Even More Cyber Military!
It’s no longer surprising news to hear of state-level military and intelligence units hacking the ever-living crap out of everything, but it’s still interesting to keep up with revelations as they become public. First up is US-CERT releasing details on North Korea’s DDoS botnet, codenamed HIDDEN COBRA.
While the report recommends that DHS further investigate North Korean cyber and hacking capabilities, it does make clear that this infrastructure takes advantage of older and unsupported Windows systems, as well as Adobe Flash and Microsoft Silverlight vulnerabilities.
If you still haven’t uninstalled Adobe Flash, you should strongly consider isolation between those systems and anything valuable on your systems. Thankfully, this isn’t a problem where experts just tell users to go patch, as CERT has released multiple Indicators of Compromise (IoCs) and YARA rules in their report, enabling administrators to root out and report HIDDEN COBRA infections.
Next, is probably the billionth tiny step towards a ghost-in-the-shell-esque fully cyber-integrated military, with the Pentagon experimenting with embedding specialists in electronic warfare into ground troops, as well as within opposing forces in training exercises.
One example of the change this introduces is using a jammer to disrupt radio communications for a tank assault, stopping the assault and leaving the unit vulnerable to decimating ambush. Others include spying on military communications, or sowing confusion with disinformation. One can only hope that this means we’ll see 802.11 antennas and wifi pineapples at army surplus outlets soon!
Also, police are now routinely extracting information from cellphones of arrestees using forensics tools, an ongoing investigation has revealed. As a computer in your pocket that records everything you do, this leaves the police with a detailed map of the life of anyone they arrest.
Given the hundreds of times these forensic extraction devices (Read more...)
*** This is a Security Bloggers Network syndicated blog from Cylance Blog authored by Cylance Research and Intelligence Team. Read the original post at: https://threatmatrix.cylance.com/en_us/home/this-week-in-security-6-16-2017.html