ClearSky Cyberdefense Forum

Kaspersky: Our system is highly tailored, developed for solving a specific narrow task, and not intended for playing Half-Life on, editing your vacation videos, or blathering on social media.Second: we’re working on methods of writing software which by design won’t be able to carry out any behind-the-scenes, undeclared activity. This is the important bit: the impossibility of executing third-party code, or of breaking into the system or running unauthorized applications on our OS; and this is both provable and testable.

http://eugene.kaspersky.com/2012/10/16/kl-developing-its-own-operating-system-we-confirm-the-rumors-and-end-the-speculation/

Zero-day vulnerabilities and exploits dominate headlines and most heated information security discussions. In truth, however, there are relatively few of these attacks hitting a small number of hosts, according to new research on the subject.

The reason zero days eat up so much bandwidth is because of their effectiveness in compromising targets and avoiding detection. Researchers Leyla Bilge and Tudor Dumitras of Symantec Research Labs looked at period of malware activity on a host of Symantec detection platforms from 2008 to 2011 and quantified the window of exposure organizations face from attacks that are active before vulnerabilities are publicly disclosed.

Link To The Study : http://users.ece.cmu.edu/~tdumitra/public_documents/bilge12_zero_day.pdf

Click to access Microsoft_Security_Intelligence_Report_Regional_Threat_Assessment_Israel.pdf

The hackers behind recent disruptions of U.S. bank websites this week launched a new wave of attacks.

The attacks were previewed Monday in a Pastebin post from Izz ad-Din al-Qassam Cyber Fighters, which promised to attack Capital One (Tues.), SunTrust Banks (Wed.), and Regions Financial (Thurs.), beginning at 2 p.m. British Time each day, and lasting for eight hours.

http://www.informationweek.com/security/attacks/hackers-launch-new-wave-of-us-bank-attac/240008917

WASHINGTON — The U.S. military now has the ability to trace a cyberattack back to its source and mount pre-emptive operations when an impending assault is detected, Defense Secretary Leon Panetta declared Thursday.

http://www.stripes.com/news/us-can-trace-cyberattacks-mount-pre-emptive-strikes-panetta-says-1.192789

Cyberattackers who disrupted the websites of U.S. banks over the last two weeks used a highly sophisticated toolkit — a finding that points to a well-funded operation, one security vendor said on Monday. Prolexic Technologies said the distributed denial of service (DDoS) toolkit called itsoknoproblembro was used against some of the banks which included Wells Fargo, U.S. Bank,  PNC Bank, Bank of America and JPMorgan Chase. Each of the banks was struck on separate days.

http://www.networkworld.com/news/2012/100112-expert-fingers-ddos-toolkit-used-262946.html

In the most recent attacks, the traffic coming in was the equivalent to about 65 gigabytes per second, Smith says. “A typical DDoS attack waged by a hacktivist group looks much different than what we saw here,” he says. “You would expect less than 1 gbps [gigabyte per second] of attack traffic for the average hacktivist, and would expect peaks up to, maybe, 2 gbps.”

http://www.bankinfosecurity.com/new-bank-attacks-expected-today-a-5155/op-1

Hackers linked to China’s government broke into one of the U.S. government’s most sensitive computer networks, breaching a system used by the White House Military Office for nuclear commands, according to defense and intelligence officials familiar with the incident.

http://freebeacon.com/white-house-hack-attack/

and the result : 

President Barack Obama on Friday took the rare step of blocking foreign investment in a U.S. company, invoking national-security concerns to prevent a firm owned by two Chinese nationals from acquiring four wind-farm projects in Oregon.

http://newsfeedresearcher.com/data/articles_b40_2/president-obama-national.html#hdng0

Russia’s top officials have been unnerved by the idea that data collected and stored for years in Google databases could slip into the hands of the US government and expose some of their most secret and sensitive communications.

Similar fears have already driven other expensive military projects with rewards for the masses that come primarily as an afterthought.

One such invention is GLONASS — a rival of the Global Position System (GPS) meant to help generals train their missiles on targets without relying on a US system that could be shut down as a precaution at any point.

http://www.securityweek.com/russia-unveils-secure-android-tablet-keeps-data-away-google

RasGas, the second largest producer of Qatari LNG after Qatar Petroleum, has been hit with an “unknown virus” which has taken the company offline. A RasGas spokesperson confirmed that “an unknown virus has affected its office systems” since Monday 27 August.

http://www.arabianbusiness.com/cyber-attack-takes-qatar-s-rasgas-offline-471345.html

A new academic study has set out to illuminate for the first time the size and structure of the Chinese online underground, and found it affected nearly a quarter of the country’s internet users last year and cost the economy over 5 billion yuan (£500m).

Investigating China’s Online Underground Economy was put together by researchers at California University’s Institute on Global Conflict and Co-operation to highlight the scale and sophistication of China’s cyber black market and to aid global collaboration efforts against hi-tech crime.

To calculate these figures, the report used stats provided by the major local security vendors, court room documents detailing high profile cases and messages from the underground markets themselves which were relatively easy to track down on certain public web platforms.

Link to the research : http://igcc.ucsd.edu/assets/001/503677.pdf

http://www.theregister.co.uk/2012/08/18/baidu_tencent_used_by_chinese_cyber_crims/