Posts Tagged ‘computers’

Stealthy Regin malware is a ‘top-tier espionage tool’ – CNET

Monday, November 24th, 2014

An advanced piece of malware, newly uncovered, has been in use since as early as 2008 to spy on governments, companies and individuals, Symantec said in a report released Sunday.The Regin cyberespionage tool uses several stealth features to avoid detection, a characteristic that required a significant investment of time and resources and that suggests it’s the product of a nation-state, Symantec warned, without hazarding a guess about which country might be behind it. The malware’s design makes it highly suited for long-term mass surveillance, according to the maker of antivirus software.”Regin’s developers put considerable effort into making it highly inconspicuous. Its low key nature means it can potentially be used in espionage campaigns lasting several years,” the company said in a statement. “Even when its presence is detected, it is very difficult to ascertain what it is doing.”The highly customizable nature of Regin, which Symantec labeled a “top-tier espionage tool,” allows for a wide range of remote access Trojan capabilities, including password and data theft, hijacking the mouse’s point-and-click functions, and capturing screenshots from infected computers. Other infections were identified monitoring network traffic and analyzing email from Exchange databases.Cyberespionage is a sensitive subject, often straining diplomatic relations between countries. The US and China have tussled for years over accusations of electronic spying. The US has accused China’s government and military of engaging in widespread cyberespionage targeting US government and business computer networks. China has denied the charges and accused the US of similar behavior targeting its own infrastructure.Related stories Russian government gathers intelligence with malware: report Former NSA director speaks out on spying, Stuxnet, defense China cyberspies hit US national security think tanks Behind US-China cyberspy tensions: The view from Beijing Q&ASome of Regin’s main targets include Internet service providers and telecommunications companies, where it appears the complex software is used to monitor calls and communications routed through the companies’ infrastructure. Other targets include companies in the airline, energy, hospitality and research sectors, Symantec said.The malware’s targets are geographically diverse, Symantec said, observing more than half of the infections in Russia and Saudi Arabia. Among the other countries targeted are Ireland, Mexico and India.Regin is composed of five attack stages that are hidden and encrypted, with the exception of the first stage, which begins a domino chain of decrypting and executing the next stage. Each individual stage contains little information about malware’s structure. All five stages had to be acquired to analyze the threat posed by the malware.The multistage architecture of Regin, Symantec said, is reminiscent of Stuxnet, a sophisticated computer virus discovered attacking a nuclear enrichment facility in Iran in 2010, and Duqu, which has identical code to Stuxnet but which appeared designed for cyber espionage instead of sabotage.Symantec said it believes that many components of Regin remain undiscovered and that additional functionality and versions may exist.”Regin uses a modular approach,” Symantec said, “giving flexibility to the threat operators as they can load custom features tailored to individual targets when required.”

via Stealthy Regin malware is a ‘top-tier espionage tool’ – CNET.

Russia-linked hackers allegedly penetrated unclassified White House networks – Sun, surf and the NIST framework

Wednesday, October 29th, 2014

Hackers thought to be working for the Russian government recently penetrated the White House’s unclassified computer networks, the Washington Post reported late Tuesday citing unnamed sources. Countermeasures temporarily disrupted some users’ IT access, but the hackers did not get away with any vital information, the paper reported, adding that the U.S. was tipped to the intrusion by an ally. A White House official confirmed to POLITICO that security personnel had discovered suspicious activity on unclassified networks but would not comment on the source of the intrusion. “In the course of assessing recent threats, we identified activity of concern on the unclassified [Executive Office of the President] network,” the official said. “In this case, we took immediate measures to evaluate and mitigate the activity. Our actions are ongoing, and some have resulted in some temporary outages and loss of connectivity for our users. Our computers and systems have not been damaged, though some elements of the unclassified network have been affected. The temporary outages and loss of connectivity for our users is solely the result of measures we have taken to defend our networks." Justice Department officials have also described computer outages in recent days, though it’s not clear if those are related to the White House outage.

via Russia-linked hackers allegedly penetrated unclassified White House networks – Sun, surf and the NIST framework – POLITICO Morning Cybersecurity –

Germany to Consider Typewriters to Protect From US Spying

Wednesday, July 16th, 2014


So far we have heard that using privacy tools by every individual and offering encrypted communication by every company is the only solution to Mass Surveillance conducted by the government and law enforcement authorities. But, Germany says the only solution to guard against surveillance is – Stop using Computers!!

