CIA details agency’s new digital and cyber espionage focus

It seems like it might be about 10 years too late to the party but come October 1, the Central Intelligence Agency will ad a new directorate that will focus on all things cyber and digital espionage.The CIA’s Deputy Director David Cohen to a Cornell University audience last week that once the new Directorate of Digital Innovation (DDI) is up and running “it will be at the center of the Agency’s effort to inject digital solutions into every aspect of our work. It will be responsible for accelerating the integration of our digital and cyber capabilities across all our mission areas—human intelligence collection, all-source analysis, open source intelligence, and covert action.”To read this article in full or to leave a comment, please click here

Why we raised $110m from Fidelity, Google, Microsoft, Baidu and Qualcomm

The past few years have been marked by tremendous growth for CloudFlare. At the time of our last fundraising in December 2012, CloudFlare was a team of 37 operating a network in 23 cities and 15 countries—today we number over 200 with a presence in 62 cities and 33 countries. We’ve grown from delivering 85 billion page views per month for 500 thousand customers to nearly 1 trillion each month across 4 million Internet properties, all the while protecting our customers from hundreds of billions of cyber threats. The growth and resonance of our service since CloudFlare’s founding 5 years ago is beyond our wildest of expectations, but it is only in the coming years that our scale and efforts to build a better Internet will become visible.

In 2016 alone we will more than double our global presence, increase the size of our network by an order of magnitude, and with that allow millions of new businesses and online publishers to accelerate and secure their online applications and harness the growing power of the Internet economy. Our service is built on the simple premise that any individual or business should be able to quickly and easily ensure the global Continue reading

Chip card reality check: Oct. 1 deadline termed a ‘soft incentive’

Despite an Oct. 1 deadline for U.S. merchants to accept secure chip-enabled credit and debit cards, experts believe it will take years for the conversion."Realistically, we should expect the adoption of chip cards in the U.S. to take a few years," said Avivah Litan, an analyst at Gartner who has been following the conversion for a decade, in an interview this week.Oct. 1 is the deadline for merchants to begin using newer point-of-sale terminals to accept chip cards. Meanwhile, banks are steadily sending chip cards to millions of customers as replacements for magnetic stripe cards. Chip cards are more secure than the older technology, and the U.S. is one of the latest countries to make the conversion.To read this article in full or to leave a comment, please click here

Hack iOS 9 and get $1 million, cybersecurity firm says

The market for unpatched vulnerabilities has grown so much that an exploit reseller is willing to pay US$1 million dollars for an attack that can compromise iOS 9 devices.Zerodium, an exploit acquisition company, promises to pay $1 million to researchers who can provide it with an "exclusive, browser-based, and untethered jailbreak for the latest Apple iOS 9 operating system and devices."In the context of iOS devices, jailbreaking refers to bypassing the security restrictions enforced by the mobile operating system in order to install applications that haven't been authorized by Apple and are not distributed through the official app store.To read this article in full or to leave a comment, please click here

Cisco Intelligent WAN (IWAN)

cisco-logo

When I made a stab at defining SD WAN recently, I noted that Cisco’s IWAN solution had provided a bit of a contrast to some of the other Software Defined WAN solutions I’d seen; not in a bad way, but I was certainly interested in the approach.

SD WAN Definition

I’m going to “do a Joe Onisick” here and quote myself as a reference for what I might be hoping for from the Cisco IWAN solution:

“SD WAN is a solution that uses real time WAN link performance monitoring and data packet inspection to autonomously manage the distribution of network traffic across multiple, likely heterogenous, WAN links with the aim of improving and optimizing WAN performance in alignment with the business requirements.” – John Herbert

One thing my definition doesn’t mention is how these systems get deployed, and since that’s interesting, perhaps let’s start there.

IWAN Zero Touch Deployment

It seems to me that ZTD has become a checkbox requirement for all the SD WAN solutions, and perhaps it’s about time. Zero Touch Deployment in the context of SD WAN means being able to ship a box to a spoke site, have ‘Dumb Hands’ on site plug in the Continue reading

Worth Reading: Energy Prices and the Data Center

Energy is the biggest expense for data centers, and although efficiency improvements can help by reducing consumption, cost remains a critical factor in determining operating budgets. The recent crash in oil prices raises a number of questions about demand, but there’s more to the picture—especially for such a politically charged topic. via the data center journal

The post Worth Reading: Energy Prices and the Data Center appeared first on 'net work.

US, China appear close on cyber economic espionage deal

China and the U.S. appear close to a ground-breaking agreement on cyber espionage that could be signed later this week when President Xi and President Obama meet in Washington.On the eve of the state visit, both countries have expressed a desire to stop cyber espionage for economic gain and agreed it's illegal.But the two countries are still in disagreement over whether China's government plays any part in trans-national cyber hacking for economic purposes.On Monday, U.S. National Security Advisor Susan Rice said "cyber-enabled economic espionage must stop."During a speech in Washington, D.C., she said the issue was more than an irritation and "puts enormous strain on our bilateral relationship and it is a critical factor in determining the future trajectory of U.S.-China ties."To read this article in full or to leave a comment, please click here

Catalyst 3750 IPv6 ACL Limitations

I recently ran into some limitations of IPv6 ACLs on the Catalyst 3750 platform. I had developed an ACL to protect from receiving traffic from unwanted address ranges such as ::, ::1, ::FFFF:0:0/96. The first address is the unspecified address, the second one is the loopback address and the last one is IPv4 mapped traffic. The ACL also contained an entry to deny traffic with routing-type 0.

