State Hacks


China / Huawei


Stuxnet


Regin


Mask


Flame

  • New version of Flame malware discovered.  [Schneier]  [Motherboard]
  • Flame Windows Update attack could have been repeated in 3 days, says Microsoft.  [Wired]
  • Flame Q&A.  [Kaspersky]
  • US fingered for Flame attack on Elysee Palace.  [The Register]
  • New spying program linked to Flame authors.  [Stuff]
  • Flame espionage weapon linked to more mystery malware.  [The Register]  [Ars Technica]  [Engadget]  [Reuters]  [SecureList]  [Symantec]
    • Kaspersky: Flame has three unidentified malware siblings.  [THG]
  • Flame worm's makers fail to collect Epic 0wnage award.  [The Register]
  • Microsoft kills more code-signing certs to stop Flame-like attacks.  [Ars Technica]
  • Sometimes it's hard to get rid of an old Flame.  [Juniper]  [SecurityWeek]
  • US accused of using Flame to try to cripple Iran's economy.  [DailyTech]
  • Unique insight into Flame malware.  [OpenDNS Blog]
  • Flame was scout ahead of Stuxnet attack on Iran nukes -- US spooks.  [The Register]
  • Report: US and Israel behind Flame espionage tool.  [Wired]
  • Windows updated with better checking for bad digital certs after Flame malware incident.  [Engadget]
  • Flame's crypto attack may have needed $200k worth of compute power.  [Ars Technica]
  • Flame and Stuxnet link found.  [BBC News]  [Ars Technica]  [The Register]
  • Crypto-breakthrough shows Flame was designed by world-class scientists.  [Ars Technica]
  • Flame gets suicide command.  [The Register]  [HardOCP]  [ZDNet]
  • Flame's "god mode cheat mode" wielded to hijack Windows 7, Server 2008.  [Ars Technica]
  • Flame hijacks Microsoft Update to spread malware disguised as legit code.  [Gizmodo]
  • Flame malware wielded rare "collision" crypto attack against Microsoft.  [Ars Technica]
  • Flame.  [Schneier]
  • Why antivirus companies like mine failed to catch Flame and Stuxnet.  [Wired]  [Ars Technica]
  • Microsoft certification authority signing certificates added to Untrusted Certificate Store.  [Microsoft]
  • 'Super-powerful' Flame work actually boring bloatware.  [The Register]
  • Super-powerful Flame worm could take years to dissect.  [The Register]
  • Meet 'Flame', the massive spy malware infiltrating Iranian computers.  [Wired]
  • Info-stealing malware takes Flame war to new level of cyber weapon.  [ComputerWorld]
  • Global wave of Flame cyber attacks called staggering.  [phys.org]
  • Flame: massive cyber attack discovered, researchers say.  [BBC News]
  • Complex cyberwar tool 'Flame' found all over Middle East.  [The Register]

Related / Useful Articles

  • FBI, Homeland Security detail how Iranian hackers stole US voter data.  [Engadget]
  • Six Russians accused of the world’s most destructive hacks indicted.  [Ars Technica]
  • Russia’s Fancy Bear hackers likely penetrated a federal agency.  [Ars Technica]  [Engadget]
  • Iranian government hacking Android.  [Schneier]  [NYT]
  • Russian state hackers targeting presidential campaigns.  [Ars Technica]
  • North Korean hacking gang targets banks worldwide.  [Graham Cluley]
  • North Korea’s Lazarus brings state-sponsored hacking approach to ransomware.  [Ars Technica]
  • Russia’s GRU hackers hit US government and energy targets.  [Ars Technica]
  • UK Government chose not to investigate if Russian hackers interfered in Brexit referendum.  [Graham Cluley]
  • Nation-state espionage campaigns against Middle East defense contractors.  [Schneier]  [WeLiveSecurity]
  • An advanced and unconventional hack is targeting industrial firms.  [Ars Technica]
  • Russia is trying to tap trans-Atlantic cables.  [Schneier]  [The Times]
  • Why the NYT thinks Russia hacked Burisma.  [The Verge]
  • Experts find evidence Russians hacked Ukrainian gas company.  [Engadget]
  • Iranian hackers have been ‘password-spraying’ the US Grid.  [Wired]
  • Iranian attacks on industrial control systems.  [Schneier]  [Ars Technica]
  • Iran says it staved off cyber attack but doesn't blame US.  [The Register]
    • Iran 'foils second cyber-attack in a week'.  [BBC News]
  • Iranian wiper discovered in attacks on Middle Eastern companies.  [Ars Technica]
  • Russian state hacker crew caught uploading malware to Google Play Store.  [The Register]
  • Iranian hacking crew is targeting industrial control systems.  [Wired]
  • Russia against hacker extradition.  [Krebs]
  • Tipped off by an NSA breach, researchers discover new APT hacking group.  [Ars Technica]
  • Russia’s Fancy Bear hackers conduct “significant cyberattacks” on anti-doping agencies.  [Ars Technica]
  • Details of the Olympic Destroyer APT.  [Schneier]  [Wired]
  • New reductor nation-state malware compromises TLS.  [Schneier]  [Kaspersky]
  • Russian hackers modify Chrome and Firefox to track secure web traffic.  [Engadget]
  • New research into Russian malware.  [Schneier]  [ZDNet]
  • Supply chain security and trust.  [Schneier]
  • Russians hack FBI comms system.  [Schneier]  [Yahoo News]
  • New advanced malware, possibly nation sponsored, is targeting US utilities.  [Ars Technica]
  • Hackers broke into a contractor for Russia's spy agency.  [Engadget]  [Schneier]  [ZDNet]
  • US took down Iranian drone using new jammer technology.  [Engadget]
  • Microsoft warns 10,000 customers they’re targeted by nation-sponsored hackers.  [Ars Technica]
  • Mobile networks hacked by probably nation-state attackers.  [Schneier]  [TechCrunch]
  • US Cyber Command: Iran hitting Outlook email flaw.  [The Register]
  • Iranian state hackers reload their domains, release off-the-shelf RAT malware.  [Ars Technica]
  • US Cyber Command has reportedly been aggressively targeting Russia’s electrical grid.  [The Verge]  [Engadget]
  • Triton hackers behind dangerous oil and gas intrusions are probing US power grids.  [Ars Technica]  [Wired]
  • Google confirms that advanced backdoor came preinstalled on Android devices.  [Ars Technica]
  • Iranian cyberespionage tools leaked online.  [Schneier]  [ZDNet]
  • Triton malware targets industrial control systems.  [Schneier]  [MIT Technology Review]
  • GCHQ: Chinese tech 'threats' must be understood.  [BBC News]
  • Australian political parties hit by 'state actor' hack.  [BBC News]  [NZ Herald]  [The Register]  [The Verge]
  • State-sponsored cyber attacks on the rise.  [Stuff]
  • US will map and disrupt North Korean botnet.  [Engadget]  [Ars Technica]
  • China's APT10.  [Schneier]  [Wired]
  • GSCB: Chinese commercial espionage reaches into NZ.  [NZ Herald]
  • How scammers in China manipulate Amazon and its shoppers.  [HardOCP]  [WSJ, YouTube]
  • Chinese hackers are targeting U.S military contractors.  [HardOCP]  [WSJ]
  • NSA official: China is preparing for possible high-profile hacks.  [Engadget]
  • Russian hackers haven't stopped probing the US power grid.  [Wired]
  • How did Iran find CIA spies?  They Googled it.  [Ars Technica]  [The Register]
  • Chinese spies orchestrated massive hack that stole aviation secrets.  [Ars Technica]  [Engadget]
  • China's hacking of BGP.  [Schneier]  [USF]  [HardOCP]  [NZ Herald]
  • Russia hacks Saudi oil and gas plant.  [The Register]
