dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
835
share rss forum feed


drew
Automatic
Premium
join:2002-07-10
Port Orchard, WA
kudos:6

3 recommendations

The "Red October" Campaign

»www.securelist.com/en/blog/785/T···Agencies

Quite the write-up.

Some key points:
•Vulnerabilities that have long since been patched are continued to be exploited today.
•The Advanced Persistent Threat exists.
•Users continue to play a huge role in letting malware invade an information system.
--
flickr | 'Cause I've been waiting, all my life just waiting
For you to shine, shine your light on me



siljaline
I'm lovin' that double wide
Premium
join:2002-10-12
Montreal, QC
kudos:17
Reviews:
·Bell Sympatico

1 recommendation

Re: The "Red October" Campaign

Java exploit used in Red October cyberespionage attacks, researchers say.
»www.cso.com.au/article/446570/ja···ers_say/
Every Month is Red October
»www.f-secure.com/weblog/archives···486.html
Red October cyber-espionage campaign targeted high-level government entities for 5 years
»www.infosecurity-magazine.com/vi···5-years/
'Red October' Cyber Espionage Campaign Rivals Flame in Complexity
»www.securityweek.com/red-october···mplexity

--
You don't have to be a potential acquisition for us to want to work with you


Kearnstd
Space Elf
Premium
join:2002-01-22
Mullica Hill, NJ
kudos:1
reply to drew

I am guessing since its known to exist, Red October is not exactly running silent any longer.
--
[65 Arcanist]Filan(High Elf) Zone: Broadband Reports



drew
Automatic
Premium
join:2002-07-10
Port Orchard, WA
kudos:6
reply to drew

I am saddened, although not surprised, at the lack of response this is getting here.

Is this really an InfoSec forum or more of a chat room?



AVD
Respice, Adspice, Prospice
Premium
join:2003-02-06
Onion, NJ
kudos:1

said by drew:

I am saddened, although not surprised, at the lack of response this is getting here.

Is this really an InfoSec forum or more of a chat room?

What do you want to say exactly?
Fortunately, or not`, there is nothing earthshaking or revolutionary.
--
* seek help if having trouble coping
--Standard disclaimers apply.--


drew
Automatic
Premium
join:2002-07-10
Port Orchard, WA
kudos:6

Discussion about a long-standing, highly targeted attack against countries across the globe.

It's not a new set of 0days, nor is it a revolution in cybercrime. It, however, is not irrelevant.
--
flickr | 'Cause I've been waiting, all my life just waiting
For you to shine, shine your light on me



siljaline
I'm lovin' that double wide
Premium
join:2002-10-12
Montreal, QC
kudos:17
Reviews:
·Bell Sympatico
reply to drew

‘Red October’ malware has snooped governments, diplomats since 2007

quote:
Security researchers have outed a malware espionage network believed to have been collecting documents from hundreds of high profile victims at government agencies, embassies and research organisations since 2007.

Researchers at Russian security vendor Kaspersky Lab have dubbed the espionage network "Red October" a still-active operation it says has targeted governments of 39 countries and appears to be aimed at gathering classified information and geopolitical intelligence.
Article


Blackbird
Built for Speed
Premium
join:2005-01-14
Fort Wayne, IN
kudos:3
Reviews:
·Frontier Communi..

1 recommendation

said by siljaline:

‘Red October’ malware has snooped governments, diplomats since 2007

quote:
... Researchers at Russian security vendor Kaspersky Lab have dubbed the espionage network "Red October" a still-active operation it says has targeted governments of 39 countries and appears to be aimed at gathering classified information and geopolitical intelligence.
Article

It's kind of fascinating that 60% of Kaspersky's documented infections lie within pretty close proximity to China. The rest are scattered over the whole rest of the world. Mere coincidence, of course...
--
“The American Republic will endure until the day Congress discovers that it can bribe the public with the public's money.” A. de Tocqueville


siljaline
I'm lovin' that double wide
Premium
join:2002-10-12
Montreal, QC
kudos:17
Reviews:
·Bell Sympatico

Also recently from Ars.
Why Red October malware is the Swiss Army knife of espionage
• »arstechnica.com/security/2013/01···pionage/
What's baffling is the depths of this type of cyber-espionage attacks and how they are implemented.
Gone are the days of running SpyBot and or Ad-Aware to clean an infection, avoiding the obvious.



siljaline
I'm lovin' that double wide
Premium
join:2002-10-12
Montreal, QC
kudos:17
reply to drew

Red October Attackers Shutting Down C&C Infrastructure.
»threatpost.com/en_us/blogs/red-o···e-011813



Triple Helix
Go Blue Jays Go
Premium
join:2007-07-26
Oshawa, ON
kudos:7
Reviews:
·Rogers Hi-Speed
reply to drew

Red October - Indicators of Compromise and Mitigation Data

Together with our partner, Kaspersky, were releasing a whitepaper on the indicators of compromise that can be useful to detect and mitigate the threats from Red October. It contains indicators to detect most of the Red October activity in your systems and networks. Inside the whitepaper you will find snort rules as well as an OpenIOC file that you can use to check your systems for activity related to this cyber espionage campaign.

Full Story and links to the whitepaper: »labs.alienvault.com/labs/index.p···on-data/

TH
--
Triple Helix - Microsoft® MVP Consumer Security 2012/13
VIP Member Of ASAP - (Alliance of Security Analysis Professionals™)
Official Webroot SecureAnywhere (Prevx) Support Forum Helper.
(H59 Clan)