Attacks/Breaches
6/24/2014
11:05 AM
Sara Peters
Sara Peters
Commentary
Connect Directly
Twitter
RSS
E-Mail
50%
50%

Dark Reading Radio: RAT Exterminators

Join us Wednesday, June 25, at 1:00 p.m. ET for a conversation with Adam Meyers, director of intelligence for CrowdStrike.

The US Department of Justice on June 2 announced Operation Tovar, a global collaborative effort to disrupt the GameoverZeuS botnet -- responsible for hundreds of millions of dollars in bank theft and fraud. Perhaps more importantly, the operation took aim at the very underpinnings of the cybercrime industry -- the infrastructure criminals use to communicate and manage their ill-gotten gains.

Operation Tovar's plan of attack: Redirect the traffic from the bots so they can't report back to C&C servers, obtain the IP addresses of the infected machines, and share those addresses to help national CERTs and private industry assist victims in removing the GOZeuS malware from their computers.

Authorities said they could disrupt GOZeuS for about two weeks... and that time has now passed.

So... how's it going? In tomorrow's episode of Dark Reading Radio, find out how successful Operation Tovar has been thus far, how cyber criminals have responded, and what happens next.

Join us Wednesday, June 25, at 1:00 p.m. ET for a conversation with Adam Meyers, director of intelligence for CrowdStrike, one of the security companies that played a key part of Operation Tovar. Register now.

Have any questions for Adam you want me to ask? Let me know in the comments below or bring them along with you to the live chat during the radio show, when you can ask him yourself.

Sara Peters is contributing editor to Dark Reading and editor-in-chief of Enterprise Efficiency. Prior that she was senior editor for the Computer Security Institute, writing and speaking about virtualization, identity management, cybersecurity law, and a myriad of other ... View Full Bio
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
RyanSepe
50%
50%
RyanSepe,
User Rank: Ninja
6/27/2014 | 6:14:21 PM
Re: Fascinating topic
Thanks! I will be sure to give this a listen later.
Marilyn Cohodas
50%
50%
Marilyn Cohodas,
User Rank: Strategist
6/27/2014 | 7:52:52 AM
Re: Fascinating topic
Sorry you missed the show, Ryan. But you can revisit any of our Dark Reading radio broadcasts in our show archives and here's the link to the broadcast with Adam Meyers, director of intelligence for CrowdStrike. (It was a good one!)
RyanSepe
50%
50%
RyanSepe,
User Rank: Ninja
6/26/2014 | 10:22:19 PM
Re: Fascinating topic
Was this stored somewhere so I can listen to it now? I have always been a huge advocate of Crowdstrike and some of the amazing products they have. I am really interested in hearing this radio cast in particular. Thanks!
Marilyn Cohodas
50%
50%
Marilyn Cohodas,
User Rank: Strategist
6/24/2014 | 3:45:30 PM
Fascinating topic
Sounds like another great show Sara with a great guest. I'm looking forward to hearing the inside scoop from about Operation Tovar from CrowdStrike's Adam Meyers. 
More Blogs from Commentary
Infographic: With BYOD, Mobile Is The New Desktop
Security teams have no choice but to embrace the rapid proliferation of BYO devices, apps, and cloud services. To ignore it is to put your head in the sand.
Internet of Things: Security For A World Of Ubiquitous Computing
Endpoint security is hardly dead, and claiming that it is oversimplifies the challenges corporations face now and in the not-very-distant future.
CEO Report Card: Low Grades for Risk Management
Dark Reading's latest community poll shows a stunning lack of confidence in chief execs' commitment to cyber security.
A New Age in Cyber Security: Public Cyberhealth
The cleanup aimed at disrupting GameOver Zeus and CryptoLocker offers an instructive template for managing mass cyber infections.
Passwords & The Future Of Identity: Payment Networks?
The solution to the omnipresent and enduring password problem may be closer than you think.
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-7392
Published: 2014-07-22
Gitlist allows remote attackers to execute arbitrary commands via shell metacharacters in a file name to Source/.

CVE-2014-2385
Published: 2014-07-22
Multiple cross-site scripting (XSS) vulnerabilities in the web UI in Sophos Anti-Virus for Linux before 9.6.1 allow local users to inject arbitrary web script or HTML via the (1) newListList:ExcludeFileOnExpression, (2) newListList:ExcludeFilesystems, or (3) newListList:ExcludeMountPaths parameter t...

CVE-2014-4326
Published: 2014-07-22
Elasticsearch Logstash 1.0.14 through 1.4.x before 1.4.2 allows remote attackers to execute arbitrary commands via a crafted event in (1) zabbix.rb or (2) nagios_nsca.rb in outputs/.

CVE-2014-4511
Published: 2014-07-22
Gitlist before 0.5.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the file name in the URI of a request for a (1) blame, (2) file, or (3) stats page, as demonstrated by requests to blame/master/, master/, and stats/master/.

CVE-2014-4911
Published: 2014-07-22
The ssl_decrypt_buf function in library/ssl_tls.c in PolarSSL before 1.2.11 and 1.3.x before 1.3.8 allows remote attackers to cause a denial of service (crash) via vectors related to the GCM ciphersuites, as demonstrated using the Codenomicon Defensics toolkit.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Where do information security startups come from? More important, how can I tell a good one from a flash in the pan? Learn how to separate ITSec wheat from chaff in this episode.