  • Chinese supply chain hardware attack.  [Schneier]  [Bloomberg]  [Android Police]  [ExtremeTech]  [The Verge]  [DC Knowledge]
  • How Russian spies infiltrated hotel WiFi to hack victims up close.  [Wired]  [Ars Technica]
  • North Korea turns to APT hack attacks for cash.  [The Register]
  • Russia's elite hackers have a clever new trick that's very hard to fix.  [Wired]
  • Researchers find Russian “VPNfilter” malware was a Swiss Army hacking knife.  [Ars Technica]
  • CIA network exposed through insecure communications system.  [Schneier]  [Foreign Policy]
  • Former NSA top hacker names the filthy four of nation-state hacking.  [The Register]
  • State governments warned of malware-laden CD sent via snail mail from China.  [Krebs]  [Engadget]
  • Kremlin hackers 'jumped air-gapped networks' to own US power utilities.  [The Register]
  • New report on Chinese intelligence cyber-operations.  [Schneier]  [401 TRG]
  • China-based hackers burrow inside satellite, defense, and telecoms firms.  [Ars Technica]  [Wired]
  • US Government warns of more North Korean malware attacks.  [Graham Cluley]
  • Chinese hackers stole undersea warfare data from US Navy contractor.  [Engadget]  [The Verge]
  • Russia appears to be 'live testing' cyber attacks.  [The Register]
  • FBI seeks to thwart cyber-attack on Ukraine.  [BBC News]
    • Ukraine claims it blocked VPNFilter attack at chemical plant.  [The Register]
  • Chinese government is behind a decade of hacks on software companies.  [Ars Technica]  [Engadget]
  • US and UK warn that Russia has been hacking routers worldwide.  [Engadget]  [Graham Cluley]  [The Register]  [Graham Cluley]  [Voxy]  [Dark Reading]  [HardOCP]  [The Hill]  [Ars Technica]  [Krebs]  [ExtremeTech]
  • Guccifer 2.0’s schoolboy error reveals he’s hacking from Moscow.  [Graham Cluley]  [Wired]
  • Russia hacked the Olympics and tried to pin it on North Korea.  [Engadget]  [The Verge]  [Schneier]
  • APT37: the toolset of an elite North Korean hacker group.  [Wired]
  • NSA sent coded messages through Twitter.  [Engadget]
  • Numbers stations: The 'spy radio' that anyone can hear.  [BBC News]
  • North Korea is barely wired, so how did it become a global hacking power?  [NZ Herald]
  • How Dutch intelligence spied on the Russian hackers attacking the DNC.  [Graham Cluley]  [ExtremeTech]  [NZ Herald]
  • What would really happen if Russia attacked submarine cables.  [Wired]
  • German spy agency warns of Chinese LinkedIn espionage.  [BBC News]
  • Symantec discovers new cyber espionage group targeting governments.  [Voxy]
  • Stuxnet-style code signing is more widespread than anyone thought.  [Ars Technica]
  • Iran blamed for cyberattack on UK parliament.  [Engadget]
  • North Korean hackers allegedly probing US utilities for weaknesses.  [The Register]
  • US pressured North Korea by overwhelming hackers with data traffic.  [Engadget]  [Ars Technica]
  • New ESET research uncovers Gazer, the stealthy backdoor that spies on embassies.  [Graham Cluley]  [The Register]
  • Spyware deployed in state-sponsored attacks against India and Pakistan.  [Graham Cluley]
  • A guide to Russia’s high tech tool box for subverting US democracy.  [Wired]
  • Attack on Ireland’s state-owned power provider blamed on state-sponsored hackers.  [Graham Cluley]
  • Wired's guide to Russia's infrastructure hacking teams.  [Wired]
  • Russian hackers target the US nuclear industry.  [Engadget]  [HardOCP]  [NYT]
  • Obama reportedly ordered implants to be deployed in key Russian networks.  [Ars Technica]
  • US: North Korea' Hidden Cobra group behind eight years of hacks.  [Stuff]  [Gizmodo]  [Engadget]  [The Register]  [THG]
    • NSA believes North Korea was responsible for WannaCry ransomware attacks.  [The Verge]  [BBC News]  [Schneier]
    • North Korea's sloppy, chaotic cyberattacks also make perfect sense.  [Wired]
    • US-CERT Warns North Korea Has Stepped Up Cyberattacks.  [ExtremeTech]
  • “Crash Override” malware that triggered Ukrainian power outage.  [Ars Technica]  [The Register]  [NZ Herald]  [Stuff]  [HardOCP]  [WeLiveSecurity]  [Dragos]
    • Watch hackers take over the mouse of a power-grid computer.  [Wired]
  • Where Russian spies hide their control servers.  [Ars Technica]
  • North Korean cyberwar capabilities.  [Schneier]  [Reuters]  [NZ Herald]  [Stuff]
  • We are not done with state-sponsored hacking.  [Russ White]  [Monday Note]
  • Criminals getting closer to state actors.  [Russ White]  [Halbheer]
  • Attack vs defense in nation-state cyber operations.  [Schneier]  [Cornell]
