The German Anti-Botnet Advisory Centre is warning (in German) users about a new ransomware / BKA Trojan variant that accuses users of being involved in the reproduction of pornographic material involv…
Category Archives: Security Websies
Porn-downloading ransomware targets German users
The German Anti-Botnet Advisory Centre is warning (in German) users about a new ransomware / BKA Trojan variant that accuses users of being involved in the reproduction of pornographic material involv…
Anonymous OpUSA: Massive Cyber Attack Planned For Wednesday May 8 Against Government and Banks
The hacktivist collective Anonymous, along with other hacker groups based in the Middle East and North Africa, began an operation, dubbed “OpUSA,” targeting the websites of nine major U.S. government agencies and over 130 banks earlier this morning in a protest against American foreign policy. Targets include the Pentagon, the National Security Agency, the FBI and the White House, along with the websites of banks such as Bank of America, Capital One and TD Bank. Calling themselves the “N4m3le55 Cr3w,” the collective of hacker groups said in a statement that it aims to make sure “this May 7th will be a day to remember.” The relatively amorphous Anonymous, a decentralized and loosely associated collective of hackers, grew out of the internet imageboard 4Chan back in the early 2000s. As the very interesting and informative 2012 documentary on the group, “We Are Legion: The Story of the Hacktivists,” highlights, there is no one group called Anonymous with one set of goals or ideals. Rather there are a collection of groups and individuals that operate under the name Anonymous, often with varying agendas ranging from principle social activism to just messing with people because they can. Because of this, their actions can range from the awesome (such as their support for protesters during the Arab uprisings) to the simply mean and unnecessary (such as posting flashing animations on the website of an epilepsy support group). Anonymous is joined by groups including the Izz al-Din Qassam Cyber Fighters, whose sole aim is apparently to get the “Innocence of Muslims” video removed from YouTube. Other groups involved in OpUSA include Mauritania hackers, Muslim liberation army, antisec, and lulzsec. Over the past six months, the Qassam Cyber Fighters have successfully carried out distributed denial of service (DDoS) attacks against large American banks. The groups have been publicizing their planned operation for weeks now, and in their statement posted on the website Pastebin on April 21 they said that America will pay for the war crimes it has committed: “America you have committed multiple war crimes in Iraq, Afghanistan, Pakistan, and recently you have committed war crimes in your own country. You have killed hundreds of innocent children and families with drones, guns, and now bombs. America you have hit thousands of people where it hurts them, now it is our time for our Lulz. For this you shall pay.” For protection against your eCommerce site click here . Source: http://current.com/technology/94112350_anonymous-opusa-massive-cyber-attack-planned-for-wednesday-against-government-and-banks.htm
Read More:
Anonymous OpUSA: Massive Cyber Attack Planned For Wednesday May 8 Against Government and Banks
May 7 2013 – OpUSA hacking spree kicks off early
Islamist element in attacks. A pro-Islamic, anti-American hacking campaign appears to have jumped the gun and started early with hundreds of sites being compromised today. Set to take place on May 7 this month – thought to be US time – and targeting government sites in the US, Israel and India, the campaign is called #OpUSA. It is coordinated mainly through Twitter and postings on sites like Pastebin, with an unknown amount of participants. However, lists of compromised sites are already apppearing, with a group called “X-Blackerz Inc” claiming to have hacked “100 US websites”, posting anti-American messages. iTnews loaded some of the sites listed which have India-related domain names, and found them defaced. Elswhere, a group calling itself Charaf Anons posted a list of 73 defaced sites on Pastebin. The website of the Honolulu, Hawaii Police Department was also claimed to be hacked, but as of writing, it is not defaced and operates normally. However, the hackers say they have captured databases that include the Honolulu Police Department staff logins and passwords. Another one was also posted with names and phone numbers that iTnews was able to verify as belonging to police officers in Honolulu. There is more to come: on May 7, the hackers are threatening to release a trove of “all governments emails of USA” [sic] captured by them. From the Anonghost Twitter account Security researcher Analysis Intelligence believes OpUSA features “self-proclaimed online freedom fighters” such as the Pakistani ZCompany Hacking Crew and Palestinians Izz ad-Din al-Qassam Cyber Fighters. These and other groups have hacked thousands of websites in the past, leaked credit card information for American and Israeli individuals and launched denial of service attacks against US banks, according to Analysis Intelligence. The motive for the OpUSA attacks are political, seeking revenge against drone attacks and military action in Iraq, Afghanistan, Gaza and Pakistan, the analysts believe. For DDoS protection click here . Source: http://www.itnews.com.au/News/342192,opusa-hacking-spree-kicks-off-early.aspx
See more here:
May 7 2013 – OpUSA hacking spree kicks off early
May 7 2013 OpUSA: A Promise of Cyber Events to Come?
