Show Notes:

Get TechSNAP on your Android:

• Callisto – Android App
• Jupiter Broadcasting – Android App by ShaneQful

Browser Affiliate Extension:

• Jupiter Broadcasting Affiliate Extensions for Chrome and Firefox





TechSNAP 100 Limited Edition Shirt:

Limited time left on our limited run TechSNAP 100 T-shirt!

Oracle releases another Java Critical Patch Update

• As discussed previously, Oracle accelerated Java 7u13 from its planned release date of Feb 19th to Feb 1st due to the flaws it fixed being exploited in the wild
• According to Oracle, this caused a number of fixes to not make the cut and so they have released Java 7u15 on the originally scheduled date to address those flaws
• The patch includes fixes for 5 vulnerabilities, 3 rated with a CVSS score of 10/10
• Patch Notes

---

Facebook and Apple compromised by Java exploit

• A watering hole attack was successfully executed against Facebook, Apple and other mobile developers
• Malware was found on the iPhoneDevSDK web forum. The site was apparently compromised by the attackers and the java applet was injected into the HTML to infect members of the site
• The zero-day exploit that was used is one of the ones patched in Java 7u13, and may have been the biggest reason behind Oracle accelerating the release of that patch
• The exploit used separate payloads to compromise machines running either Windows or MacOS
• This is one of the most widespread and successful attacks against Mac OS, and underscores the fact that with the growing popularity, OS X has become a real target for malware authors
• This may provide insight into the reasoning behind Twitter’s comments about disabling java in their announcement when 250,000 twitter users’ accounts were compromised
• It was also likely the reasoning behind Apple’s disabling of outdated java on all versions of OS X that upset some users
• The most worrying part of this attack is that it might have gone undetected if it were not for the Facebook Security Team finding suspicious activity on their internal network, including DNS queries to almost legit looking domains (Apple spelled wrong, a fake cloud storage service, etc)
• 100s or 1000s of other mobile app developers’ machines may have been compromised, and through them, the source code for their applications, meaning that there may be apps in your favourite app store containing code not but there by the author, but by an attacker
• It is recommended that anyone who visited the forum check their computers, and also check the revision history of their source code repositories and look for any unauthorized changes
• Facebook Announcement
• Additional Coverage
• Additional Coverage

---

Punkbuster service goes offline, taking down online game servers for 100s of games

• Punkbuster is an online anti-cheating/hacking service, that can take screenshots of gaming sessions and provide md5 hashes of files in the game directory to prove that files have been altered or that cheats are being used. Punkbuster also runs a blacklisting service which bans your hardware hash from all games that use the service
• The service is used by many online games, especially from publishers such as EA, Ubisoft and Activision
• On Wednesday February 13th, the Punkbuster service went down, making it impossible for gamers to connect to any server with the service enabled (all official and ranked servers are required to run Punkbuster)
• This again highlights the problems with replying on a 3rd party provider for critical services
• At the same time, if each studio or publisher had to maintain their own system, the service level may be worse, as the studios are unlikely to maintain dedicated teams to run the service

---

iOS 6.1 security flaw allows bypassing lock screen

• Through a series of key presses, anyone with physical access to your iOS device can bypass the lock screen and gain access to your contacts
• Unauthorized users could make calls from your phone, access your voicemail, view and edit your contacts, or by attempting to add/change the photo for a contact, they can browse all photos stored on your phone
• an Apple spokesperson said: “Apple takes user security very seriously. We are aware of this issue, and will deliver a fix in a future software update.”
• No word on when we can expect an update from Apple
• An Ontario court ruled today that Police officers only need a warrant to search your phone if you have a password on it

---

Mandiant, the security firm hired by the NY Times to investigate the breech of their network, releases a report called APT1

• Mandiant has written a 76 page report detailing who they believe to be behind the attack on the New York Times and over 140 other organizations, the attackers have been dubbed ‘APT1’
• “APT1 is believed to be the 2nd Bureau of the People’s Liberation Army (PLA) General Staff Department’s (GSD) 3rd Department, which is most commonly known by its Military Unit Cover Designator (MUCD) as Unit 61398.”
• APT1 is believed to have taken hundreds of terabytes of designs, drawings, intellectual property, intelligence, and other data from victims in english speaking countries
• 97% of the 1900+ attacks attributed APT1 originated from a set of IP addresses registered in Shanghai and from computers with the Simplified Chinese character set
• They have also identified 3 unique personas that play various roles in APT1
• The appendices of the report include a list of domain names that have been used by APT1, as well as MD5 hashes of known malware samples and SSL certificates
• The data is also available as definition files for Mandiant’s free tool Redline, for detecting APT1 threats
• Video evidence of an APT1 actor
• View the report and Appendicies
• A recruitment notice for PLA Unit 61398 from 2004 found on the website of Zhejiang University Translated
• Symantec has detected one or more attackers attempting to use the Mandiant report as bait, the .PDF attached to the emails actually drops Trojan.Pidief using CVE–2013–0641, an Adobe Acrobat remote code execution exploit

---

Feedback:

• Routing between LANs
• What volume configuration is going to give the best performance in FreeNas?
• Do PFSense Users Worry about uPnP?
• Securing his home Desktop?
• SSL to Identify the clients?

