• For the advancement of human knowledge impacting on the way they interact and use information.

  • Hass and Associates provides news, analysis, opinion, information and services for the IT community, the role of technology in improving organizations in all sectors of business and public life.

  • Hackers are staunch supporters of open-source software and freeware because of the nature behind those that allow them to access the source code .

  • Handy tips and tricks on the web, operating systems and major programs for hacking n00bs and the general population.

  • Through the advancement of technology to share knowledge, know the risks and know the solutions as well.

Next
Previous

Tuesday, May 26, 2015

0

Hass and Associates Cyber Security: Web sites attacks around Australia are shorter but bigger

Posted in , ,
Web sites attackers are utilizing shorter bursts of activity to infiltrate servers and systems inside a large way, in comparison towards the relaxation of Web sites attacks in Asia-Off-shore.

Arbor Networks' first-quarter Active Threat Level Analysis System (ATLAS) set of distributed denial-of-service (Web sites) attacks demonstrated that Australia possessed a shorter time period of Web sites attack activity, however that the attacks were greater in scale, as compared to the relaxation of Asia-Off-shore.

Arbor Systems discovered that the attack length around Australia throughout the very first quarter of 2015 was 22 minutes, versus 46 minutes in Asia-Off-shore. Consequently, nearly all attacks were so short resided that 96 percent survived under 1 hour, in comparison to Asia-Off-shore, where 90 % of attacks survived under an hour or so.

However, the typical size Web sites attacks around Australia were 1.25Gbps roughly two times as large because the average attack recorded in Asia-Off-shore.

"Rapid time period of attacks reported in Q1 is interesting. Short bursts of Web sites attack activity require automated defences to safeguard against them," stated Nick Race, Australia country manager for Arbor Systems.

"Operators around Australia absolutely should be aware. On-premise Web sites protection is important for recognition and minimization of attacks, enabling bad visitors to be scrubbed within an immediate and automatic fashion."

Based on Arbor Systems, attackers utilized reflection amplification techniques on network time protocol, simple service discovery protocol (SSDP), and DNS servers.

Around Australia, SSDP capped their email list for many common individual reflection attack within the first quarter, using the biggest reported at 26Gbps. However the biggest individual attack was an NTP reflection attack which was recorded at 51Gbps.



Sunday, May 17, 2015

0

NuData Security reveals improvements to online fraud detection engine

Posted in ,
Software development company NuData Security recently revealed its enhancements to its online fraud detection engine called NuDetect, according to Hass and Associates Cyber Security.

They added new powerful anti-fraud tools, based on continuous behavioral analysis and compiled behavioral biometric data. This enables them to significantly reduce the probability of fraud while also avoiding false positives.

NuDetect's expanded array of behavioral biometric sensors achieves 97 percent accuracy in verifying a user's identity. Its improved user interface acts as an "early warning system" that makes high-risk events easily accessible to security teams. This enhancement allows detection as early as 15 days before a fraud attempt is made wherein it provided the client with sufficient time to track, discover and avoid fraudulent transactions from happening.

Institutions that fall victim to fraud are at risk of losing large amount of money and customers, and suffering long-term brand damage. To avoid additional damages, NuDetect provides an immediate solution through behavior-based fraud detection, real-time detection and mitigation, faster development, historical context awareness, invisible implementation, and reducing cost and workload.

Furthermore, NuDetect utilizes behavioral biometric to greatly improve on traditional device identity and deliver far more intelligence than traditionally available, without interrupting a user's experience. It monitors activity in real time that allows the client to easily take action against fraud because the system shows fraudsters' intent before they have a chance to penetrate and do damage. It also allows for deployment in just a couple of days so that companies are equipped to defend against fraud as quickly as possible.

NuDetect also uses historical cross-session and cross-cloud behavior patterns stored in the NuData cloud. This provides outstanding accuracy and security from day one. Institutions are able to determine risk and deploy necessary security countermeasures only to the most suspicious actors.

With this platform, more back-end work is completed in advance, therefore lowering institutions' expenses and developer needs. Moreover, these institutions need to do less work to customize how data is sent, further improving deployment time.

Nowadays, it is obvious that attackers become more sophisticated in terms of identity theft, therefore institutions must quickly implement strong fraud detection measures. NuDetect's improved features put highly effective anti-fraud tools into the clients' hands. It provides clients with a more in-depth view in how fraud attacks functions and the full fraud lifecycle, instead of focusing only at the fraudulent purchase of goods.


The company of NuData Security predicts and prevents online fraud, protecting businesses from brand damage and financial loss caused by fraudulent or malicious attacks. NuData Security analyzes and scores billions of users per year and services some of the largest e-commerce and web properties worldwide.

Tuesday, May 12, 2015

3

‘Trojan.Laziok’ malware targets energy companies

Posted in ,
Malicious software called ‘Trojan.Laziok’ was recently revealed by the researchers of an American technology company called Symantec.

Based upon the report of Hass and Associates Cyber Security, the malware is known to be a part of an ongoing worldwide espionage campaign wherein it targets energy companies worldwide especially in the Middle East.

Attacks are launched through spam emails from a moneytrans.eu domain. Those emails contain an attached Microsoft Excel file wherein it activates a backdoor that gives the hackers a crucial view into the targeted computer.

The malware collects system data including the name of the computer, CPU and GPU details, installed software, hard disk and RAM size, as well as what antivirus software was installed. Immediately after, it uploads those data towards the attackers and then downloads additional malware such as Backdoor.Cyberat and Trojan.Zbot.

Petroleum, gas and helium companies were most often targeted in the United Arab Emirates, Saudi Arabia, Pakistan and Kuwait. Based on a report obtained by Hass and Associates Cyber Security, whoever is behind these attacks may have an intentional interest in the activities of the affected companies.

Attacks rarely happened on energy companies in other countries like India, United Kingdom, and the United States.

Symantec also claims that “the group behind the attack does not seem to be particularly advanced, as they exploited an old vulnerability and use their attack to distribute well-known threats that are available in the underground market.”


The attack is simple and outdated which clearly shows the significance of frequently updating all software because organizations nowadays fail to follow basic security guidelines which includes updating the software running on a secure system.

Sunday, May 3, 2015

0

Hewlett-Packard partners with cybersecurity firm FireEye

Posted in ,
The prominent cybersecurity firm FireEye, Inc. and tech giant Hewlett-Packard (HP) recently announced a partnership to develop advanced threat protection.

Hass and Associates Cyber Security perceives this as one of the coming wave of alliances between small and large tech companies aiming to strengthen their security.

The deal that will expand Milpitas-based FireEye’s reach was announced at the RSA Conference on security that is held in San Francisco.

This year’s conference has 500 exhibitors, compared with 400 last year.

The interest in cybersecurity has been heightened in the conference because of the attacks on big companies for the past two years such as Sony, Target Corporation, JPMorgan Chase, Anthem Inc., and Home Depot.

CEO and Chairman of the Board of FireEye, Dave DeWalt defined the deal as “capability meets scale” during an interview before the announcement.

In addition, the two other alliances announced by HP were cloud security partnerships with Los Angeles-based Securonix and Palo Alto-based Adallom.

Securonix is a provider of security intelligence platform for monitoring security events. It also identifies and access data to detect insider threats and advanced targeted attacks. While Adallom is a cloud security firm with research headquarters in Israel.

HP described the alliances as developing an advanced cyber defense emphasizing the protection of users’ interactions, applications and data, rather than the old practice of securing the perimeter, in which data flows were restricted in the interests of security.

Although HP has its own large security team, given the threat level, HP needs a FireEye which has a next-generation security platform.

HP’s own security professionals can now bring in FireEye’s technology and the investigative group from Mandiant.

On December 30, 2013, FireEye acquired Mandiant in a stock and cash deal worth in more than $1 billion.

In February 2013, Mandiant rose to prominence when it released a report documenting evidence of cyber-attacks by the Chinese People’s Liberation Army targeting at least 141 organizations in the United States and other English-speaking countries extending as far back 2006.

Mandiant’s main services are expensive. However, the deal will bring a co-branded version of its services to smaller companies.

Executive Vice President of HP Enterprise Services, Mike Nefkens said that the partnership will beef up HP’s security portfolio. HP and FireEye are making it possible for their clients to analyze and improve their defenses before the next attack with the most advanced cybersecurity protection available today.

HP also reaches many countries where FireEye has a smaller presence including Africa, Middle East, and Europe.


FireEye also announced a partnership with Israeli security provider Check Point Software Technologies to share threat intelligence to protect customers from modern advanced attacks.

Monday, March 30, 2015

0

Hass and Associates Cyber Security: Botnets inflate Twitch viewership

Posted in ,
With the boom in online streaming these days, it's only expected that people will get creative and game the system to earn more money. In the case of streaming site Twitch — known for its community of gamers — it appears that some of its broadcasters are using botnet-for-hire services to illegally get those "millions" of viewers.

IT security company Symantec has released a report last week that some websites are openly advertising services that can generate big numbers of viewers on Twitch as well as on other streaming websites. One of the services identified claim to generate 5 separate streams from a single infected PC, with all the streams muted and hidden. Some add-ons on such services could also include automated chats that are programmed to send in comments during the live stream like normal users.

A botnet is a PC connected online that is used to do a task, so practically any PC can be used for this purpose even without the owner knowing. It can be hijacked to covertly perform a task from the attacker on the background and still function as it normally would, hence lowering the possibility of discovery. Aside from those, Hass and Associates Cyber Security also found out that botnets could replicate automatically to other legit viewers by links in the chat of a stream, for instance. The malware could also make itself look like an update from Google or Adobe to infect a PC.

According to Twitch's report in January, their stats for 2014 include 10,000 partnered channels, 100 million unique viewers every month and 1 million concurrent viewers. While there are partner channels that are operating legitimately, others are fraudulently boosting their viewership numbers in order to become a partner. No surprise there since becoming a Twitch partner comes with advantages like pre-stream ads and ability to get donations.

However, they have to get a consistent average of 500 viewers. That's where the botnet-for-hire comes in. Different packages are being offered with options to gain you followers, chatters and live viewers courtesy of bots. One of the service providers claims to give you 40 chatters and 100 viewers for as little as USD 30.

Lionel Payet of Symantec said, "While many broadcasters stream their gameplay online as a hobby, some have managed to turn it into a well-paid full time job. Over the past few years, this business model has grown sharply, so it's unsurprising that scammers are piggybacking on the industry in a parallel underground economy."

A connection between this discovery of botnet use and the security breach last week where stream keys, IP information and user credentials were compromised has yet to be proven, according to Hass and Associates Cyber Security. But as Payet puts it, "If a user's computer is compromised by any malware, then their info is always exposed."

Meanwhile, Twitch has responded with a statement from its Vice President of Marketing: "These illegal services are a long-standing issue that is not unique to Twitch. We detect when they are used and deal with them in a layered approach including legal action, tech solutions, and human monitoring."

There would certainly be backlash from the legit broadcasters of Twitch if this is proven to be true. For now, the question is, how many user accounts in Twitch are actually bots and just how many broadcasters have been availing of their services.

Tuesday, March 24, 2015

0

Hass & Associates Online Reviews on the Evolution of Hacking

Posted in ,
Computer hacking was once the realm of curious teenagers. It's now the arena of government spies, professional thieves and soldiers of fortune.

Today, it's all about the money. That's why Chinese hackers broke into Lockheed Martin and stole the blueprints to the trillion-dollar F-35 fighter jet. It's also why Russian hackers have sneaked into Western oil and gas companies for years.

The stakes are higher, too. In 2010, hackers slipped a "digital bomb" into the Nasdaq that nearly sabotaged the stock market. In 2012, Iran ruined 30,000 computers at Saudi oil producer Aramco.

And think of the immense (and yet undisclosed) damage from North Korea's cyberattack on Sony Pictures last year. Computers were destroyed, executives' embarrassing emails were exposed, and the entire movie studio was thrown into chaos.

It wasn't always this way. Hacking actually has some pretty innocent and harmless beginnings.

CURIOSITY CREATED THE HACKER

The whole concept of "hacking" sprouted from the Massachusetts Institute of Technology nearly 50 years ago. Computer science students there borrowed the term from a group of model train enthusiasts who "hacked" electric train tracks and switches in 1969 to improve performance.

These new hackers were already figuring out how to alter computer software and hardware to speed it up, even as the scientists at AT&T Bell Labs were developing UNIX, one of the world's first major operating systems.

Hacking became the art of figuring out unique solutions. It takes an insatiable curiosity about how things work; hackers wanted to make technology work better, or differently. They were not inherently good or bad, just clever.

In that sense, the first generation of true hackers were "phreakers," a bunch of American punks who toyed with the nation's telephone system. In 1971, they discovered that if you whistle at a certain high-pitched tone, 2600-hertz, you could access AT&T's long-distance switching system.

They would make international phone calls, just for the fun of it, to explore how the telephone network was set up.

This was low-fi stuff. The most famous phreaker, John Draper (aka "Cap'n Crunch) earned his nickname because he realized the toy whistle given away in cereal boxes emitted just the right tone. This trained engineer took that concept to the next level by building a custom "blue box" to make those free calls.

