ClearSky Cyberdefense Forum

Kaspersky: Our system is highly tailored, developed for solving a specific narrow task, and not intended for playing Half-Life on, editing your vacation videos, or blathering on social media.Second: we’re working on methods of writing software which by design won’t be able to carry out any behind-the-scenes, undeclared activity. This is the important bit: the impossibility of executing third-party code, or of breaking into the system or running unauthorized applications on our OS; and this is both provable and testable.

http://eugene.kaspersky.com/2012/10/16/kl-developing-its-own-operating-system-we-confirm-the-rumors-and-end-the-speculation/

Zero-day vulnerabilities and exploits dominate headlines and most heated information security discussions. In truth, however, there are relatively few of these attacks hitting a small number of hosts, according to new research on the subject.

The reason zero days eat up so much bandwidth is because of their effectiveness in compromising targets and avoiding detection. Researchers Leyla Bilge and Tudor Dumitras of Symantec Research Labs looked at period of malware activity on a host of Symantec detection platforms from 2008 to 2011 and quantified the window of exposure organizations face from attacks that are active before vulnerabilities are publicly disclosed.

Link To The Study : http://users.ece.cmu.edu/~tdumitra/public_documents/bilge12_zero_day.pdf

Click to access Microsoft_Security_Intelligence_Report_Regional_Threat_Assessment_Israel.pdf

The hackers behind recent disruptions of U.S. bank websites this week launched a new wave of attacks.

The attacks were previewed Monday in a Pastebin post from Izz ad-Din al-Qassam Cyber Fighters, which promised to attack Capital One (Tues.), SunTrust Banks (Wed.), and Regions Financial (Thurs.), beginning at 2 p.m. British Time each day, and lasting for eight hours.

http://www.informationweek.com/security/attacks/hackers-launch-new-wave-of-us-bank-attac/240008917

WASHINGTON — The U.S. military now has the ability to trace a cyberattack back to its source and mount pre-emptive operations when an impending assault is detected, Defense Secretary Leon Panetta declared Thursday.

http://www.stripes.com/news/us-can-trace-cyberattacks-mount-pre-emptive-strikes-panetta-says-1.192789

Cyberattackers who disrupted the websites of U.S. banks over the last two weeks used a highly sophisticated toolkit — a finding that points to a well-funded operation, one security vendor said on Monday. Prolexic Technologies said the distributed denial of service (DDoS) toolkit called itsoknoproblembro was used against some of the banks which included Wells Fargo, U.S. Bank,  PNC Bank, Bank of America and JPMorgan Chase. Each of the banks was struck on separate days.

http://www.networkworld.com/news/2012/100112-expert-fingers-ddos-toolkit-used-262946.html

In the most recent attacks, the traffic coming in was the equivalent to about 65 gigabytes per second, Smith says. “A typical DDoS attack waged by a hacktivist group looks much different than what we saw here,” he says. “You would expect less than 1 gbps [gigabyte per second] of attack traffic for the average hacktivist, and would expect peaks up to, maybe, 2 gbps.”

http://www.bankinfosecurity.com/new-bank-attacks-expected-today-a-5155/op-1

Hackers linked to China’s government broke into one of the U.S. government’s most sensitive computer networks, breaching a system used by the White House Military Office for nuclear commands, according to defense and intelligence officials familiar with the incident.

http://freebeacon.com/white-house-hack-attack/

and the result : 

President Barack Obama on Friday took the rare step of blocking foreign investment in a U.S. company, invoking national-security concerns to prevent a firm owned by two Chinese nationals from acquiring four wind-farm projects in Oregon.

http://newsfeedresearcher.com/data/articles_b40_2/president-obama-national.html#hdng0