Round Up:

• Angry Birds on a hacked ATM – YouTube
• Educause (manages the .edu TLD) gets hacked, announcement email looks like phishing scam – Official Announcement
• Netcraft detects spike in ‘Proxy Auto Config’ attacks, routing only your traffic to specific webmail and banking sites via a proxy to steal your passwords
• How long do SSDs last? Assuming you write to them at the full 6Gb/sec, here are the numbers
  • Solid-state revolution: in-depth on how SSDs really work
• Opera moving to WebKit, jQuery developers hope this means more fixes to the buggy webkit
• US F–22s cannot communicate with allied planes – F–22s can receive but not transmit Link16 data (communications, datalink and radar sharing) – Speculation that this is why they were never used in Libya
• Ruby documentation engine (RDoc) vulnerable to XSS exploit
• SSH bruteforce attacks start going after other ports (1022, 2222, 10022, 22222 etc)
• Google reports hijacked gmail accounts down by 99.7% since 2011
• Blackberry .tiff file vulnerability could allow attackers to compromise Blackberry Enterprise Servers, and island hop to the rest of the network

The post Attacking the Devs | TechSNAP 98 first appeared on Jupiter Broadcasting.

]]> https://original.jupiterbroadcasting.net/32147/cyber-cold-war-unfilter-38/ Wed, 20 Feb 2013 22:50:52 +0000 https://original.jupiterbroadcasting.net/?p=32147 A clandestine Chinese military unit has conducted sophisticated cyber espionage operations against hundeds of companies, we dig to the bottom of this story.

The post Cyber Cold War | Unfilter 38 first appeared on Jupiter Broadcasting.

]]>



A clandestine Chinese military unit has conducted sophisticated cyber espionage operations against dozens of American and Canadian companies, we dig to the bottom of this story and share our insights.

A 75 year old Soybean farmer is fighting Monsanto all the way to the US Supreme court, but things are not looking good for the farmer.

Then it’s our first review of the blockbuster show politicians are gearing up for, the Horse Meat Scandal Trots Along, and how the media attacked video games again this week.

Plus your feedback, and much much more on this week’s Unfilter.

Direct Download:

HD Video | Mobile Video | MP3 Audio | OGG Audio | Torrent | YouTube

RSS Feeds:

HD Feed | Mobile Feed | MP3 Feed | OGG Feed | HD Torrent | Mobile Torrent | iTunes

Become an Unfilter Supporter:

Thanks for Supporting Unfilter:

• Caspar

• Austin

• Thanks to our 27 Unfilter supporters!

• New supporter perk: Downloadable Pre and Post show. Extra clips, music, hijinks, and off the cuff comments. The ultimate Unfiltered experience.

A spot buy meant to take advantage of the big deliveries for a breaking news story like the Fukushima Daiichi nuclear power plant disaster in Japan won\’t necessarily be as comfortable a fit as a :30 that airs during a space shuttle launch or ticker-tape parade, but CNN will still sell it at a premium.

• How CNN Sells Breaking News

---

— Soybean Farmers Monsanto Lawsuit Reaches US Supreme Court —

Supreme Court justices suggest they would agree with Monsanto that its patent protection covers not just the first planting but also seeds generated later.

• Justices skeptical of farmer who planted patented Monsanto seeds
• Supreme Court sympathizes with Monsanto in seed patent case

\”Without the ability to limit reproduction of soybeans containing this patented trait,\” he said, \”Monsanto could not have commercialized its invention and never would have produced what is, by now, the most popular agricultural technology in America.\”

• Supreme Court Hears Arguments in Bowman v. Monsanto – NYTimes.com

---

— Horse Meat Labelled as Beef Scandal Trots Along —

First centered on Britain and Ireland, the scandal over beef products adulterated with horse meat escalated across Continental Europe on Tuesday after Nestlé, one of the world’s best-known food companies, said it was removing pasta meals from store shelves in Italy and Spain.

