Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
Newly Discovered 'Master' Cyber Espionage Group Trumps Stuxnet
Newest First  |  Oldest First  |  Threaded View
Page 1 / 2   >   >>
Kelly Jackson Higgins
50%
50%
Kelly Jackson Higgins,
User Rank: Strategist
2/19/2015 | 4:24:32 PM
Re: Newly Discovered Master Cyber Espionage Group . . .
It's definitely not tough to guess who's behind it, but Kaspersky's not gonna say it out loud publicly.
kill -9
100%
0%
kill -9,
User Rank: Apprentice
2/18/2015 | 10:59:36 PM
Newly Discovered Master Cyber Espionage Group . . .
If one has been following the APT drama over the past several years and if one has read what Kaspersky has made available on the interwebs, it's all but impossible to ignore the trail of breadcrumbs that lead to 39°6′32″N 76°46′17″W. Even eWeek sussed it out . . .
BertrandW414
50%
50%
BertrandW414,
User Rank: Strategist
2/17/2015 | 5:09:13 PM
Equation Group's Apparent Allegiance
Given that this Equation group is astonishingly effective, aren't you a bit relieved that they are most likely run by an agency in the U.S. goverment and not run by China or Russia?! To borrow from something LBJ once said about J. Edgar Hoover (and to clean it up a bit), it is better that they are in the tent shooting out, rather than outside shooting in.
anon2023887558
100%
0%
anon2023887558,
User Rank: Apprentice
2/17/2015 | 11:53:15 AM
Re: Not that hard after all.
Yup, I remember debugging the old WD controller cards manually and it wouldn't take years to master anything about it, especially if you had the source code and didn't have to decompile anything.

Noobs,  Sheesh!
SgS125
100%
0%
SgS125,
User Rank: Ninja
2/17/2015 | 11:14:00 AM
Not that hard after all.
"This is what makes this group gods among APT actors. We have never seen anything close to this," Kamluk says. Knowing how to reprogram a hard drive would entail gathering intelligence from each vendor, which is no simple feat, he says. "Then it would take a very skilled programmer many months or years to master this."

 

Please..... Anyone who has programmed back in the 80's knows this is not true.

We used to have to write routines direct for hardware.

It's not that hard.
GonzSTL
100%
0%
GonzSTL,
User Rank: Ninja
2/17/2015 | 11:12:32 AM
Re: Newly Discovered 'Master' Cyber Espionage Group Trumps Stuxnet
Sure thing. It's quite remarkable to be linked from (ISC)², an industry and world renowned institution for IT Security.
Marilyn Cohodas
50%
50%
Marilyn Cohodas,
User Rank: Strategist
2/17/2015 | 11:09:01 AM
Re: Newly Discovered 'Master' Cyber Espionage Group Trumps Stuxnet
I don't think I picked up on that. So many thanks for sharing!
GonzSTL
50%
50%
GonzSTL,
User Rank: Ninja
2/17/2015 | 11:05:49 AM
Re: Newly Discovered 'Master' Cyber Espionage Group Trumps Stuxnet
@Marilyn: I'm sure you are aware of this, but for the benefit of the readers, (ISC)² has a link to that series, and other Dark Reading articles in their "Latest Industry News" section.
Marilyn Cohodas
50%
50%
Marilyn Cohodas,
User Rank: Strategist
2/17/2015 | 10:32:25 AM
Re: Newly Discovered 'Master' Cyber Espionage Group Trumps Stuxnet
Your comments are always worth reading, @Gonz. Glad you are enjoying the series. It does add a lot of contest to the headlines... 
GonzSTL
50%
50%
GonzSTL,
User Rank: Ninja
2/17/2015 | 10:29:36 AM
Re: Newly Discovered 'Master' Cyber Espionage Group Trumps Stuxnet
@Marilyn: Yes they have, and it really isn't a surprise! I have been following that series. They are quite interesting and thought provoking, and I've even commented a few times, for whatever that's worth.
Page 1 / 2   >   >>


News
FluBot Malware's Rapid Spread May Soon Hit US Phones
Kelly Sheridan, Staff Editor, Dark Reading,  4/28/2021
Slideshows
7 Modern-Day Cybersecurity Realities
Steve Zurier, Contributing Writer,  4/30/2021
Commentary
How to Secure Employees' Home Wi-Fi Networks
Bert Kashyap, CEO and Co-Founder at SecureW2,  4/28/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-31755
PUBLISHED: 2021-05-07
An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN. A stack buffer overflow vulnerability in /goform/setmac allows attackers to execute arbitrary code on the system via a crafted post request.
CVE-2021-31756
PUBLISHED: 2021-05-07
An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN. A stack buffer overflow vulnerability in /gofrom/setwanType allows attackers to execute arbitrary code on the system via a crafted post request. This occurs when input vector controlled by malicious attack get copie...
CVE-2021-31757
PUBLISHED: 2021-05-07
An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN. A stack buffer overflow vulnerability in /goform/setVLAN allows attackers to execute arbitrary code on the system via a crafted post request.
CVE-2021-31758
PUBLISHED: 2021-05-07
An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN. A stack buffer overflow vulnerability in /goform/setportList allows attackers to execute arbitrary code on the system via a crafted post request.
CVE-2021-31458
PUBLISHED: 2021-05-07
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handlin...