81 Percent Of Tor Clients Could Be Identified With NetFlow

Large Man Looking At Co-Worker With A Magnifying Glass

Pierluigi Paganini from Security Affairs posted a great article about how Cisco NetFlow could possibly be used to identify Tor clients. The idea is a NetFlow sensor could monitor a certain percent of random generated Tor circuits and possibly link clients back to their users. The original post can be found HERE. Here is the post. 

The research revealed that more than 81 percent of Tor clients can be de-anonymized by exploiting a new traffic analysis attack based on Netflow technology.

A team of researchers conducted a study between 2008 and 2014 on the de-anonymization of the Tor users, the team worked to disclose their originating IP addresses.  Continue reading

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

Ask A Question: New Feature Of This Blog

Hey everybody. I added a new section to this blog for asking questions (see the menu section Ask A Question). This will help organize the various types of questions I see and hopefully morph into a wiki type page you can search for answers. I’ll moderate questions to remove SPAM so anything is game as long as it makes sense for this blog.

AskAQuestion1

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

North Korea Cyber Spies Exposed: Cell Bureau 121

North-Korea-2

Many people believe the Sony breach was caused by North Korea’s Cell Bureau 121. As a follow on to my last post on the Sony incident, I am adding a fantastic post from The Independent covering Cell Bureau 121. The original post can be found HERE.

With North Korea’s ability to hack the most sophisticated computer systems in the world under scrutiny, a secretive cyber-warfare cell called Bureau 121 has come to light.

Continue reading

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

Free FSU Online Security Classes : Offensive Computer Security

FSUCS1

The Computer Science department at Florida State University is offering free computer security class lectures. You can find the entire CIS4930 and CIS5930 courses online HERE. These are the Spring 2014 classes so the content is pretty current. There are 26 lessons ranging from lock picking to launching attacks with Metasploit. Videos include lecture slides to download. Continue reading

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

Cisco Announces Intent to Acquire Neohapsis

Neo1

Cisco announced yesterday that they intend to acquire Neohapsis. Neohapsis is a security, risk and compliance company, which is a very interesting move by Cisco. Many people not only want data from security reports, but also desire how that data will impact their business. This means how changes or risk can impact compliance to mandatory regulations as well as how much impact could a vulnerability have to a system. Neohapsis is a services based company so this seems to be a security services play yet could also trickle in Cisco products.It would be really cool to see more compliancy based reporting in future Cisco products as an outcome of this acquisition.

You can find more about Neohapsis HERE.

The official announcement from Cisco can be found HERE.

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

Sony Pictures Hacked: The Full Story

sony-hacked-again

The Verge has done a fantastic job covering the Sony Pictures Hacked story (found HERE). Below is a summary however you should go to the Verge.com to see each article showing the timeline of the attack.

A successful attack on Sony Pictures’ computer systems threw the entire studio into disarray in late November. The hijackers’ identity and motivation remain unclear, though in the days following the attack, evidence has surfaced to suggest it originated in North Korea. Rather than attempting to steal money or otherwise profit from the information it obtained, this hack seems to be focused on making life difficult for Sony Pictures employees. They have been subjected to threats from the hacking group, which has posted much of the data it collected from the studio’s servers to the web. Follow this storystream for the latest developments to the story.

MAJOR UPDATES

Go HERE to see the timeline of events associated with the attack.

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

Interesting Story On Cicada 3301 – Code-Breakers Challenge

cicada1

The Telegraph posted a really cool article on the mysterious online organization called Cicada 3301 that has be posting puzzles for skilled cryptographers to crack. Is it a government organization such as NASA or CIA recruiting tactics or elite underground hacker group? What happens when you break all of the puzzles? You can read the original post HERE.

Here is the story from the Telegraph:

For the past two years, a mysterious online organisation has been setting the world’s finest code-breakers a series of seemingly unsolveable problems. But to what end? Welcome to the world of Cicada 3301

Continue reading

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

Detecting Malware With ThreatGRID Overview

threatgridlogo

Cisco acquired the leader for identifying day zero threats ThreatGRID around may of 2014. ThreatGRID’s statement The First Unified Malware Analysis and Threat Intelligence Solution sounds like a mouthful however represents its purpose of going beyond what most “sandbox” technologies accomplish in this market space. What is also interesting is this technology is being moved into other Cisco security offerings now that they are part of Cisco’s breach detection strategy. Continue reading

VN:F [1.9.22_1171]
Rating: 5.0/5 (1 vote cast)