Paranoid Technology All things cybersecurity


Wanna Cry?!!! We do…

The cyber-attack that happened earlier this week reminded us of the questions posed in our March post – Initial Thoughts on Wikileaks Vault 7 Leak Series:

This wikileak points to increasing erosion of public safety - despite having these tools at hand, world governments (US, UK, Germany) continue to push for encryption back doors. Equation Group’s leak (NSA) late 2016 and this latest CIA leak once again prove all organizations have their OpSec issues - the three letter agencies are themselves at risk; backdoors, once discovered, work just as well for foreign spies, cyber-criminals and script kiddies.  Who is protecting the innocent? “

Apparently no one… Is the NSA going to step up and accept responsibility? Maybe if hell freezes over – “Cannot either deny or confirm the existence of these weapons…” Well, everybody else did – who cares if you do or don’t?!!

Interestingly, even Chinese state media called for the NSA to take some responsibility, how ironic… Like they should be talking…


Drones may be the Next Target for Hackers!

captured-us-droneIn December 2011 Iran National TV aired views of a RQ-170 Sentinel claiming that they hacked the ultra secret surveillance drone; researchers questioned Iran's capability to accomplish such a complicated task, the U.S. government immediately denied the incident. Granted Iran might have obtained "external guidance" in bringing the drone down, but it is now proven that this type of hack is quite plausible.

As a result drone manufacturers are scrambling to make drones immune to such attacks by use of unpredictability, GPS independent guidance / mission control systems... This is a very hot topic because the whole war strategy is now shaping around Low Intensity Conflicts (LIC) and drone warfare... Without drones delivering strategic blows this strategy will fail in the long term.;)

In the civil arena - now there are talks of commercial drones filling up the skies - FAA authorized the use of commercial drones and the testing will soon start in the second quarter of 2014.

Of course the threat level of a military drone being hijacked and a commercial drone being hijacked is two separate issues - but regardless of military or commercial; drones raining down on our heads is still not a happy thought.


Akamai’s State of the Internet Report

A third of all cyber attacks originated from China during the third quarter of 2012, according to a report by Akamai.

Akamai found that the second leading country for cyber attacks was the US. Russia was reported to have come in a distant third. The statistics come from Akamai's quarterly State of the Internet report.

"During the quarter, the top 10 countries/regions were responsible for generating 72 percent of the observed attack traffic. Within the top 10, slightly more than 50 percent of attack traffic was generated by three countries: China, the United States and Russia," Akamai claimed.


Red October Cyber Espionage Ring

large-red-october We thought it started with StuxNet and/or Flame - Red October cyber espionage ring has been in operation for 5 years, deep undercover. It targeted most major European governments, diplomatic offices all over the world. The most interesting thing this may not be a state sponsored attack, or so far it seems. During its 5 year existence Red October downloaded hundreds of terabytes of data to its operators. Who is behind this operation is currently unclear. Kaspersky Labs uncovered this espionage ring; senior Kaspersky researcher Roel Schouwenberg told SecurityWatch:...


On Flame Computer Virus

Have you heard about Stuxnet the sequel; Flame!?? It is a 20MB in size, modular computer malware used for industrial espionage in the Middle East; there are also some sightings of it in Europe. Here is a bit from Kevin Mitnick on Flame - Even though he mispronounces nuclear - it is good to hear from him after a while!


Facebook, Dropbox app security holes

It is hard to believe top notch companies in 2012 are still looking over the security reality, but believe it folks... The same security hole recently discovered in Facebook’s iOS and Android apps has now been found in Dropbox’s iOS app as well. The flaw allows anyone with physical access to your phone to copy your login credentials — the reason, because your login information is stored in unencrypted text files on your phone by both apps.


Foreign spies ‘penetrate’ US military networks

"Low pay, delays over promotion and wage freezes made it very hard for the US government to attract and keep talented computer security staff" according to Dr Kaigham Gabriel, current head of the Defence Advanced Research Projects Agency.


Turkish Police Force E-mail Database Hacked

Oddball news continue - claimed by EROFOLIO - it looks like the The HQ of Turkish Police Force's e-mail database was hacked and e-mail accounts and passwords were leaked, see the original post...


HITB2012AMS Live-Hacking Competition

Here is a little press release from HackInTheBox Hackers Conference – This one is very interesting as it presents a live hack challenge to a bank and a defense attack simulation, read it below: