Monthly Archives: December 2012

Week in review: Malicious QR codes, Tor-powered botnet, and Mac users hit with SMS fraud

Here's an overview of some of last week's most interesting news, videos and articles: Motives behind IT budget spend and 2013 cloud trends A global survey of 550 CIOs, IT Directors, and senior I…

Read More:
Week in review: Malicious QR codes, Tor-powered botnet, and Mac users hit with SMS fraud

UK cops: How we sniffed out convicted AnonOps admin ‘Nerdo’

Hint: Sometimes gamer tags give the game away Analysis of IRC logs and open source intelligence played a key role in the successful police prosecution that led up the conviction of a member of Anonymous for conspiracy to launch denial of service attacks against PayPal and other firms.…

View original post here:
UK cops: How we sniffed out convicted AnonOps admin ‘Nerdo’

Top 7 security predictions for 2013

A seismic shift in who controls the Internet? Another Mac malware outbreak? Your smart TV being highjacked for a DDoS attack? Whatever 2013 may bring, it’s sure to be an interesting year. Here’s F-Sec…

Taken from:
Top 7 security predictions for 2013

To the Rescue: A Fully Managed Distributed Denial of Service (DDoS) Protection Solution

With its hosting DNA, DOSarrest understands the challenges of dealing with a distribute denial of service (DDoS) attack in a data center. We know, for example, that for every minute your website is reeling from a DDoS attack, thousands – or even hundreds of thousands-of dollars can be lost in the form of missed sales and credibility with your customers. In addition to lost revenue, you risk future losses due to the negative impact to your search engine optimization (SEO) ranking caused by a prolonged outage – a penalty from which it can take months to recover. To help avoid these problems, DOSarrest designed a cloud-based mitigation service that provides carrier-grade service and leaves your Web infrastructure intact. Because we created a multilayered defense system in each of its geo-distributed mitigation centers, we can handle the large Layer 2 and Layer 3 attacks all the way to the most sophisticated application layer incursions with relative ease. Expecting the Unexpected Given the relatively low barrier of entry for the committed attacker, a DDoS attack can be launched at anytime for a variety of reasons, unbeknownst to the victim. Because of this uncertainty, we had to design a mitigation service that could be implemented within minutes. By using a distributed architecture, we can provide both DDoS protection and added website performance for our customers. But this distribution presented some challenges we had to overcome. Given that we broadcast our customers’ content from several locations between Europe and North America, we needed to know how each location was performing. Ensuring Total Stability and Performance To solve this problem we developed – and are now in the process of rolling out – DOSarrest External Monitoring Service (DEMS) , a completely separate website monitoring service designed to ensure the highest degree of stability and performance for all the geographic regions from which we broadcast. Even some of the world’s largest content-delivery networks don’t supply this information to their customers. With DEMS , we can provide the first fully managed DDoS protection service, backed by a team of engineers on duty 24/7/365 in our Security Operations Center, which is capable of detecting and thwarting an oncoming attack before it has any effect. Our philosophy is to resolve issues that may arise on the first call or e-mail from our customers. There are no auto-replies here, as an experienced engineer responds to every inquiry, normally within 10 minutes. Jag Bains, CTO at DOSarrest Internet Security . To read more about the InformationWeek DDoS Special Report, download it here: http://www.informationweek.com/gogreen/121112fs

More here:
To the Rescue: A Fully Managed Distributed Denial of Service (DDoS) Protection Solution