What will actually happen in (or to) cyberspace on May 7, 2013? That is the question that many are asking as they prepare for a promised attack from the hacktivist groups this coming week. According to an announcement in an April 24 Pastebin threat to US and Israeli Governments, “We gonna launch a big attack against The USA Network and we gonna make some Damages.” Some sources say that this is a serious threat, and government and banking enterprises need to be prepared. Govinfosecurity.com reported: “Security experts say that OperationUSA, a coordinated online attack against banking and government websites slated for May 7, is a serious threat. As a result, organizations should be upping their distributed-denial-of-service attack mitigation strategies to guard against the attacks, which are being coordinated by the hacktivist group Anonymous. Experts advise that call-center staff should be educated about DDoS attacks, in case customers call in about online outages or experience difficulty accessing accounts. And network and security teams should actively monitor Internet traffic on May 7 and take steps to block specific IP addresses.” A look at the Twitter-feed or OpUSA yields some interesting tweets, links to anti-USA videos and more. Here is one of those tweets from Cisco Security ?@CiscoSecurity: “Stay informed about the planned # OpUSA cyberattacks against government and banking infrastructure http://cs.co/9001Xc4N #security” Is the OpUSA Threat Overblown? And yet, Krebs on Security reported that the threat may be “more bark than bite.” Brian Krebs writes: “A confidential alert, produced by DHS on May 1 and obtained by KrebsOnSecurity, predicts that the attacks ‘likely will result in limited disruptions and mostly consist of nuisance-level attacks against publicly accessible webpages and possibly data exploitation. Independent of the success of the attacks, the criminal hackers likely will leverage press coverage and social media to propagate an anti-US message….’ In an interview with Softpedia, representatives of Izz ad-Din al-Qassam said they do indeed plan to lend their firepower to the OpUSA attack campaign.” My Reaction So what is Michigan government doing? While I won’t list every step taken here, I can say that we are hoping for the best, while preparing for potential issues to occur. There are a variety of scenarios, but I believe that governments need to be prepared for Distributed Denial of Service (DDoS) attacks and possibly worse. In my opinion, this is now the new normal in cyber threats, and enterprises must be prepared. I tend to also agree with DHS and Krebs that this may not be as big an issue on Tuesday as some predict. Nevertheless, we must treat this in the way that police regularly investigate other types of serious security threats. Another observation is that this may become the “new normal” regarding cyber threats. Government enterprises need to have procedures in place to react to these cyber threats and potential attacks. There are services that can be purchased from your ISP to address DDoS, and there are also other security steps that enterprises can take regarding people, process and technology improvements. Michigan has experienced a DDoS attack before, and we will likely see similar cyber attacks again. One final thought. The bad guys use these type of announcements to test our cyber defenses. They see what we do to mitigate risks or raise the alert levels on Tuesday. This information could be used in the future for unannounced online attacks. For that reason, I suggest that cyber teams deploy only the defense tool needed, when they are needed. We need to have adaptive cyber defenses that are appropriate for the specific attack situation. Or more simply, don’t openly “show your hand” to the adversary. What are you doing to prepare for Tuesday? Do you think these cyber threat announcements are becoming the new normal around the world? For protection against your eCommerce site click here . Source: http://www.govtech.com/blogs/lohrmann-on-cybersecurity/OpUSA-A-Promise-of-050413.html
View original post here:
May 7 2013 OpUSA: A Promise of Cyber Events to Come?
