing web sites. Today, these same attacks are coming from a much more educated group, working in unison, to gain personal information or monetary goals. To compound the issue, technology is always changing. Our users demand these technologies in the name of productivity, (I hear a lot of the world’s major issues have been solved with bitTorrent) but early adopters usually get rewarded with the latest zero day attack. The one thing that hasn’t seemed to advance is the savvy of our end users. Phishing and email scams continue to grow because they continue to work.
(more…)
1 Comment »
Microsoft has launched a highly technical blog to disseminate vulnerability information to security researchers and practitioners on Patch Tuesdays. While they have been sharing information about vulnerabilities and patches on Patch Tuesdays, there has not been this level of technical depth available until now.
The blog’s tagline is as follows:
“Information from Microsoft about vulnerabilities, mitigations and workarounds, active attacks, and other related guidance and information.”
As an example of the type of posts on the site, one post has a PCAP file used to show the pre-patch states of SMBv2 network traffic. This packet data can easily be used to identify unpatched computers on the network using an intrusion detection system like Snort.
(more…)
No Comments »
Entries (RSS)