4 Banks Respond to Distributed Denial of Service (DDoS) Threats

The day after Izz ad-Din al-Qassam Cyber Fighters announced plans to launch a second wave of distributed-denial-of-service attacks on five U.S. banks, SunTrust suffered intermittent outages and Bank of America and PNC said small numbers of their customers reported having trouble accessing their sites. But it remained unclear whether the problems were the result of an attack. U.S. Bank, which did not suffer any known outages or access issues, did, however, acknowledge that new attacks could be on the way. On Dec. 11, PNC used social media to warn consumers that site outages should be expected, but that account and online-banking credentials would remain secure. And one expert was advising banks to expect the worst, saying Izz ad-Din al-Qassam Cyber Fighters’ second wave of attacks would likely be more fierce than the first. The online-monitoring site websitedown.com reported that about noon ET on Dec. 11, SunTrust Banks website suffered intermittent outages. But SunTrust executives declined to comment on the nature of the outages. BofA spokesman Mark Pipitone said that while BofA’s site suffered no overall outages, an isolated number of online-banking users reported problems accessing the site. “We’re aware of the reports of possible cyberattacks, and we’re monitoring our systems, which are fully operational,” Pipitone said in the early evening of Dec. 11. PNC spokeswoman Amy Vargo said some PNC customers may have experienced intermittent difficulty logging in on their first attempts. “We are aware of the situation and working to restore full access,” she said during the early evening of Dec. 11. “We are focused on minimizing disruption to our customers and will review the cause of this incident once full access is restored.” And U.S. Bank spokesman Tom Joyce told the Minneapolis/St. Paul Business Journal that the bank is “taking all necessary steps” to prepare for more attacks. “It’s important to note that these denial-of-service attacks are designed to slow down banks’ websites and create a nuisance for consumers,” Joyce said. “Customers can be assured that their data and funds are secure.” The hacktivist group Izz ad-Din al-Qassam Cyber Fighters named SunTrust, U.S. Bancorp, JPMorgan Chase, Bank of America and PNC Financial Services Group as targets for its next wave of DDoS attacks. The group, in a Dec. 10 post on Pastebin , announced plans for what it portrays as “Phase 2 Operation Ababil” – a second campaign of attacks waged against leading U.S. banks to protest a YouTube movie trailer deemed offensive to Muslims. All five banks were targets – along with Wells Fargo, Capital One, Regions Bank, BB&T and HSBC – during the first wave of DDoS attacks , which ran from mid-September to mid-October. During that period, each bank’s website suffered intermittent outages of varying degrees. CapOne was the only institution targeted twice in the first wave (see CapOne Takes Second DDoS Hit ). PNC’s Communications Stand Out On Dec. 11, three of the five newly targeted banks were remaining quiet, declining to comment about the threat and steps they were taking, if any, to communicate with consumers about the expectation of more attacks. BofA acknowledged isolated reports from consumers who suffered difficulty logging in. PNC, the only bank to publicly outline details surrounding the DDoS attack it suffered in the first wave, however, immediately took steps to notify the public of the possibility for a second attack. Through Dec. 11 posts on the social-networking sites Facebook and Twitter , PNC forewarned online-banking customers that outages should be expected. “This potential threat could result in high volume of electronic traffic that may make it difficult for our customers to log onto online banking,” the bank stated on its Facebook page and website . “Please be assured that PNC’s website is protected by sophisticated encryption strategies that shield customer information and accounts. We have no information regarding timing, duration or intensity of this potential threat. Please continue to follow our page for additional updates.” Fiercer Attacks Ahead? Why these five banks have been targeted for a second attack is not clear. But John Walker , an independent security professional in London and member of the European Network and Information Security Agency’s security experts team, says banks should expect the new attacks to be more fierce than the first, as the hacktivists promised in their Dec. 10 post. “By showing the game can be taken to ever-increasing levels starts to focus the mind of the victim organizations as to their frailty,” Walker says. “They [the hacktivists] are, I believe, demonstrating their power.” Walker says banks learned valuable lessons during the first wave, which will provide them with tools to better prepare this time around. But they should not be overly confident in their abilities to stave off outages. “This style of attack has not even matured yet, and there is more to come,” he says. “The time has arrived for … more techno-savvy security – and more honesty in the boardroom – as to real-time security exposure before the event, not just after it has impacted the business.” Source: http://www.bankinfosecurity.com/webinars/new-wave-ddos-attacks-how-to-prepare-respond-w-308

Continue reading here:
4 Banks Respond to Distributed Denial of Service (DDoS) Threats

Researchers uncover Tor-powered Skynet botnet

Rapid7 researchers have recently unearthed an unusual piece of malware that turned out to be crucial to the formation of an elusive botnet – dubbed Skynet by the researchers – whose existence has been…

Follow this link:
Researchers uncover Tor-powered Skynet botnet

U.K. hacker convicted for taking part in Anonymous attacks

22-year-old Christopher Weatherhead from Northampton, U.K., has been convicted on Thursday on one count of conspiracy to impair the operation of computers for his involvement in the DDoS campaign agai…

Follow this link:
U.K. hacker convicted for taking part in Anonymous attacks

British student found guilty of Anonymous PayPal Distributed Denial of Service (DDoS) Attacks

A British student has been convicted over his role in a series of denial of service attacks against PayPal, which cost the payment firm £3.5m. Christopher Weatherhead was part of an Anonymous gang that attacked PayPal in protest at the firm’s decision not to handle payments being made to whistle-blowing website Wikileaks, in an attack dubbed ‘Operation Payback’. According to multiple reports, the jury hearing the case took little more than two hours to reach their guilty verdict. Three other members of the gang had already pleaded guilty but Weatherhead had argued he had not taken part in the attacks, claiming his role had been limited to operating Anonymous chat rooms. The judge presiding over the case, Peter Testar, told the defendants that he regarded the offences as serious. Weatherhead, who was a student at Northampton University at the time of the attacks, was found guilty under the Criminal Law Act 1977, and could face jail time as a result of the guilty verdict. The Metropolitan Police arrested five youths in 2011 in connection with Operation Payback, while other suspected members were arrested by the Dutch authorities. Operation Payback had initially begun as a protest against the music industry’s anti-piracy stance, but the focus changed after Wikileaks published a series of leaked diplomatic memos. Several financial services firms including PayPal, MasterCard and Visa withdrew services from Wikileaks, and as a result drew the ire of the Anonymous activists. Source: http://www.v3.co.uk/v3-uk/news/2230251/british-student-found-guilty-of-anonymous-paypal-ddos-attacks

Link:
British student found guilty of Anonymous PayPal Distributed Denial of Service (DDoS) Attacks

Gameover gang uses Cutwail botnet to swell its own

The hackers behind the Gameover variant of the popular Zeus banking Trojan have rented the massive Cutwail botnet in order to send out millions of fake emails carrying the malware, warns Dell SecureWo…

See more here:
Gameover gang uses Cutwail botnet to swell its own