Week in review: CISPA, AP Twitter account hijacking and real-world consequences
Here's an overview of some of last week's most interesting news, reviews and articles: World's largest bitcoin exchange under DDoS attack Mt.Gox, the world's largest bitcoin exchange, has been d…
See the original post:
Week in review: CISPA, AP Twitter account hijacking and real-world consequences
Dutchman arrested in connection with large DDoS attack on Spamhaus
A 35-year-old Dutchman was arrested Thursday in Spain, as part of an investigation into a large-scale DDoS (distributed denial-of-service) attack that targeted a spam-fighting organization called the Spamhaus Project in March. The suspect was arrested by Spanish authorities in Barcelona based on a European arrest warrant and is expected to be transferred to the Netherlands soon, the Dutch Public Prosecution Service said Friday in a press release. The March DDoS attack against Spamhaus is noteworthy because of its very large scale and because it reportedly affected several Internet exchange nodes in Europe. Several sources, including CloudFlare, a San Francisco-based company that hosted Spamhaus’ website on its content distribution network, said at the time that the attack’s bandwidth peaked at over 300Gbps, making it the largest DDoS attack in history. However, the attack’s initially reported size was later challenged by other companies. A group called the Stophaus Movement, whose members include companies and individuals flagged as spammers by Spamhaus, took credit for the attack. The Dutch Prosecution Service did not reveal the full name of the suspect arrested Thursday in Spain and only referred to him by his initials, S. K., for privacy reasons. “He is suspected of a wide range of computer crimes,” said Wim de Bruin, a spokesman for the Dutch Public Prosecution Service. Among them is launching a DDoS attack against Spamhaus, which is a criminal offense under Dutch law. According to a source familiar with the investigation, the man arrested is Sven Kamphuis, who acted as a spokesman for the Stophaus Movement following the attack in March. However, at the time, Kamphuis denied his personal involvement in the attack and said that it was launched by Stophaus members from China and Russia. Kamphuis runs a network provider called CB3ROB that was blacklisted by Spamhaus for hosting spam botnets and extortion scams. CB3ROB provided services for a controversial Dutch hosting company called CyberBunker.com that allows its customers to “host any content they like, except child porn and anything related to terrorism.” For protection against your eCommerce site click here . Source: http://www.pcworld.com/article/2036494/dutchman-arrested-in-connection-with-large-ddos-attack-on-spamhaus.html
Read this article:
Dutchman arrested in connection with large DDoS attack on Spamhaus
Who to call when hit by a DDoS attack
Recent reports all point to the same fact: despite the different motives of the attackers, DDoS attack have become more frequent and more intense. So what are businesses and organizations to do? …
Continue reading here:
Who to call when hit by a DDoS attack
Charles Schwab website recovers after second day of cyber attacks
Charles Schwab Corp said it was the target of a cyber attack that prevented access to its website intermittently for about an hour on Wednesday, the second such attack in as many days, but that the problem had been resolved. Schwab, one of the largest U.S. brokerages, said on Tuesday afternoon it was that target of a distributed denial of service attack – an attack that floods websites with traffic in order to block access – that left clients unable to trade through the site for two hours. Phone service was available during both attacks, although responses were slower than usual due to the large number of people calling in, said Schwab spokesman Greg Gable. He said clients who believe they were affected by the outage can call 1-800-435-4000 to talk with a Schwab representative. The attacks did not impact client data or accounts, Gable added. Schwab said it is actively investigating the attacks but could not provide further information. The San Francisco-based company had 8.9 million active brokerage accounts and $2.1 trillion in total client assets at the end of the last quarter. For protection against your eCommerce site click here . Source: http://www.csmonitor.com/Business/Latest-News-Wires/2013/0424/Schwab-website-recovers-after-second-day-of-cyber-attacks
Original post:
Charles Schwab website recovers after second day of cyber attacks
This is what a DDoS attack looks like
By now, almost everyone has at least heard or seen the term DDoS. Unless you’re fairly geeky, however, you might not know what a distributed denial-of-service attack is or how one works. Even if you are a dyed-in-the-wool geek, chances are you don’t know what a DDoS attack looks like . Thanks to the security staff at VideoLan, developers of the highly popular VLC media player, you can now catch a glimpse. This is what it’s like to be on the receiving end: According to VideoLan’s Ludovic Fauvet, the servers at get.videolan.org have been dealing with around 400 requests every second. A pattern was quickly identified in the attacks, however, which allowed Fauvet and his teammates to cut the bad guys off at the pass. By singling out a common user agent, they’ve been able to tweak Nginx to leave those connections lingering in limbo. Right now, the DDoS requests aren’t accomplishing anything more than generating HTTP 403 errors. Prior to fortifying their defenses, the VideoLan crew was seeing around 200 downloads of VLC every second — which totalled nearly 30Gbps. Here’s a quick comparative: the massive DDoS that took down Wikipedia was pushing about 10 gigabits every second. So who’s behind the attack on VideoLan and what’s the motivation? That’s not known just yet, but thankfully the team in France should be able to plug away in the interim. They won’t let something like a DDoS stand in the way of delivering that fancy, new Windows 8 app to their backers. For protection against your eCommerce site click here . Source: http://www.geek.com/news/vulnerability-in-ruby-on-rails-could-bring-200000-sites-down-1535400/
Taken from:
This is what a DDoS attack looks like