Department of Homeland Security Issues Warning about Potential Cyber-attacks and Civil Protests from Hacking Group “Anonymous”
Cyber-hacking groups have gotten the attention of the Department of Homeland Security, which recently issued a warning about potential cyber-attacks and civil protests from the hacking group known as “Anonymous.”
The bulletin from the DHS National Cyber-Security and Communications Integration Center warned financial services companies to be aware of attackers operating under the Anonymous agenda to “solicit ideologically dissatisfied, sympathetic employees” to the cause.
The group recently went on Twitter to persuade employees within the financial sector to hand over information and access to enterprise networks. Though it seems such attempts may not have been unsuccessful, the DHS bulletin warned, “unwilling coercion through embarrassment or blackmail may be a risk to personnel.”
The first attack, titled “Occupy Wall Street,” is scheduled for September 17 and hopes to get 20,000 individuals to gather on Wall Street to protest various U.S. government policies.
The call for protest, issued through an Anonymous video on YouTube, asked followers to “flood into lower Manhattan, set up tents, kitchens, peaceful barricades and occupy Wall Street for a few months.” Similar rallies targeting other financial districts are planned for Madrid, Milan, London, Paris and San Francisco.
The DHS warning cited another protest may be planned for October on the National Mall in Washington to mark the 10th anniversary of the American invasion of Afghanistan. That protest, DHS said, may be followed by Operation Facebook on November 11 in protest of the social media company’s alleged privacy violations, and by Project Mayhem, which could bring physical disruptions and cyber-attacks, scheduled for December 21, 2012.
The unclassified DHS document was addressed mainly to those in charge of cyber security and critical infrastructure protection and warns that Anonymous brags to use new tools in launching future cyber-attacks. One piece of software that has caught the attention of the information security community is called #RefRef, which is said to be capable of using a server’s resources and processing power to conduct a denial of service attack against itself, paralyzing the network.
SecurityOrb.com advises those who are in charge of cyber security and critical infrastructure protection to verify the integrity of their organization’s security controls and to increase logging capabilities with an emphasis on analytic analysis.
Conducting security awareness training to inform users of the situation, of their responsibilities and of the appropriate use of company equipment is also helpful.
DigiNotar Related Articles
DigiNotar Breach Affected 531 Certificates
A preliminary analysis of the incident now claims that there have been 531 fraudulent certificates. The hackers may have explored DigiNotar’s servers for the first time in early June and gained control on June 17. The company detected the hack on June 19, but failed to prevent the creation of the first rogue certificate on July 2. The hacker activity apparently ended on July 22.
GlobalSign Says No New Certificates, Pending Investigation
“GlobalSign takes this claim very seriously and is currently investigating,” according to a statement released by the company, which is the fifth-largest CA. “As a responsible CA, we have decided to temporarily cease issuance of all Certificates until the investigation is complete. We will post updates as frequently as possible.”
Deleting the DigiNotar CA certificate
Comodohacker returns in DigiNotar incident
A hacker known as Comodohacker has taken responsibility for the recent attack against Dutch certificate authority DigiNotar and is now threatening to release fake security certificates for other companies that he has hacked.
Google One of Many Victims in SSL Certificate Hack
A Dutch company that issues digital certificates used to authenticate websites said late Tuesday that several dozen other websites in addition to Google have been affected by a security breach.
Discounted Online Security Training with SANS vLive!
SEC401: SANS Security Essentials – Buy One Get One Free!
SANS is excited to announce a very special offer: Register two students for vLive! SEC401 (beginning October 11, 2011) for the price of one!
Click here for more information: https://www.sans.org/vlive/specials.php
Remember, if you don’t need SANS Security Essentials right now, you can still save $150 on any other SANS course by using discount code Connect_SecOrb.
BSD Magazine: Protecting Dynamic Websites in FreeBSD
The latest issue of BSD magazine is available: Protecting dynamic websites in FreeBSD.
Darrel Levitch has an article about installing and configuring DNSSEC for small networks using Unbound. Then the Developers Corner, which is very PC-BSD oriented this month – with two articles written by Kris Moore and Dru Lavigne focusing how easy it is to update your PC-BSD and how to backup it to FreeNAS with Life Preserver.