  • Malware 'disguised as Siemens firmware drills into 10 industrial plants'.  [The Register]
  • The US has been conducting offensive cyberattacks against North Korea.  [Schneier]  [NYT]
  • Duqu malware techniques used by cybercriminals.  [Schneier]  [SecureList]  [Ars Technica]
  • Definitely not another Stuxnet, researchers claim as they demo industrial control rootkit.  [The Register]
  • Yet another government-sponsored malware.  [Schneier]
  • Stuxnet-like "Irongate" malware discovered.  [Schneier]  [FireEye]  [Motherboard]  [Dark Reading]
  • Air-gapping SCADA systems won't help you, says man who knows.  [The Register]
  • Inside the unprecedented hack of Ukraine’s power grid.  [Wired]
  • Massive US-planned "Nitro Zeus" cyberattack against Iran went well beyond Stuxnet.  [Ars Technica]
    • 'Nitro Zeus' was a massive cyber attack plan aimed at Iran if nuclear negotiations failed: report.  [Jalopnik]
  • Kaspersky Lab reveals Duqu 2.0 attack on itself during Iran nuke talks.  [The Register]  [THG]  [Wired]  [Graham Cluley]  [HardOCP]  [BBC News]  [Schneier]
    • Duqu 2.0: 'Terminator' malware that pwned Kaspersky could have come from Israel.  [The Register]
    • Duqu 2.0‬ malware buried into Windows PCs using 'stolen Foxconn certs'.  [The Register]  [Ars Technica]  [Wired]
  • A cyberattack has caused confirmed physical damage for the second time ever.  [Wired]  [Gizmodo]  [Schneier]
  • Active malware operation let attackers sabotage US energy industry.  [Ars Technica]  [Gizmodo]  [Symantec]
    • Dragonfly hackers target 1000 Western energy firms, industrial control systems.  [Graham Cluley]  [DailyTech]
  • Attackers fling Stuxnet-style RATs at critical control software in Europe.  [The Register]
  • New cyber-attack model helps predict timing of the next Stuxnet.  [Ars Technica]
  • SCADA security is better and worse than we think.  [The Register]
  • Decade-old espionage malware found targeting government computers.  [Ars Technica]  [ThreatPost]
  • SCADA honeypots attract swarm of international hackers.  [The Register]
  • Gauss.  [Schneier]  [Ars Technica]
  • Eugene Kaspersky and Mikko Hypponen talk Red October and the future of cyber warfare.  [TechCrunch]
  • 'Red October' cyber attack found by Russian researchers.  [BBC News]  [Gizmodo]  [Kaspersky]  [TrustedReviews]  [THG]
  • Iranian computers targeted by new malicious data wiper program.  [Ars Technica]  [WSJ ATD]
    • Iran responds to new "Stuxnet-like" cyber attack.  [WSJ ATD]  [HardOCP]  [AP]
  • Malware spy network targeted Israelis, Palestinians.  [Krebs]
  • A Stuxnet future?  Yes, offensive cyber-warfare is already here.  [ISN]
  • DDoS attacks on major US banks are no Stuxnet -- here's why.  [Ars Technica]
  • More malware targeting Iran could yet be discovered.  [BBC News]
  • The perfect crime: is Wiper malware connected to Stuxnet, Duqu?  [Ars Technica]  [Wired]
  • New virus linked to Stuxnet found.  [HardOCP]  [STL Today]  [Ars Technica]  [Wired]
  • Siemens squashes Stuxnet-like bugs in SCADA kit.  [The Register]
  • New Mahdi strain of spyware targets Iran and Israel.  [ReadWriteWeb]
    • Move over, Flame: new Messiah-themed malware targets Iran and Israel.  [Ars Technica]
  • The failure of anti-virus companies to catch military malware.  [Schneier]  [Wired]  [The Register]
  • Stuxnet expert calls US the "good guys" in cyber-warfare.  [Ars Technica]
  • Stuxnet ≠ cyberwar, says US Army cyber command officer.  [The Register]
  • Researchers show how easy a new Stuxnet-like attack can be.  [WSJ ATD]
  • There's a new version of the Stuxnet-esque Duqu trojan floating around and nobody knows what it does.  [Gizmodo]
  • Duqu trojan used 'unknown' programming language: Kaspersky.  [CBR]
    • Duqu mystery language solved with the help of crowdsourcing.  [Wired]
  • A Valentine's Day present for SCADA companies: new exploit tools.  [Ars Technica]
  • Stuxnet weapon has at least 4 cousins: researchers.  [Reuters]
  • From the man who discovered Stuxnet, dire warnings one year later.  [CS Monitor]
  • US reveals Stuxnet-style vuln in Chinese SCADA 'ware.  [The Register]
  • Kaspersky claims 'smoking code' linking Stuxnet and Duqu.  [The Register]
  • Microsoft squashes Duqu threat with Windows patch.  [Ars Technica]
  • Microsoft airs temporary fix to defeat Duqu worm.  [DailyTech]
  • Nasty 'Duqu' worm exploits same Microsoft Office bug as Stuxnet.  [DailyTech]  [Ars Technica]
  • Researchers warn of new Stuxnet worm.  [BBC News]
  • New malware: Duqu.  [Schneier]
  • Son of Stuxnet discovered.  [The Register]  [Wired]

Ċ
Robert Larsen,
4 Jan 2012, 13:57