Ohh Please!! Is it a joke?

No, it does not mean that they are going to completely throw out all of their computer systems, but rather they would use it preposterous.

A year ago, when it came to light that German Chancellor Angela Merkel’s own personal mobile phone had been spied by the U.S. National Security Agency (NSA) for years, Surveillance has become a big issue for Germany. Such a big that prominent politicians are seriously considering using manual typewriters for sensitive documents instead of computers.

The head of the Germany’s NSA Inquiry Committee, Patrick Sensburg said in an interview with the Morgenmagazin TV show on Monday night, that the government is seriously considering a low-tech solution to the ongoing espionage problem and to keep American eyes off of sensitive documents.

via Germany to Consider Typewriters to Protect From US Spying.

Microsoft to Patch Critical Internet Explorer Zero-Day Vulnerability Today!

Tuesday, June 10th, 2014

IE update

Internet Explorer update

Today Microsoft has released its Advance Notification for the month of June 2014 Patch Tuesday releasing seven security Bulletins, which will address several vulnerabilities in its products, out of which two are marked critical and rest are important in severity.

This Tuesday, Microsoft will issue Security Updates to address seven major vulnerabilities and all those are important for you to patch, as the flaws are affecting various Microsoft software, including Microsoft Word, Microsoft Office and Internet Explorer.


Bulletin one is considered to be the most critical one, which will address a the zero-day Remote Code Execution vulnerability, affecting all versions of Internet Explorer, including IE11 in Windows 8.1.

All server versions of Windows are affected by this vulnerability, but at low level of severity because by default, Internet Explorer runs in Enhanced Security Configuration and just because Server Core versions of Windows Server do not include Internet Explorer, so are not affected.

The vulnerability allows a remote attacker to execute arbitrary code using JavaScript, but so far, the zero-day flaw is not known to have been used in any attacks, according to Microsoft. “The Update for Internet Explorer addresses CVE-2014-1770, which we have not seen used in any active attacks.”

Microsoft kept hidden this critical Internet explorer Zero-Day vulnerability from all of us since October 2013, but last month the team at ‘Zero Day Initiative’ disclosed the vulnerability publically when Microsoft failed to respond and patch this flaw within 180 days after receiving the details from security researcher.

The second Bulletin addresses one or more flaws in both Windows and Office products. It is also a Remote Code Execution vulnerability and rated ‘Critical’ on all versions of Windows including Server Core; Microsoft Live Meeting 2007 Console and all versions of Microsoft Lync, excluding the Lync Server. The flaw is also rated ‘Important’ for Office 2007 and Office 2010.

These critical security updates are really important for users to patch and both the patches will require a restart after the installation of the new versions.


Remaining five bulletins will address one or more remote code execution vulnerabilities in Office, an information disclosure bugs in Windows, information disclosure bugs in Lync Server, a Denial of Service (DoS) bug in all Windows versions since Vista, and a “tampering” vulnerability in Windows including Windows 7, 8.x and Server 2012.


Microsoft will not release any security update for its older version of Windows XP, like last month it provided an ‘out-of-band security update’ for Windows XP machines affected by the zero-day vulnerability.

Microsoft stopped supporting Windows XP Operating System. So, if you are still running this older version of operating system on your PCs, we again advise you to move on to other operating system in order to receive updates and secure yourself from upcoming threats.

via Microsoft to Patch Critical Internet Explorer Zero-Day Vulnerability Next Tuesday – The Hacker News.

Hacking Cable TV Networks to Broadcast Your Own Video Channel (POC @ HITB)

Monday, May 26th, 2014


I was watching my favorite show on the television and it was just half over when I saw something which was definitely not a part of the show I was watching. My television screen gone blank for a couple of seconds and then what I saw was totally unbelievable for my eyes.It was my friend ‘Rahul Sasi’ on the television and I was still wondering that how did he interrupted in between a television show like happens in Sci-Fi movies, someone hijacks television or computer to deliver some kind of message or warning. Also like in some horror movies in which sometime ghostly images interrupts between the television and suddenly comes out. Oh my god!But, nothing happened like that in my case, my friend didn’t came out. Just few minutes later I was again redirected to the same show I was watching, only a part of it I missed, but never mind I’ll watch it on the YouTube later.I think you might be thinking as if I am kidding, but it’s true. My friend Rahul Sasi is a well known Indian security researcher, and founder of Garage4Hackers Forum. This was a surprise demonstration he gave me last weekend on “Hacking Your Cable TV Networks,” which he is going to present next week at Hack In The Box HITB Security Conference in Amsterdam.

