What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-02-01 14:37:29 | CyberheistNews Vol 12 #05 [Heads Up] DHS Sounds Alarm on New Russian Destructive Disk Wiper Attack Potential (lien direct) |
![CyberheistNews Vol 12 #05 [Heads Up] DHS Sounds Alarm on New Russian Destructive Disk Wiper Attack Potential](https://blog.knowbe4.com/hubfs/Stu_Headshot_2021_resize.png)
|
Ransomware Malware Hack Tool Threat Guideline | NotPetya NotPetya Wannacry Wannacry APT 27 APT 27 | |
 |
2021-02-17 21:12:56 | U.S. Indicts North Korean Hackers in Theft of $200 Million (lien direct) | The U.S. Justice Department today unsealed indictments against three men accused of working with the North Korean regime to carry out some of the most damaging cybercrime attacks over the past decade, including the 2014 hack of Sony Pictures, the global WannaCry ransomware contagion of 2017, and the theft of roughly $200 million and attempted theft of more than $1.2 billion from banks and other victims worldwide. | Ransomware Hack | Wannacry Wannacry | |
 |
2019-09-13 20:16:20 | North Korean Hackers Behind WannaCry and Sony Hack Sanctioned by USA (lien direct) | The U.S. Treasury signed sanctions against three hacking groups actively engaged in cyber operations meant to bring financial assets to the government of North Korea.. [...] | Hack | Wannacry | |
 |
2018-10-14 04:57:46 | How to irregular cyber warfare (lien direct) | Somebody (@thegrugq) pointed me to this article on "Lessons on Irregular Cyber Warfare", citing the masters like Sun Tzu, von Clausewitz, Mao, Che, and the usual characters. It tries to answer:...as an insurgent, which is in a weaker power position vis-a-vis a stronger nation state; how does cyber warfare plays an integral part in the irregular cyber conflicts in the twenty-first century between nation-states and violent non-state actors or insurgenciesI thought I'd write a rebuttal.None of these people provide any value. If you want to figure out cyber insurgency, then you want to focus on the technical "cyber" aspects, not "insurgency". I regularly read military articles about cyber written by those, like in the above article, which demonstrate little experience in cyber.The chief technical lesson for the cyber insurgent is the Birthday Paradox. Let's say, hypothetically, you go to a party with 23 people total. What's the chance that any two people at the party have the same birthday? The answer is 50.7%. With a party of 75 people, the chance rises to 99.9% that two will have the same birthday.The paradox is that your intuitive way of calculating the odds is wrong. You are thinking the odds are like those of somebody having the same birthday as yourself, which is in indeed roughly 23 out of 365. But we aren't talking about you vs. the remainder of the party, we are talking about any possible combination of two people. This dramatically changes how we do the math.In cryptography, this is known as the "Birthday Attack". One crypto task is to uniquely fingerprint documents. Historically, the most popular way of doing his was with an algorithm known as "MD5" which produces 128-bit fingerprints. Given a document, with an MD5 fingerprint, it's impossible to create a second document with the same fingerprint. However, with MD5, it's possible to create two documents with the same fingerprint. In other words, we can't modify only one document to get a match, but we can keep modifying two documents until their fingerprints match. Like a room, finding somebody with your birthday is hard, finding any two people with the same birthday is easier.The same principle works with insurgencies. Accomplishing one specific goal is hard, but accomplishing any goal is easy. Trying to do a narrowly defined task to disrupt the enemy is hard, but it's easy to support a group of motivated hackers and let them do any sort of disruption they can come up with.The above article suggests a means of using cyber to disrupt a carrier attack group. This is an example of something hard, a narrowly defined attack that is unlikely to actually work in the real world.Conversely, consider the attacks attributed to North Korea, like those against Sony or the Wannacry virus. These aren't the careful planning of a small state actor trying to accomplish specific goals. These are the actions of an actor that supports hacker groups, and lets them loose without a lot of oversight and direction. Wannacry in particular is an example of an undirected cyber attack. We know from our experience with network worms that its effects were impossible to predict. Somebody just stuck the newly discovered NSA EternalBlue payload into an existing virus framework and let it run to see what happens. As we worm experts know, nobody could have predicted the results of doing so, not even its creators.Another example is the DNC election hacks. The reason we can attribute them to Russia is because it wasn't their narrow goal. Instead, by looking at things like their URL shortener, we can see that they flailed around broadly all over cyberspace. The DNC was just one of thei | Hack Guideline | Wannacry | |
 |
2018-09-25 03:00:00 | The Sony hacker indictment: 5 lessons for IT security (lien direct) | In August 2018, the US Department of Justice (DoJ) unsealed the indictment of a North Korean spy, Park Jin Hyok, whom they claim was behind the hack against Sony and the creation and distribution of the WannaCry ransomware. The 170-plus-page document was written by Nathan Shields of the FBI's LA office and shows the careful sequence of forensic analysis they used to figure out how various attacks were conducted. | Hack | Wannacry | |
 |
2018-09-07 18:26:02 | North Korean hacker charged for WannaCry and Sony cyberattacks (lien direct) | U.S. charges North Korean hacker for WannaCry, Sony cyber attacks The U.S. government on Thursday charged and sanctioned a North Korean hacker for the 2014 Sony hack and the 2017 WannaCry global ransomware cyberattack, U.S. officials said. The accused, Park Jin Hyok worked as part of a team of hackers, also known as the Lazarus […] | Ransomware Hack | Wannacry APT 38 | |
 |
2018-09-07 09:22:01 | US charges North Korea agent over Sony Pictures hack and WannaCry (lien direct) | The U.S. Department of Justice charged a North Korea agent over WannaCry and 2014 Sony Pictures Entertainment Hack. The U.S. Department of Justice announces charges against a North Korean government spy that was involved in the massive WannaCry ransomware attack and the 2014 Sony Pictures Entertainment hack. “the Justice Department charged on Thursday in a 174-page criminal complaint that detailed how […] | Ransomware Hack | Wannacry | |
 |
2018-09-06 15:35:00 | DOJ to charge North Korean officer for Sony hack and WannaCry ransomware (lien direct) | After charging Chinese, Iranian, and Russian cyberspies, US preparies indictment against North Korean officer. | Ransomware Hack | Wannacry | |
 |
2018-09-06 10:31:03 | U.S. to Charge North Korean Spy Over WannaCry and Sony Pictures Hack (lien direct) | The U.S. Department of Justice is preparing to announce criminal charges against a North Korean government spy in connection with the 2017 global WannaCry ransomware attack and the 2014 Sony Pictures Entertainment hack.
According to multiple government officials cited by the NY Times who are familiar with the indictment, the charges would be brought against Park Jin Hyok, who works for North
|
Ransomware Hack | Wannacry |
1
We have: 9 articles.
We have: 9 articles.
To see everything:
Our RSS (filtrered)