ARTICLES IN THIS ISSUE:
DNSSEC resolution and IPv6 Unbound on FreeBSD 8.2
Darrel Levitch
Unbound runs on FreeBSD, OpenBSD, NetBSD, Linux, and Microsoft Windows. It provides a reasonably simple way to implement DNSSEC in a local-area network. With Unbound forward and reverse resolution is possible for small networks where IPv6 is implemented
More…
Keeping up to date in PC-BSD 9
Kris Moore
Since the early days of PC-BSD, there has been various GUI mechanisms for performing critical system and security updates.
More…
Using Life Preserver to Backup a PC-BSD 9.0 System to FreeNAS™ 8.0.1
Dru Lavigne
This article demonstrates how to use the built-in Life Preserver program to backup a PC-BSD 9.0 desktop system to a FreeNAS™ 8.0.1 NAS system. Users can refer to the Guides at http://wiki.pcbsd.org/index.
More…
Recovering data with hammer
Justin C. Sherrill
We’ve all experienced instant regret. That’s the feeling that comes within a second of executing a command like „rm -rf * .txt” (note the space) or of cutting the wrong cluster of wires at the end of a long conduit. Not that I am quoting from experience, or anything like that, no…
More…
Apache2, php5, mysql5, modsecurity2.5 installation and confguration in order to protect dynamic websites from various attacks, in Freebsd 8.2
Stavros N. Shaeles
In the last years there is a tremendous increment in dynamic website and cms using php. A very large pieceof the market of this websites are served by Apache Webserver using Mysql as database basically in Unix systems. Also this tremendous increment of php in dynamic website and opensource cms like joomla increase and hackers attacks in order to compromise a website or hack the server to use it in botnet. So someone can wonder, is there anything that can protect my websites except from backups and upgrading our system and software? The answer is yes.
More…
MySQL Unleashed!
Sufyan bin Uzayr
We explore some tips and tricks that you can use to gain better performance with MySQL
More…
Terminal Descriptions for OpenBSD AMD/Intel consoles
Alexei Malinin
In this article I would like to describe the results of my work of tuning OpenBSD consoles for AMD/Intel PCs. These results are also applicable to computers with the same hardware architecture (amd64 or i386, see http://www.openbsd.org/plat.
More…
(Ab)using VideoLAN: Learn what you can do with your video and audio using powerful VideoLAN command line interface
Michael Bushkov
Dealing with video and audio data is the part of our everyday life. Sometimes, though, we need to do things that fall into „advanced” category. What tools should we use then?
More…
NetBSD Intrusion Detection Server. How can we describe the functions of such a server?
Svetoslav Chukov
Sometimes special type of systems are needed to be running on the server. This server will serve different purposes, it will take care of the network security.
More…
Download BSD Magazine here
SANS Chicago 2011
SANS comes to downtown Chicago, October 23-28. This event offers our top instructors and an intimate opportunity to learn, network, and practice the hands-on skills that will boost your career.
The new Audit407: The Foundations of Auditing Information Systems will be taught at SANS Chicago 2011. It’s a prequel to the SANS Audit 507 course and is meant to prepare auditors with the baseline of knowledge necessary to take them from being just a security professional to being an effective IS auditor. AUD407 will be taught by SANS Senior Instructor James Tarala.
Please note that MGT525 is one of our offerings. This is a rare opportunity to take this PMI course at a regional training event.
SANS MGT525 Project Management course has a strong focus on effective communication, risk analysis, continuous monitoring, and utilizes project case studies that highlight information technology services as deliverables.
SANS MGT525 is approved by the Project Management Institute as a PMI Registered Education Provider. The course provides specific techniques for success with information assurance initiatives. Following the SANS promise, participants leave this course with specific tools that can be applied the day you get back to the office!
MGT525 is taught by author and instructor Jeff Frisk.
