Saturday, January 19, 2013

The "Red October" Campaign

In October 2012, Kaspersky Lab’s Global Research & Analysis Team initiated a new threat research after a series of attacks against computer networks of various international diplomatic service agencies. A large scale cyber-espionage network was revealed and analyzed during the investigation, which we called «Red October» (after famous novel «The Hunt For The Red October»).

This report is based on detailed technical analysis of a series of targeted attacks against diplomatic, governmental and scientific research organizations in different countries, mostly related to the region of Eastern Europe, former USSR members and countries in Central Asia.

The main objective of the attackers was to gather intelligence from the compromised organizations, which included computer systems, personal mobile devices and network equipment.

The earliest evidence indicates that the cyber-espionage campaign was active since 2007 and is still active at the time of writing (January 2013). Besides that, registration data used for the purchase of several Command & Control (C&C) servers and unique malware filenames related to the current attackers hints at even earlier time of activity dating back to May 2007.

Main Findings

Advanced Cyber-espionage Network: The attackers have been active for at least several years, focusing on diplomatic and governmental agencies of various countries across the world.

Information harvested from infected networks was reused in later attacks. For example, stolen credentials were compiled in a list and used when the attackers needed to guess secret phrase in other locations. To control the network of infected machines, the attackers created more than 60 domain names and several server hosting locations in different countries (mainly Germany and Russia). The C&C infrastructure is actually a chain of servers working as proxies and hiding the location of the ‘mothership’ control server.

Unique architecture: The attackers created a multi-functional kit which has a capability of quick extension of the features that gather intelligence. The system is resistant to C&C server takeover and allows the attack to recover access to infected machines using alternative communication channels.

Broad variety of targets: Beside traditional attack targets (workstations), the system is capable of stealing data from mobile devices, such as smartphones (iPhone, Nokia, Windows Mobile), enterprise network equipment (Cisco), removable disk drives (including already deleted files via a custom file recovery procedure).

Importation of exploits: The samples we managed to find were using exploit code for vulnerabilities in Microsoft Word and Microsoft Excel that were created by other attackers and employed during different cyber attacks. The attackers left the imported exploit code untouched, perhaps to harden the identification process.

Attacker identification: Basing on registration data of C&C servers and numerous artifacts left in executables of the malware, we strongly believe that the attackers have Russian-speaking origins. Current attackers and executables developed by them have been unknown until recently, they have never related to any other targeted cyberattacks.

More @

Thursday, January 17, 2013

Do Less: A Short Guide


By Leo Babauta

Many of us work in an endless stream of tasks, browser tasks, social media, emails, meetings, rushing from one thing to another, never pausing and never ending.

Then the day is over, and we are exhausted, and we often have very little to show for it. And we start the next day, ready for a mindless stream of tasks and distractions.

I am a fan of going against the stream of what most people do, and taking a step back. Is it really worth it? Is this the best way? Are we losing our lives to busy-ness and distraction?

What if we did less instead?

Of course, I’ve been suggesting doing less for six years here on Zen Habits, but it’s a topic worth revisiting, because it is so necessary. Today I offer a short guide to doing less, for those willing to give it a try.

The Benefits

I could probably write an entire book on the benefits of doing less, but here’s the short version:

  1. You accomplish more. No, you don’t get more done (you’re doing less, after all), but if you do less and focus on the important stuff, you actually achieve better results, more meaningful accomplishments. This is how I’m able to work less but still write hundreds of posts a year (on various sites), create ebooks and courses, and more.
  2. You have less anxiety. When you let go of the distractions and the non-essential, you free yourself from the fear that you need to do these things. You learn that your world doesn’t fall apart when you let these things go.
  3. You enjoy life more. Taking time to really focus on an important task, or enjoy the little things, rather than rushing through them, is much more enjoyable.
  4. You create time. When you do less, all of a sudden you have free time! What can you do with all that time? How about spend some time with loved ones, read, write, make music, exercise, cook healthy meals, start your own business, meditate, do yoga?

I’ll stop with those benefits — they’re sufficient for getting started. But I think you’ll discover others as you give this a try.

More @ Do Less: A Short Guide By Leo Thu, 17 Jan 2013 15:35:29 GMT

Tuesday, January 8, 2013

Recommended Readings