This surreptitious little box was such a novel idea that young engineers Steve Wozniak and Steve Jobs started building and selling it themselves. These are the guys who would later go on to start Apple.

Wire fraud spiked, and the FBI cracked down on phreakers and their blue boxes. The laws didn't quite fit, though. Kids were charged with making harassing phone calls and the like. But federal agents couldn't halt this phenomenon.

A tech-savvy, inquisitive and slightly anti-authoritarian community had been born.

A NEW WAVE OF HACKERS

The next generation came in the early 1980s, as people bought personal computers for their homes and hooked them up to the telephone network. The Web wasn't yet alive, but computers could still talk to one another.

This was the golden age of hacking. These curious kids tapped into whatever computer system they could find just to explore. Some broke into computer networks at companies. Others told printers at hospitals hundreds of miles away to just spit out paper. And the first digital hangouts came into being. Hackers met on text-only bulletin board systems to talk about phreaking, share computer passwords and tips.

The 1983 movie "War Games" depicted this very thing, only the implications were disastrous. In it, a teenager in Washington state accidentally taps into a military computer and nearly brings the world to nuclear war. It's no surprise, then, that the FBI was on high alert that year, and arrested six teenagers in Milwaukee -- who called themselves the 414s, after their area code -- when they tapped into the Los Alamos National Laboratory, a nuclear weapon research facility.

Nationwide fears led the U.S. Congress to pass the Computer Fraud and Abuse Act in 1986. Breaking into computer systems was now a crime of its own.

The damage of hacking started getting more serious, too. In 1988, the government's ARPAnet, the earliest version of the Internet, got jammed when a Cornell University graduate student, curious about the network's size, created a self-replicating software worm that multiplied too quickly.

The next year, a few German hackers working for the Russian KGB were caught breaking into the Pentagon. In 1990, hacker Kevin Poulsen rigged a Los Angeles radio station's phone system to win a Porsche, only to be arrested afterward.

The cat-and-mouse game between law enforcement and hackers continued throughout the 1990s. Some hacked for money. Russian mathematician Vladimir Levin was caught stealing $10 million from Citibank. Others did it for revenge. Tim Lloyd wiped the computers at Omega Engineering in New Jersey after he was fired.

But hacks were still more of an annoyance than anything devastating, though it was quickly becoming apparent that the potential was there. The stock market, hospitals, credit card transactions -- everything was running on computers now. There was a bone-chilling moment when a ragtag group of hackers calling themselves L0pht testified before Congress in 1998 and said they could shut down the Internet in 30 minutes.

The danger was suddenly more real than ever.

FROM CURIOSITY TO CRIMINAL

The ethos was starting to change, too. Previously, hackers broke into computers and networks because they were curious and those tools were inaccessible. The Web changed that, putting all that stuff at everyone's fingertips. Money became the driving force behind hacks, said C. Thomas, a member of L0pht who is known internationally as the hacker "Space Rogue."

An unpatched bug in Windows could let a hacker enter a bank, or a foreign government office. Mafias and governments were willing to pay top dollar for this entry point. A totally different kind of black market started to grow.

The best proof came in 2003, when Microsoft started offering a $5 million bounty on hackers attacking Windows.

"It's no longer a quest for information and knowledge by exploring networks. It's about dollars," Thomas said. "Researchers are no longer motivated to get stuff fixed. Now, they say, 'I'm going to go looking for bugs to get a paycheck - and sell this bug to a government.' "

Loosely affiliated amateurs were replaced by well-paid, trained professionals. By the mid-2000s, hacking belonged to organized crime, governments and hacktivists.

FIRST, CRIME: Hackers around the world wrote malicious software (malware) to hijack tens of thousands of computers, using their processing power to generate spam. They wrote banking trojans to steal website login credentials.

Hacking payment systems turned out to be insanely lucrative, too. Albert Gonzalez's theft of 94 million credit cards from the company TJX in 2007 proved to be a precursor to later retailer data breaches, like Target, Home Depot and many more.

Then there's government. When the United States wanted to sabotage the Iranian nuclear program in 2009, it hacked a development facility and unleashed the most dangerous computer virus the world has ever seen. Stuxnet caused the Iranian lab computers to spin centrifuges out of control.

This was unprecedented: a digital strike with extreme physical consequences.

Similarly, there's proof that Russia used hackers to coordinate its attack on Georgia during a five-day war in 2008, taking out key news and government websites as tanks rolled into those specific cities.