Note that no error is output when adding the entries in the ACL, only when applying the ACL to an interface.

% This ACL contains following unsupported entries.
% Remove those entries and try again.
    deny ipv6 any any routing-type 0 sequence 20
    deny ipv6 host ::1 any sequence 290
    deny ipv6 host :: any sequence 310
    deny ipv6 ::FFFF:0.0.0.0/96 any sequence 330
% This ACL can not be attached to the interface.
SW1(config-if)#
%PARSE_RC-4-PRC_NON_COMPLIANCE: `ipv6 traffic-filter v6-ACL-IN in'

From the configuration guide, the following limitations apply to the Catalyst 3750 platform.

Cat3750

What this means is that we can’t match on flowlabel, routing-header and undetermined transport upper layer protocol. We also need to match on networks ranging from /0 to /64 and host addresses that are belonging to global unicast Continue reading

Memo to Carly: HP is shifting more work offshore

Carly Fiorina, surging in the polls thanks to her performance in the Republican presidential debate last week, is not to be underestimated or believed.Fiorina was crisp, sharp and quick in the debate -- all characteristics that helped her become Hewlett-Packard's CEO from 1999 to 2005. But she also used her opportunity before a national audience to distort her history at HP by omitting key facts.[ Get the latest tech news with Computerworld's daily newsletters ] "Yes, we had to make tough choices, and in doing so, we saved 80,000 jobs, went on to grow to 160,000 jobs. And now Hewlett Packard is almost 300,000 jobs," said Fiorina, during the debate.To read this article in full or to leave a comment, please click here

Samsung teams with Sectra to secure mobile phones for governments

Sectra Communications is working with Samsung Electronics to integrate its Tiger/R end-to-end hardware encryption system with the phone maker's Knox mobile security platform to create smartphones secure enough to carry government secrets. The market is a lucrative one: Another company, Secusmart, has won over several government organizations in recent years with a BlackBerry smartphone equipped with a microSD encryption module. The combination, costing around €2,000 (US$2,250), is approved by the German government to carry Restricted-level voice and data traffic. Restricted is one of the lowest ratings for government secrets. Sectra and Secusmart both use additional hardware in the form of a microSD card to assist in the encryption process and to protect encryption keys. While Secusmart's system will encrypt calls and data stored on the phone, Sectra's encrypts only voice traffic and text messages.To read this article in full or to leave a comment, please click here

Peeking at Pkybot

For the past few months ASERT has been keeping an eye on a relatively new banking malware (“banker”) known as “Pkybot”. It is also being classified as a variant of “Bublik”, but the former is much more descriptive of the malware. This post will take a peek at some of the bits and pieces of […]

Peeking at Pkybot

For the past few months ASERT has been keeping an eye on a relatively new banking malware (“banker”) known as “Pkybot”. It is also being classified as a variant of “Bublik”, but the former is much more descriptive of the malware.

This post will take a peek at some of the bits and pieces of Pkybot and the campaign using it. The visibility provided can help organizations better understand, detect, and protect against this current threat.

Sample

One of the recent samples analyzed by ASERT has the following hashes:

MD5: 9028d9b64a226b750129b41fbc43ed5e

SHA256: 38eb7625caf209ca2eff3fa46b8528827b7289f1

At the time of this writing it has a VirusTotal detection ratio of 16/57 with just about all the detections being generic in nature. One positive for reverse engineers though is that this sample comes unpacked.

Pkybot

While there’s been some research into the malware already [1] [2], a review and fleshing out never hurts.

Encrypted Bits

Pkybot contains a number of interesting items that are encrypted with the XTEA encryption algorithm. The key used is generated at runtime from a hardcoded seed value (DWORD):

key_gen

It can also be generated using this Python code snippet. Along with the generated XTEA key, this IDA Continue reading

India withdraws draft encryption policy following controversy

The Indian government has withdrawn a controversial draft encryption policy, with a minister stating that the document was not the final view of the government.Under the policy, consumers would have been required to store the plain texts of encrypted information for 90 days from the date of a transaction and provide the text to law enforcement agencies when required under the laws of the country. The government would have also specified the algorithms and the length of the encryption keys used by different categories of people.The policy was largely seen as meeting the need for access to information by law enforcement agencies, and included similar restrictions on business users as well. It also called for Internet services providers to enter into unspecified agreements with the government.To read this article in full or to leave a comment, please click here

1 3,323 3,324 3,325 3,326 3,327 3,852