Security Research
Showing results for 
Search instead for 
Do you mean 

HP Security Research OSINT (OpenSource Intelligence) articles of interest--June 6, 2014

SR-FI_Team ‎06-06-2014 08:41 AM - edited ‎06-06-2014 08:41 AM

Key Articles of Interest

 

Peek Inside a Professional Carding Shop
Over the past year, I’ve spent a great deal of time trolling a variety of underground stores that sell “dumps”--street slang for stolen credit card data that buyers can use to counterfeit new cards and go shopping in big-box stores for high-dollar merchandise that can be resold quickly for cash.

 

DOD: ANNUAL REPORT TO CONGRESS Military and Security Developments Involving the People’s Republic of China 2014
THE PEOPLE’S REPUBLIC OF CHINA (PRC) continues to pursue a long-term, comprehensive military modernization program designed to improve the capacity of its armed forces to fight and win short-duration, high-intensity regional contingencies.

 

Sold Down the River
A world-wide scan of the Intelligent Platform Management Interface (IPMI) protocol identified over 230,000 Baseboard Management Controllers (BMCs) exposed to the internet, of which upwards of 90% could be compromised by just a handful of basic configuration and protocol weaknesses.

 

Inside an attack by the Syrian Electronic Army
The Syrian Electronic Army (SEA) has become a bit of a name brand as far as low-level hacking groups are concerned. Their methods are simple, but effective. They spend most of their energy on propaganda and self-promotion, but lately they’ve taken to targeting media organizations (or the people associated with them), and IDG Enterprise is no exception.

 

Syrian Electronic Army responds to attack article
Earlier this week, Salted Hash published a first-hand account of an attack by the Syrian Electronic Army (SEA) against IDG Enterprise. Later that same day, one of the group’s members responded. The first response from the SEA was a message that included an IDG staffer’s email address and password. This information was presented for shock value, as a way to prove that the SEA were in fact successful in their Phishing attack against IDG.

 

Cyberspace 2025 Today’s Decisions, Tomorrow’s Terrain
What will cyberspace look like 25 years into the new millennium? By 2025, more than 91 percent of people in developed countries and nearly 69 percent of those in emerging economies will be using the Internet. Internet dependence will not just be a concept, but rather the new reality.

 

Avoiding a War on Unauthorized Computation: Why Exploit Regulation is the Biggest Danger to Coder Freedom and Future Security
In recent cyber-security discussions, several parties compared exploits with weapons (e.g., referred to development and sale of exploits as “arms dealing”) and called for legal intervention and regulation in the name of protecting user security and privacy.

 

An Analysis of PlugX Using Process Dumps from High-Resolution Malware Analysis
Targeted attacks and so-called APTs (advanced persistent threats) come in many forms and colors. Very often, in-house malware analysis teams want to go beyond the detection information offered by traditional analysis systems (which often only says if a program looks malicious or not).

 

This Is What Happens When You Hack and Extort the ‘Bitcoin Jesus’
When the man known as “The Bitcoin Jesus” got hacked, he didn’t go straight to the police. He just tapped the power of bitcoin.

 

Thank you for reading. If you missed last-week's articles, you can read them here

0 Kudos
About the Author

SR-FI_Team

Labels
Events
Aug 29 - Sep 1
Boston, MA
HPE Big Data Conference 2016
Attend HPE’s Big Data Conference on August 29 - September 1, 2016 to learn from peers in every industry and hear from Big Data experts and thought lea...
Read more
Sep 13-16
National Harbor, MD
HPE Protect 2016
Protect 2016 is our annual conference on September 13 - 16, 2016, and is the place to meet the world’s top information security talent, discuss new pr...
Read more
View all