SANS @Night talks that will be included with your registration:
• Computer Forensics In The Virtual Realm – Paul Henry
• It’s Time to Rethink Everything: A Governance, Risk, & Compliance (GRC) Primer – James Tarala
• Electrical Grid Security – Peter Szczepankiewicz
Click here for more information regarding SANS Chicago 2011: http://www.sans.org/info/85834
*** Use the following promo code to receive $150 off your registration: Connect_SecOrb ***
SANS Baltimore 2011, Baltimore, MD, Save $250 until September 7
This is your final reminder that SANS will be hosting hands-on security
management, technical security, and computer forensics training at SANS
Baltimore 2011 October 9-15! * Register & pay for any five- or six-day
course by Wednesday, September 7, 2011, to receive up to a $250 discount
and get the best computer security training money can buy. Have you
registered yet? (http://www.sans.org/info/
We are offering a rare opportunity for those managers and leaders who
need Security training to take 2 courses at this event. First, take
MGT512 and then add MGT535 on October 14-15. MGT535 was added to the
lineup recently as a beta for this course. Read on:
NEW – Management 535: Incident Response Management with Eugene Schultz,
Ph.D., SANS Certified Instructor – This is a special beta course whose
materials are still being fine-tuned. We are offering it at a discount
at this event in exchange for the students’ detailed feedback, which
will help us improve and finalize the course’s content and exercises.
You can take this course right after MGT512 for a unique security
management training opportunity.
First things first – make your choice for the following 5- and 6- day
Infosec courses in security, security management, and computer forensics
with certifications for managers and technical staff alike.
Choose from the following courses:
– Security 401: SANS Security Essentials Bootcamp Style * (GSEC) with
Tanya Baccam
http://www.sans.org/info/85429
– Management 512: SANS Security Leadership Essentials for Managers with
Knowledge Compression(TM) * (GSLC) with Eugene Schultz, Ph.D.
http://www.sans.org/info/85434
– Security 560: Network Penetration Testing and Ethical Hacking (GPEN
and Cyber Guardian Baseline Courses) with John Strand
http://www.sans.org/info/85439
– Forensics 508: Advanced Computer Forensic Analysis and Incident
Response (GCFA and Cyber Guardian Baseline Courses) with Hal Pomeranz
http://www.sans.org/info/85444
Friday, October 14, 2011 – Saturday, October 15, 2011
– Management 535: Incident Response Management with Eugene Schultz,
Ph.D., SANS Certified Instructor
http://www.sans.org/info/85449
* Courses that align with DoD 8570 Directive
All of our five- and six-day courses offered at SANS Baltimore 2011 have
a GIAC Certification available. Take advantage of the opportunity to put
the skills you’ll learn to practical use and join more than 38,000 GIAC
certified professionals who make the Infosec industry safe!
Certifications are identified in the list above inside the parentheses.
Visit the GIAC Web site for more information and register for your
certification attempt today! (http://www.giac.org/info/
Earn your Master’s Degree at SANS Technology Institute (STI). LINK to
here: http://www.sans.edu/academics. Take classes in Information
Security Management (MSISM) or Engineering (MSISE). Click here
http://www.sans.edu/info/80719 for the downloadable Application form.
Apply today!
And don’t forget – the last day to get the discounted SANS room rate at
the Hilton Baltimore ($215 S/D) is September 19, 2011. The Hilton
Baltimore is in the downtown Inner Harbor district right near Camden
yards. Government per diem rooms are available with proper ID. You must
call the hotel and specifically ask for this rate. These rates will
include high-speed Internet in your room. To make reservations please
call 1-800-HILTONS.
SANS training is well-known for being relevant and pragmatic. All SANS
award-winning instructors are industry leaders and experts who
understand the challenges you face on a daily basis. Their real-world
experience increases the practical value of the course material. Here
are some comments from recent alumni:
“If you want to understand and apply security, you need to attend a SANS
conference.” – John Penrose, Gore Mutual Insurance Company
“Conference was filled with great presenters who are top experts in
their corresponding fields. Great class!” – Dave Atkinson, SCMC
“This was the best IT training I have attended. I am confident the tools
and knowledge I learned this week will prove helpful.” – Sarah Hesters,
Southeast Alabama Regional Planning and Development Commission,
So let your colleagues and friends know about SANS Baltimore 2011. We
look forward to seeing you all there! Register today at
http://www.sans.org/info/85424
Kind regards,
Stephen Northcutt
President
SANS Technology Institute, a post graduate computer security college