A year back, similar attack was noticed by the Television viewers in Great Falls, Montana, when a hacker interrupted the television show by a message, warning the viewers that “dead bodies are rising from their graves and attacking the living”.  But, this is going to be the first time when someone will give a Live demonstration on Hacking the cable television networks. From last eight to nine months, Rahul is working with a local cable TV network provider, where he discovered insecure implementations and weak architecture of the Cable TV networks, that could be abused by any potential hacker to carry out large scale attacks.Unlike Internet, Television is one way medium, and if someone hijack any cable TV network service provider and display an emergency alert or a stream in a Video stating that a riot has started in your nearby city. Which in real is only a hoax, perpetrated by as-yet unknown hackers, but can cause enough panic among the people.In the presentation, Sasi will demonstrate how a potential attacker can leverage the weakness in the Cable TV networks to hack various standards for the broadcast transmissions including the Analogue Cable TV, DVB-C and IPTV.He will perform Man-in-the-Middle MITM attack on Cable TV networks to capture and modify the channels frequencies.

via Hacking Cable TV Networks to Broadcast Your Own Video Channel.

China Bans Microsoft Windows 8 for Government Computers

Wednesday, May 21st, 2014



China Windows 8
While US government is always prohibiting the purchase of Huawei products due to suspected backdoors from the Chinese government, China also keep itself totally apart from the US productions.
China is a bit famous for using its own operating systems, smartphone application services and lots more, rather than using the US developed Operating Systems, and now China has reportedly banned the installation of Microsoft Corporation’s latest operating system, Windows 8 on any of its government computers.
The Central Government Procurement Center issued a notice that was posted on its website last week prohibiting the use of Microsoft’s latest operating system and the reason behind it is to support the use of energy-saving products, the report said.
But the state news agency ‘Xinhua’ pointed out a different reason for the ban saying the country wants to avoid any further losing of the support for an operating system like it did recently by pulling out its support from the oldest operating system Windows XP, which was widely used in China and is still estimated to be used on as much as half of the Chinese desktop market, the Chinese news agency claimed.
In the beginning of last month, Microsoft stopped providing the support for its longest running and most successful 13 year old Operating system, Windows XP, despite the fact that it has been used widely across the world than any other OS.

According to China’s Central Government Procurement Center, all the desktops, laptops, and tablets used by central state agencies must run on an OS other than Windows 8. “All computer products are not allowed to install [the] Windows 8 operating system,” reads the post on the center’s website.

The ban applies only to the government offices, however the market of personal computers remains unaffected. Till now, Microsoft didn’t respond to comment on the issue.

via China Bans Microsoft Windows 8 for Government Computers.

End of support Windows XP – Top Questions – Microsoft Windows

Monday, April 14th, 2014

What exactly does end of support mean?

Why did Microsoft end support for Windows XP?

Will my computer still work without support?

Will I experience a loss of performance in running Windows XP without XP support?

I’ve heard that anti-virus companies will keep issuing updates after the deadline — will this keep me protected after April 8?

I read that Microsoft Security Essentials will no longer be available after April 8 — what does that mean?

Why are you discontinuing MSE but still making other add-ons (Bing, Windows Media Center, etc.) available for Windows XP?

I read somewhere that Google Chrome will continue to be updated after end of support for Windows XP. Will I be safe if I use Chrome instead of Internet Explorer when I go online?

Can’t I just update my software without getting a new PC?

If I have to update my PC, I want the closest thing to what I had.

I’m open to looking at some new PCs; what’s popular with Windows XP users?

I’ve heard that Windows 8 or 8.1 is different from what I’m used to.

Is it going to be hard to learn Windows 8.1?

If I get a new PC, what will happen to all the stuff on my old PC?

I’m not sure I understand everything. Is there someone I can talk to?

Can I get some help finding the right PC?

How expensive are new PCs?

What do I do with my old PC?

via End of support Windows XP – Top Questions – Microsoft Windows.