Then there are hacktivists. The populist group Anonymous hacks into police departments to expose officer brutality and floods banks with garbage Internet traffic. A vigilante known as "The Jester" takes down Islamic jihadist websites.

What exists now is a tricky world. The White House gets hacked. Was it the Russian government or Russian nationalists acting on their own? Or freelance agents paid by the government? In the digital realm, attribution is extremely difficult.

Meanwhile, it's easier than ever to become a hacker. Digital weapons go for mere dollars on easily accessible black markets online. Anonymity is a few clicks away with the right software. And there are high-paying jobs in defending companies like Google or JPMorgan Chase -- or attacking them.

As a result, law enforcement tolerance for hacking has fallen to zero. In 1999, the hacker Space Rogue exposed how FAO Schwarz's website was leaking consumer email addresses and forced the company to fix it. He was cheered. When Andrew Auernheimer (known as "weev") did the same thing to AT&T in 2010, he spent more than a year in prison until his case was overturned on a technicality.

The days of mere curiosity are over.

Saturday, March 21, 2015

0

Hass & Associates Online Reviews: The threat of fraud is evolving; are your controls?

Posted in ,

When asked, many business owners will flat out deny that fraud or misconduct could be happening in their organization. Their denial is usually based on the belief that appropriate controls are in place or that every employee is loyal and trustworthy. Sadly there are many examples where controls and loyalty are absent. The result can be a catastrophic loss.

In the 2014 MNP fraud survey, 33% of the businesses surveyed in British Columbia reported having been the victim of fraud. Immediately following the incident, business owners believed their fraud risk was higher. Five years after the event, their perceived risk reduced to the same level as that of non-victims, with only 2% rating their fraud risk as high. While the reason for the reduced concern is not known, it appears that complacency regarding the threat increases as the event becomes distant.

The results also showed that the risk of fraud increased with the number of employees: 49% of businesses with 25 or more employees reported having been a victim of fraud, versus 26% of companies with fewer than 25 employees. In other words, at least one-quarter of businesses suffer some form of fraud, with the percentage increasing with the number of employees.

In order for a business to manage its fraud risk, owners must accept the likelihood that their business can be a victim. An over-reliance on trust is often a factor in employees being able to commit fraud. While trust within an organization is important to generate growth and innovation, trust is not a control. Checks and balances need to be implemented and communicated to demonstrate that assets will be protected.

In the MNP survey, internal controls were credited with identifying 35% of the fraud cases, and tips/whistleblowers were credited with identifying 25%. These statistics support the hypothesis that an ethical environment with appropriate policies and controls better protects the organization.

So how do you promote innovation and growth without accepting too much risk? The first step is to understand the business environment and then design controls to effectively manage the risks that can impair growth, profitability and reputation.

At inception, the business owner is often very hands-on and will have a feel for how everything is working. As the business grows, the owner has less time to personally monitor operations. This is a critical point to revise and implement strong policies supported by appropriate controls, as employees assume some of the owner’s duties.

Design a hiring process that attracts employees with an ethical compass that best matches your expectations. Ensure you know as much about prospective employees as possible. Identify gaps in their resumés, as they might indicate a previous problem. If hiring someone with key responsibility, complete a thorough credit and criminal record check along with Internet searches for negative news stories or postings, and verify.

The development of controls at a point in time is not the end of the story. Businesses change and evolve, and so should controls. This is not limited to internal changes in process. Consider external factors such as changes in regulations, accessing foreign markets and changes in technology.

Computers and Internet connectivity have increased organizations’ exposure to fraud. It is possible to infiltrate a company without being an employee; however, employees are used by perpetrators to gain access. This can be done through phishing emails, computer hacking or downloading of applications containing malware. Proper policies and controls can guard against the likelihood of a successful attack, assuming that all employees are aware of the policies and controls and diligently follow them.

Even if proper policies and controls exist, they will not be effective sitting on a shelf or in an employee’s inbox. Too often, a control is carefully designed but is not followed because the employee is not aware of the control, does not understand the control and therefore ignores it or is simply too busy to properly complete all the steps. Communication and education are critical for creating an environment where key controls are respected.

Once controls are developed and implemented, it is incumbent on management to regularly check that the procedures are being followed. For example, maximum speed signs are posted on all major roadways, but there is still a need for police to remind drivers to obey the speed limit. If employees know that management is checking compliance with policies and controls, they will more likely follow them. Additionally, if employees do not understand the relevance of a task, they are less likely to complete it and more likely to spend time on other activities that result greater perceived value.