Category Archives: Cyberthreats

China’s Silent Warfare

From IntelliBriefs: The recent discovery of Chinese cyber warfare attacks on foreign computers, on communication computers of visiting dignitaries, and espionage activities to assist a friendly country is building weapons of mass destruction (WMDI) has refocused international attention on the developing spectrum of China’s military doctrine. Continue reading →

Advertisements

The Kyrgyzstan Cyber Attack That No One Is Talking About

 

From IntelFusion:

“A colleague alerted me a couple of days ago to a massive DDOS attack against Kyrgyzstan ISPs http://www.ns.kg andwww.domain.kg which essentially shut them down on January 18, 2009. There are only 4 ISP providers for the entire country so this attack was clearly sending a message. Since the attacking IPs were Russian, and since the Russian government supports the current Kyrgyzstan President, I’m thinking that its a message to the opposition party.” … Continue reading →

Cyber News in December

These are some cyber news I must read:  from IntelFusion : Cyber Archive / from IntelliBriefs: Evolving Cybersecurity Faces a New Dawn

Chinese Hacker Methodology Flowchart

from IntelliBriefs:

The Dark Visitor blog

This Chinese hacker intrusion flowchart above, taken from Stuhack, clearly demonstrates Chinese hackers have developed a methodology to their attacks.
The first thing that popped into my head when I saw the chart was the Police song, “Murder by Numbers.”
Is this intrusion chart unique? Probably not. Could they have taken it from someone else? Sure.
As always, many thanks to Jumper for helping me to get the correct terminology. I really had some of them botched.

Top Five National Security Research Challenges/Opportunites for the Next Adminstration

From ZIA – “These are merely a reflection of my own opinions and biases, and I welcome additional suggestions in the comments or e-mail.

  1. Quantum Cryptography – Quantum computing will completely change all aspects of information technology; however, its deepest consequence for national security could be in cryptography. Continue reading →

The SANS Top 20 Internet Security Vulnerabilities

Four years ago, the SANS Institute and the National Infrastructure Protection Center (NIPC) at the FBI released a document summarizing the Ten Most Critical Internet Security Vulnerabilities. Thousands of organizations used that list, and the expanded Top-20 lists that followed one, two, and three years later, to prioritize their efforts so they could close the most dangerous holes first. The vulnerable services that led to worms like Blaster, Slammer, and Code Red have been on these lists. This SANS Top-20 2005 is a marked deviation from the previous Top-20 lists. In addition to Windows and UNIX categories, we have also included Cross-Platform Applications and Networking Products. The change reflects the dynamic nature of the evolving threat landscape. Unlike the previous Top-20 lists, this list is not “cumulative” in nature. We have only listed critical vulnerabilities from the past year and a half or so. If you have not patched your systems for a length of time, it is highly recommended that you first patch the vulnerabilities listed in the Top-20 2004 list. We have made a best effort to make this list meaningful for most organizations. Hence, the Top-20 2005 is a consensus list of vulnerabilities that require immediate remediation. It is the result of a process that brought together dozens of leading security experts. They come from the most security-conscious government agencies in the UK, US, and Singapore; the leading security software vendors and consulting firms; the top university-based security programs; many other user organizations; and the SANS Institute. A list of participants may be found at the end of this document. The SANS Top-20 is a living document. It includes step-by-step instructions and pointers to additional information useful for correcting the security flaws. We will update the list and the instructions as more critical threats and more current or convenient methods of protection are identified, and we welcome your input along the way. This is a community consensus document — your experience in fighting attackers and in eliminating the vulnerabilities can help others who come after you. Please send suggestions via e-mail to top20@sans.org.

Source: The SANS Institute via Defense Tech