• Nestlé Removes 2 Products in Horse Meat Scandal
• The Real Scandal Behind Britain’s Horsemeat Fiasco

---

— The so Called Sequester Battle —

With just a little over a week to avert them, it appears increasingly likely the $1.2 trillion in so-called sequester cuts will go into effect.

• Boehner, WH trade blame for sequester – CBS News

Unofficially, many members of Congress are betting that a few weeks into the automatic spending cuts, Democratic and Republican leaders will get serious about negotiating a replacement to the sequestration and the $85 billion in spending cuts will not have had time to really bite.

• Sequester Cuts Will Not Cause The Sky To Fall On March 1

---

— US Businesses Under Sustained CYBER ATTACK!!oneone!! —

The report by computer security firm Mandiant Corp. in Alexandria, Va., breaks new ground by attributing attacks against 141 companies to a specific 12-story office building in the financial center of Shanghai.

• Computer security firm blames cyber spying on Chinese military

• Report: Chinese Hacking US Banks, Power Grid

• This is How China Hacks America: Inside the Mandiant Report – The Daily Beast

• Chinese Military Accused Of Widespread Cyber Attacks On U.S. Corporations And Government Agencies: Gothamist
• Fascinating video tracks a real Chinese hacker in action
• Researchers Name Three Hackers Tied To One Of China\’s Most Active Military Intrusion Teams – Forbes

Shanghai security officers chase a CNN crew attempting to record a building at the center of hacking allegations

• China security officers chase CNN crew – YouTube

• One Site May Be Responsible for Recent Hacks – Mike Isaac – Social – AllThingsD

Chinese officials have insisted in recent years that China is one of the biggest targets of cyberattacks.

\”Statistics show that Chinese military terminals connected to the Internet have been subjected to large numbers of attacks from abroad,\” the defense ministry said Wednesday, adding that Internet protocol addresses \”indicate that a considerable number of these attacks are from the United States, but we have never used this as a reason to accuse the United States.\”

\”Every country should handle the problem of cybersecurity in a professional and responsible manner,\” the ministry said.

• China Says Army Is Not Behind Attacks in Report

A look at Mandiant, allegations on China hacking – SFGate

• Headquartered in Alexandria, Va., Mandiant was started in 2004 by Kevin Mandia, a retired Air Force officer who carved out a lucrative niche investigating computer crimes.

• Mandiant was most recently noted for its work in helping The New York Times trace an attack on its employees\’ computers to China, following a Times investigation into China\’s Premier Wen Jiabao. The newspaper publicly acknowledged Mandiant\’s role in the case.

• Mandiant alleges that it has traced a massive hacking campaign on U.S. businesses to a drab, white 12-story office building outside Shanghai run by \”Unit 61398\” of the People\’s Liberation Army. The report contains some of the most extensive and detailed accusations on China\’s cybersnooping publicly available, including a timeline and details of malware used.

• Mandiant has an obvious commercial interest in releasing the information, too. The company said its existing customers were already warned about and protected against the techniques it discovered, and it offered a free software tool to companies and organizations to detect suspicious activity. It puts Mandiant front-and-center at a critical time on a national debate about cybersecurity.

• Its founder testified earlier this month to the House Intelligence Committee on hacking threats.

• Read the full report PDF

• U.S. Govt: Cyberattacks a \’Substantial\’ Concern – YouTube

---

— Adam Lanza Reportedly Used Violent Video Games to Hone Killing Skills —

A blacked-out gaming room helped Newtown, Conn., shooter Adam Lanza descend into his own world, CBS News senior correspondent John Miller, a former FBI assistant director, said on \”CBS This Morning.\”

• Sandy Hook shooter Adam Lanza blacked out game room, bedroom

\”During an ongoing criminal investigation, we do not release bits and pieces of a case, we simply don\’t do it so anyone that sees any information that indicates that it is associated with this case, and see \”sources,\” being the source of information, should be take a step back,\” said Lt. Vance.

• State Police dispute Lanza\’s \’motive\’

---

— US General Allen retires —

The American general tipped to become the next head of NATO has decided instead to retire. The decision came after a scandal linking him to inappropriate emails to a woman. General John Allen was nominated for the job after running the war in Afghanistan for 19 months.

• US General Allen retires

---

Feedback:

• The second amendment serves as a fine moral litmus test.

Call us: 1.425.312.1756

Follow the Us:

• Unfilter on Reddit
• Chris on Twitter
• Chase’s Geek and Gaming Network
• Chase on Twitter

The post Cyber Cold War | Unfilter 38 first appeared on Jupiter Broadcasting.

]]>